edustaffbenefits.com Open in urlscan Pro
173.236.164.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://edustaffbenefits.com/
Effective URL:
https://edustaffbenefits.com/
Submission: On November 18 via manual (November 18th 2020, 10:43:13 pm UTC) from US

Summary HTTP 116 Redirects Links 254 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 116 HTTP transactions. The main IP is 173.236.164.104, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is edustaffbenefits.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 29th 2020. Valid for: 3 months.

This is the only time edustaffbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	173.236.164.104 173.236.164.104	26347 (DREAMHOST-AS) (DREAMHOST-AS)
28	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	63.249.66.205 63.249.66.205	11994 (CZIO-ASN) (CZIO-ASN)
1	99.86.4.207 99.86.4.207	16509 (AMAZON-02) (AMAZON-02)
8	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
7	52.46.157.171 52.46.157.171	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
12	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1	99.86.6.29 99.86.6.29	16509 (AMAZON-02) (AMAZON-02)
6	2a04:4e42:1b:... 2a04:4e42:1b::272	54113 (FASTLY) (FASTLY)
2	52.94.233.131 52.94.233.131	16509 (AMAZON-02) (AMAZON-02)
6	2.16.186.43 2.16.186.43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.16.186.104 2.16.186.104	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
116	20

3 173.236.164.104 (Brea, United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-udder.screven.dreamhost.com

edustaffbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.249.66.205 (Santa Cruz, United States)

ASN11994 (CZIO-ASN, US)
PTR: freefind.com

inc.freefind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.207 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-207.fra6.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.46.157.171 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

aax-us-east.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

85a2c74732e72d27ef54137e8da193b9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
207608e9c4f10bff737dd78609f49d29.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a35a058049bbdaaf9c4f4c40c44b4086.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.6.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-6-29.fra6.r.cloudfront.net

wms-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:1b::272 (Ascension Island)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.233.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.186.43 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-43.deploy.static.akamaitechnologies.com

res-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.104 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-104.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	media.net contextual.media.net lg3.media.net hblg.media.net	309 KB
15	googlesyndication.com 85a2c74732e72d27ef54137e8da193b9.safeframe.googlesyndication.com 207608e9c4f10bff737dd78609f49d29.safeframe.googlesyndication.com a35a058049bbdaaf9c4f4c40c44b4086.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	39 KB
13	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	302 KB
11	amazon-adsystem.com z-na.amazon-adsystem.com aax-us-east.amazon-adsystem.com wms-na.amazon-adsystem.com fls-na.amazon-adsystem.com	68 KB
9	akamaihd.net res-a.akamaihd.net qsearch-a.akamaihd.net	63 KB
9	googletagservices.com www.googletagservices.com	223 KB
7	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	191 KB
6	media-amazon.com m.media-amazon.com	18 KB
3	google.com adservice.google.com	2 KB
3	google.de adservice.google.de	2 KB
3	edustaffbenefits.com 1 redirects edustaffbenefits.com	26 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	freefind.com inc.freefind.com	4 KB
1	addthisedge.com v1.addthisedge.com	1 KB
1	moatads.com z.moatads.com	1 KB
116	15

	Domain	Requested by
15	contextual.media.net	edustaffbenefits.com contextual.media.net
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net edustaffbenefits.com
9	www.googletagservices.com	edustaffbenefits.com securepubads.g.doubleclick.net
8	lg3.media.net	edustaffbenefits.com contextual.media.net
7	aax-us-east.amazon-adsystem.com	z-na.amazon-adsystem.com edustaffbenefits.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	res-a.akamaihd.net	contextual.media.net edustaffbenefits.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net edustaffbenefits.com
6	m.media-amazon.com	edustaffbenefits.com
5	hblg.media.net	edustaffbenefits.com
3	qsearch-a.akamaihd.net	edustaffbenefits.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	api-public.addthis.com	s7.addthis.com
3	s7.addthis.com	edustaffbenefits.com s7.addthis.com
3	edustaffbenefits.com	1 redirects edustaffbenefits.com
2	fls-na.amazon-adsystem.com	edustaffbenefits.com
2	www.google-analytics.com	edustaffbenefits.com www.google-analytics.com
2	inc.freefind.com	edustaffbenefits.com inc.freefind.com
1	wms-na.amazon-adsystem.com	edustaffbenefits.com
1	a35a058049bbdaaf9c4f4c40c44b4086.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	207608e9c4f10bff737dd78609f49d29.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	85a2c74732e72d27ef54137e8da193b9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	z-na.amazon-adsystem.com	edustaffbenefits.com
116	28

This site contains links to these domains. Also see Links.

Domain
www.myeducationdiscount.com
myeducationdiscount.com
aax-us-east.amazon-adsystem.com
www.addthis.com

Subject Issuer	Validity	Valid
www.edustaffbenefits.com Let's Encrypt Authority X3	`2020-10-29` - `2021-01-27`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.freefind.com Let's Encrypt Authority X3	`2020-11-12` - `2021-02-10`	3 months	crt.sh
z-na.amazon-adsystem.com Amazon	`2020-01-09` - `2021-02-09`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
aax-us-east.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
wms-na.assoc-amazon.com Amazon	`2020-04-03` - `2021-04-02`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2020-09-16` - `2021-09-21`	a year	crt.sh
fls-na.amazon-adsystem.com Amazon	`2019-12-31` - `2020-12-24`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://edustaffbenefits.com/
Frame ID: 86F39361AF02A0BA6353675108E09514
Requests: 53 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: EE72343093843458BE467EFAEDA0FBB7
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7B744B81D402A28C72C6C6A554DF238F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HB1IT8E4&prvid=77%2C80%2C97%2C175%2C178%2C184%2C188%2C192%2C193%2C201%2C203%2C214%2C222%2C226%2C3008&itype=HB-CM&rtime=6&https=1&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=1
Frame ID: C96E265B64E7B5087633848E0E67685E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: EBA4046F9E2FC6A599DC8F01BB019411
Requests: 10 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 972E2D0A0F59249E091369649C7827CC
Requests: 10 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 75721623E72E35466EB940E8D2D3DC03
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLsbPZ0tyYon-YzgQZ66g5tKvJQsdGg4zXGaGJxi2RmEcL7WOXO88q4egmyh4D8G4wwcIzZNp8AWFBcWywCe0gHmrRqhYHIFvJjEYlF_moX1wo1jXKtNottqvcPXXXgs951Aro97xeWNymd0fkDx8uKlah-4E3tuOAm5XzecjX6xN1BIIQfa9Op3d5IE8BFyFdumFLmG7i2wEIQHqV2cVXu-QhRB_bk5NJmY3O2Ba-Q_Q1xJ1tFAADLboOSqLNACMxb9T9t9oOtkHO2MIyvonFDaMZvpYHLO_hXHTst_W-&sai=AMfl-YRIBejosEZwnATqbtvFjbRu5Ne89w70_kw27koTsgBQEMtRnI1jqXJi1Exv2MSTJLN07WbmkWVNZWNs8aGoE4iwlw680tdvge3VM_6M6TIGdrgimRsZZ-JCCRVppus&sig=Cg0ArKJSzEs9XVcm3o9OEAE&urlfix=1&adurl=
Frame ID: 0E6A63B6578A446A68D549C7C32A5A09
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV97497.js
Frame ID: D846D8F803F73B5C51FD0E8CDF8C90C6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6pE1AmB60xtEcAIfK7Kw3oNuHlRyO8O4SxFYR6LoMjI_SUsXVf5ib1_EOiOJRPhMglaS2bf019LBnuEcogCmha5Ry3z_zpAUaGHwYHUr1Y-nh7gsJO0VTnE92AX_GpWXsXXRAFGyw6_HvxGhESWIFzYxpiPrOuTs1SAO6xH-w0DlqX4_Y8ILs_XFDjMoTBRGrYVqzHLrKAnbfxGf6Xj5JMkZao9T1PJWWwASXLVcD8J-zAX0a0rZUtQmbOHNy-ozSKXCT7HUUb8Oib8Q6HnSq_nhsvDKqdyH6gC_KTi1_twNKnA&sai=AMfl-YQsUIwpwck1Wgqc3ixDQwejTmAEl2ejKpl3YvMqYgHaJrKg162Hcu_BTDutvq6BtOOgxqOoyTYZv4Ko7HYSLmLuh0e4_2g3XAVqXLOGo4_KKVTVBBXR6RRB-rY9GAY&sig=Cg0ArKJSzAw2n1Lwy_FHEAE&urlfix=1&adurl=
Frame ID: 4FF37A7029039B774B5C5BA490448DC8
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV97497.js
Frame ID: 3C582AC86F7A8CCA8F473AC6B25EAAD3
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfNKxMEM3Smb_Lax-tNPo4rZyHyeSuSR5dWlzB8FMkmnDT7Ez7o668jktTtqBXMOq3vws1SFQpYzsxcE4ZHJV1WQBOxCzEKXuU7lmPC1rGZbGNtNjDPwTvj6rKFP0qPZHRV1wDSlGOMpdtPSKuRDJg9jsvRa4NlOlVISeG7oqOQ_f6yuThTXzs0MEBtp7WtM5kEFj28QMvNd2tm-VeLDxA-aAQtAIK0DnF1i12WwEGQJrOrN9s8Tq0lIwvzeaf-A6DLb8GQwsu5RuyTDnrZjcyP_shE_PaoYGRRgxy&sai=AMfl-YQ3zUzgpO4n5l3BuzDxUGBTBkioOYX8TDOqKEy2VZ_PZtrdZBuyY887BdRhn1DRsC6MfPl4rw2NDKh6U01tUqrbaLIDAQMOcvGTVQISm1VtFZC6flfsde7WWoYnyLQf&sig=Cg0ArKJSzLuVfNL5TQmFEAE&urlfix=1&adurl=
Frame ID: A11B3DE3EC6C2DC96C86247DC5117563
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV97497.js
Frame ID: 17221EC85E53BD5E147607657F3A33D1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 8D23BE976E03028E19AE3EBC57562EE1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: FE868C331DAC65C193579B1F88A83166
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: C54950B8124B7EE455901ACEC92B9044
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://edustaffbenefits.com/ HTTP 302
https://edustaffbenefits.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

116
Requests

97 %
HTTPS

37 %
IPv6

15
Domains

28
Subdomains

20
IPs

5
Countries

1268 kB
Transfer

3626 kB
Size

11
Cookies

254 Outgoing links

These are links going to different origins than the main page.

URL: https://www.myeducationdiscount.com/

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/emailalerts.htm
Title: Sign Up for Discounts

Search URL Search Domain Scan URL

URL: https://myeducationdiscount.com/amazongiftcard.htm
Title: Enter Monthly Giveaway

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/contact.htm
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/classroom.htm
Title: Books/Classroom

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/house.htm
Title: Home/Auto

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/clothing.htm
Title: Clothing/Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/travel.htm
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/electronics.htm
Title: Electronics

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/financial.htm
Title: Finances/Utilities

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/health.htm
Title: Health/Beauty

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/food.htm
Title: Food/Drink

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gifts.htm
Title: Gifts

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/https://affiliate-program.amazon.com/home/ads/ref=sm_n_se_dkp_DK_logo?adId=logo&creativeASIN=logo&linkId=2820c00a62b6203e1be4c81c6ee96222&tag=myeducationdi-20&linkCode=w42&ref-refURL=https%3A%2F%2Fedustaffbenefits.com%2F&slotNum=0&imprToken=VIcTupXLQLlh9I1Dej62lw&adType=smart&adMode=search&adFormat=grid&impressionTimestamp=1605739375896&ac-ms-src=nsa-ads&cid=nsa-ads
Title: Ads by Amazon

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/https://www.amazon.com/adprefs/ref=sm_n_se_dkp_DK_ac?tag=myeducationdi-20&linkCode=w42
Title:

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/https://www.amazon.com/dp/B01LZXSO3H/ref=sm_n_se_dkp_DK_pr_sea_0_0_nodl?adId=B01LZXSO3H&creativeASIN=B01LZXSO3H&linkId=2820c00a62b6203e1be4c81c6ee96222&tag=myeducationdi-20&linkCode=w42&ref-refURL=https%3A%2F%2Fedustaffbenefits.com%2F&slotNum=0&imprToken=VIcTupXLQLlh9I1Dej62lw&adType=smart&adMode=search&adFormat=grid&impressionTimestamp=1605739375891
Title: Amazon Gift Card - Print - Birthday Pink Candles

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/https://edustaffbenefits.com/
Title:

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/https://www.amazon.com/dp/B071S6MDD9/ref=sm_n_se_dkp_DK_pr_sea_0_1?adId=B071S6MDD9&creativeASIN=B071S6MDD9&linkId=2820c00a62b6203e1be4c81c6ee96222&tag=myeducationdi-20&linkCode=w42&ref-refURL=https%3A%2F%2Fedustaffbenefits.com%2F&slotNum=0&imprToken=VIcTupXLQLlh9I1Dej62lw&adType=smart&adMode=search&adFormat=grid&impressionTimestamp=1605739375893
Title: adidas Women's Cloudfoam Pure Runn…

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QlFsd9X7FQ7OcoBQabWDiZAAAAF13YZr7AEAAAFKAWFOW70/https://affiliate-program.amazon.com/home/ads/ref=sm_n_se_dkp_DK_logo?adId=logo&creativeASIN=logo&linkId=2820c00a62b6203e1be4c81c6ee96222&tag=myeducationdi-20&linkCode=w42&ref-refURL=https%3A%2F%2Fedustaffbenefits.com%2F&slotNum=1&imprToken=fMoQCsz4ykdnmmUv5Ql5Cw&adType=smart&adMode=search&adFormat=grid&impressionTimestamp=1605739375937&ac-ms-src=nsa-ads&cid=nsa-ads
Title: Ads by Amazon

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QlFsd9X7FQ7OcoBQabWDiZAAAAF13YZr7AEAAAFKAWFOW70/https://www.amazon.com/adprefs/ref=sm_n_se_dkp_DK_ac?tag=myeducationdi-20&linkCode=w42
Title:

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QlFsd9X7FQ7OcoBQabWDiZAAAAF13YZr7AEAAAFKAWFOW70/https://www.amazon.com/dp/B072BLVM83/ref=sm_n_se_dkp_DK_pr_sea_0_0_nodl?adId=B072BLVM83&creativeASIN=B072BLVM83&linkId=2820c00a62b6203e1be4c81c6ee96222&tag=myeducationdi-20&linkCode=w42&ref-refURL=https%3A%2F%2Fedustaffbenefits.com%2F&slotNum=1&imprToken=fMoQCsz4ykdnmmUv5Ql5Cw&adType=smart&adMode=search&adFormat=grid&impressionTimestamp=1605739375928
Title: Educated: A Memoir

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QlFsd9X7FQ7OcoBQabWDiZAAAAF13YZr7AEAAAFKAWFOW70/https://edustaffbenefits.com/
Title:

Search URL Search Domain Scan URL

URL: https://aax-us-east.amazon-adsystem.com/x/c/QlFsd9X7FQ7OcoBQabWDiZAAAAF13YZr7AEAAAFKAWFOW70/https://www.amazon.com/dp/0826194931/ref=sm_n_se_dkp_DK_pr_sea_0_1?adId=0826194931&creativeASIN=0826194931&linkId=2820c00a62b6203e1be4c81c6ee96222&tag=myeducationdi-20&linkCode=w42&ref-refURL=https%3A%2F%2Fedustaffbenefits.com%2F&slotNum=1&imprToken=fMoQCsz4ykdnmmUv5Ql5Cw&adType=smart&adMode=search&adFormat=grid&impressionTimestamp=1605739375930
Title: Certified Academic Clinical Nurse Ed…

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/1800baskets.htm
Title: 1800Baskets.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/1800flowers.htm
Title: 1800Flowers.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/1ink.htm
Title: 1ink.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/23andme.htm
Title: 23andMe

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/abbyy.htm
Title: ABBYY

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/acmoore.htm
Title: A.C. Moore Arts & Crafts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/academicsuperstore.htm
Title: Academic Superstore

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/adobe.htm
Title: Adobe

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/adorama.htm
Title: Adorama

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/advantage.htm
Title: Advantage Rent-A-Car

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/aerosoles.htm
Title: Aerosoles

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/alfa.htm
Title: Alfa Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/starwood.htm
Title: Aloft Hotels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/amazon.htm
Title: Amazon

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/attractions.htm
Title: Amusement Parks

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ancestry.htm
Title: Ancestry.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/anntaylor.htm
Title: Ann Taylor

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/anytimefitness.htm
Title: Anytime Fitness

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/apple.htm
Title: Apple

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ashleystewart.htm
Title: Ashley Stewart

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/atandt.htm
Title: AT&T

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/caesars.htm
Title: Bally's Hotels & Casinos

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bananarepublic.htm
Title: Banana Republic

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/barnesandnoble.htm
Title: Barnes & Noble

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/wyndham.htm
Title: Baymont Inn & Suites

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/benfranklincrafts.htm
Title: Ben Franklin Crafts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bestbuy.htm
Title: Best Buy

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bestwestern.htm
Title: Best Western

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bonobos.htm
Title: Bonobos

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/booksamillion.htm
Title: Books-A-Million

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bose.htm
Title: Bose

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/tdf.htm
Title: Broadway

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/budget.htm
Title: Budget Car & Truck Rental

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/buick.htm
Title: Buick

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bunionbootie.htm
Title: Bunion Bootie

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/californiacasualty.htm
Title: California Casualty

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/calvinklein.htm
Title: Calvin Klein

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ihg.htm
Title: Candlewood Suites

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/canon.htm
Title: Canon

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/autoinsurance.htm
Title: Car Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/cars.htm
Title: Cars and Trucks

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/cascio.htm
Title: Cascio Interstate Music

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/cellphonediscount.htm
Title: Cell Phone Discounts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/champion.htm
Title: Champion

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/cheapairportparking.htm
Title: CheapAirportParking.org

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/chevy.htm
Title: Chevrolet

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/chicos.htm
Title: Chico's

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/christopherandbanks.htm
Title: Christopher & Banks

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/chrysler.htm
Title: Chrysler

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/cicis.htm
Title: CiCi's Pizza

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/classichotels.htm
Title: Classic Hotels & Resorts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/colehaan.htm
Title: Cole Haan

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/university.htm
Title: Colleges and Universities

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/columbia.htm
Title: Columbia Sportswear

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hilton.htm
Title: Conrad Hotels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/contiki.htm
Title: Contiki

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/studentaid.htm
Title: Continuing Education

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/coolframes.htm
Title: CoolFrames

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/corel.htm
Title: Corel

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/countryinn.htm
Title: Country Inn & Suites

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/marriott.htm
Title: Courtyard Hotels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/curiouschef.htm
Title: Curious Chef

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dagnedover.htm
Title: Dagne Dover

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dcshoes.htm
Title: DC Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/debtwave.htm
Title: DebtWave

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dell.htm
Title: Dell

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dibsies.htm
Title: Dibsies

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/directv.htm
Title: DIRECTV

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/discountdancesupply.htm
Title: Discount Dance Supply

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dove.htm
Title: Discount on Vehicles (DOVE)

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/floridaticketstation.htm
Title: Disney World

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dji.htm
Title: DJI

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dollargeneral.htm
Title: Dollar General

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dominos.htm
Title: Domino's Pizza

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dooney&bourke.htm
Title: Dooney & Bourke

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/drscholls.htm
Title: Dr. Scholl's Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dressbarn.htm
Title: Dressbarn

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/e-z.htm
Title: E-Z Rent-A-Car

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/earq.htm
Title: EarQ Hearing Aids

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/eddiebauer.htm
Title: Eddie Bauer

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/educatormortgageprogram.htm
Title: Educator Mortgage Program

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/eduporium.htm
Title: Eduporium

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/equityresidential.htm
Title: Equity Residential Apartments

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/esurance.htm
Title: Esurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/eyemartexpress.htm
Title: Eyemart Express

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/farfaria.htm
Title: FarFaria

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/farmersinsurance.htm
Title: Farmers Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/filmraiser.htm
Title: FilmRaiser

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ford.htm
Title: Ford

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/free.htm
Title: Free for Teachers

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/frigidaire.htm
Title: Frigidaire

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/fulbright.htm
Title: Fulbright Program

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/fundforteachers.htm
Title: Fund for Teachers

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gap.htm
Title: Gap

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/geddes.htm
Title: Geddes School Supplies

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/geico.htm
Title: Geico

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gelpro.htm
Title: GelPro

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gm.htm
Title: General Motors

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/discountedgiftcards.htm
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/giftscom.htm
Title: Gifts.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/glassesusa.htm
Title: GlassesUSA

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gmc.htm
Title: GMC Automotive

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/greendragoncoffee.htm
Title: Green Dragon Coffee

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/coupons.htm
Title: Grocery Coupons

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/handrblock.htm
Title: H&R Block

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/halfpricebooks.htm
Title: Half Price Books

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hanes.htm
Title: Hanes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/quote.htm
Title: Health Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/heroeshomeadvantage.htm
Title: Heroes Home Advantage

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hewlettpackard.htm
Title: Hewlett Packard

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/historychannel.htm
Title: History Channel

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/homedepot.htm
Title: Home Depot

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/homeinsurance.htm
Title: Home Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/homesforheroes.htm
Title: Homes for Heroes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/honda.htm
Title: Honda

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/horacemann.htm
Title: Horace Mann

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hotels.htm
Title: Hotels.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hotelstorm.htm
Title: HotelStorm

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hotelscombined.htm
Title: Hotels Combined

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/housing.htm
Title: Housing

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hudhomes.htm
Title: HUD Homes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hyundai.htm
Title: Hyundai

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/insurance.htm
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/jcrew.htm
Title: J.Crew

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/jetbrains.htm
Title: JetBrains

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/joannfabrics.htm
Title: JOANN Fabric & Craft Stores

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/jotform.htm
Title: JotForm

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/journeyed.htm
Title: JourneyEd

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/justmysize.htm
Title: Just My Size

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/karenkane.htm
Title: Karen Kane

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/kia.htm
Title: Kia Motors

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/laquinta.htm
Title: La Quinta Inns & Suites

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lakeshorelearning.htm
Title: Lakeshore Learning

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/landsend.htm
Title: Lands' End

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lasikplus.htm
Title: LasikPlus

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lenovo.htm
Title: Lenovo

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/libertymutual.htm
Title: Liberty Mutual

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lifeinsurance.htm
Title: Life Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/littlebits.htm
Title: LittleBits

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/loft.htm
Title: LOFT

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/logitech.htm
Title: Logitech

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/louandgrey.htm
Title: Lou & Grey

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lowes.htm
Title: Lowe's

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lucidchart.htm
Title: Lucidchart

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/madewell.htm
Title: Madewell

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/magazines.htm
Title: Magazines.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/mcafee.htm
Title: McAfee

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/meemic.htm
Title: Meemic Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/michaels.htm
Title: Michaels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/microsoft.htm
Title: Microsoft

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/mightyskins.htm
Title: MightySkins

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/monstermovers.htm
Title: Monster Movers

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/motel6.htm
Title: Motel 6

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/msccruises.htm
Title: MSC Cruises

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/musiciansfriend.htm
Title: Musician's Friend

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/musicnotes.htm
Title: Musicnotes.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/vmb.htm
Title: Myrtle Beach Resorts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/nakedbinder.htm
Title: Naked Binder

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/nationalgeographic.htm
Title: National Geographic

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/newyorkandcompany.htm
Title: New York & Company

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ninewest.htm
Title: Nine West

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/officedepot.htm
Title: Office Depot

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/officemax.htm
Title: OfficeMax

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/onehanesplace.htm
Title: OneHanesPlace

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/openroadlending.htm
Title: OpenRoad Lending

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/orlandoemployeediscounts.htm
Title: Orlando Employee Discounts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/otl.htm
Title: OTL Seat Fillers

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/overstock.htm
Title: Overstock

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/partycity.htm
Title: Party City

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/pencils.htm
Title: Pencils.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/peoplesbank.htm
Title: Peoples Bank

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/petco.htm
Title: Petco

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/petsmart.htm
Title: PetSmart

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/petsintheclassroom.htm
Title: Pets in the Classroom

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/pizzahut.htm
Title: Pizza Hut

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/plymouthrock.htm
Title: Plymouth Rock Assurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/puzzleringemporium.htm
Title: Puzzle Ring Emporium

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/quiksilver.htm
Title: Quiksilver

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/rationale.htm
Title: Rationale

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/residentialhomefunding.htm
Title: Residential Home Funding

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/restaurant.htm
Title: Restaurant.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/rhone.htm
Title: Rhone Activewear

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/roxy.htm
Title: Roxy

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/saucony.htm
Title: Saucony

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/schooltheatreticketprogram.htm
Title: School Theatre Tix Program

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/schumacher.htm
Title: Schumacher Homes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/selfcad.htm
Title: SelfCAD

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/sert.htm
Title: SERT Data Recovery

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/silhouette.htm
Title: Silhouette

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/sixflags.htm
Title: Six Flags Theme Parks

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/sixt.htm
Title: Sixt Rent-A-Car

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/southmoonunder.htm
Title: South Moon Under

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/sperry.htm
Title: Sperry Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/sprint.htm
Title: Sprint

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/STAtravel.htm
Title: STA Travel

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/staysky.htm
Title: StaySky Orlando Hotels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/studentloanconsolidation.htm
Title: Student Loan Consolidation

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/studentuniverse.htm
Title: Student Universe

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/surveys.htm
Title: Surveys

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/swananddolphinresort.htm
Title: Swan & Dolphin Resort

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/talbots.htm
Title: Talbots

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/teacherstravelweb.htm
Title: Teachers Travel Web

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/techsmith.htm
Title: TechSmith

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/texasinstruments.htm
Title: Texas Instruments

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/thecontainerstore.htm
Title: The Container Store

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/newyorktimes.htm
Title: The New York Times

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/thewallstreetjournal.htm
Title: The Wall Street Journal

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/thewashingtonpost.htm
Title: The Washington Post

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/thriftbooks.htm
Title: ThriftBooks

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/tilghman.htm
Title: Tilghman Resort

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/tommyhilfiger.htm
Title: Tommy Hilfiger

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/tommyjohn.htm
Title: Tommy John

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/toms.htm
Title: TOMS Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/turbotax.htm
Title: TurboTax

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/uscellular.htm
Title: U.S. Cellular

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/usatoday.htm
Title: USA Today

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/verizonwireless.htm
Title: Verizon

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/vineyardvines.htm
Title: Vineyard Vines

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/vipkid.htm
Title: VIPKID

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/waldorfastoriaorlando.htm
Title: Waldorf Astoria Orlando

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/walmart.htm
Title: Walmart

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/westelm.htm
Title: West Elm

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/westerndigital.htm
Title: Western Digital

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/westgate.htm
Title: Westgate Resorts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/whitehouseblackmarket.htm
Title: White House Black Market

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/wildmoose.htm
Title: Wild Moose Ornament Co.

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/woodwindandbrasswind.htm
Title: Woodwind & Brasswind

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ymca.htm
Title: YMCA

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/zipcar.htm
Title: Zipcar

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/privacy.htm
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://edustaffbenefits.com/ HTTP 302
https://edustaffbenefits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

116 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
edustaffbenefits.com/
Redirect Chain

http://edustaffbenefits.com/
https://edustaffbenefits.com/

37 KB
7 KB

391ms
142ms

Document
text/html

173.236.164.104
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.236.164.104 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-udder.screven.dreamhost.com
Software: Apache /
Resource Hash: 8818c60cc013ab666ff48bc5ba5e103dea360adc4b1db9ecaa54151a23617095

Request headers

:method: GET
:authority: edustaffbenefits.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
server: Apache
last-modified: Mon, 03 Dec 2018 14:53:48 GMT
etag: "9248-57c1f50fd01e8-gzip"
accept-ranges: bytes
cache-control: max-age=0, public
expires: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7223
content-type: text/html

Redirect headers

Date: Wed, 18 Nov 2020 22:42:54 GMT
Server: Apache
Location: https://edustaffbenefits.com/
Cache-Control: max-age=0
Expires: Wed, 18 Nov 2020 22:42:54 GMT
Content-Length: 213
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 442 KB
142 KB 129ms
65ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

808dfff53a1b63da76e07ff30c84fa98f20a5130220554353ba7822227cf54fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-mnt-h: 12-17
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "be45c8434af34368a14b007495ecb607"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Wed, 18 Nov 2020 22:42:55 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-16
expires: Wed, 18 Nov 2020 22:47:55 GMT

GET
H/1.1 200
OK ffse-overlay.min.js Show response
inc.freefind.com/inc/ 9 KB
3 KB 964ms
221ms Script
text/javascript 63.249.66.205
CZIO-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inc.freefind.com/inc/ffse-overlay.min.js
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.249.66.205 Santa Cruz, United States, ASN11994 (CZIO-ASN, US),
Reverse DNS: freefind.com
Software: unknown /
Resource Hash: a839fd8c9525049492e5bedbaf3b7dbd63d7b324059c412936366d4e69c76cf1

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
Last-Modified: Tue, 10 Apr 2018 20:55:47 GMT
Server: unknown
Content-Type: text/javascript; charset=utf-8
Cache-control: max-age=300
Content-Length: 3202
Expires: Wed, 18 Nov 2020 22:47:55 GMT

GET
H2 200 My_EducationDiscount.gif
edustaffbenefits.com/images/ 19 KB
19 KB 139ms
139ms Image
image/gif 173.236.164.104
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edustaffbenefits.com/images/My_EducationDiscount.gif
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.236.164.104 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-udder.screven.dreamhost.com
Software: Apache /
Resource Hash: 0a4f6713e204ad529e8d6b1699b0652c11071747293b118c3eeee19dc48e5425

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
last-modified: Tue, 30 Aug 2016 18:56:15 GMT
server: Apache
etag: "4a41-53b4e88f811c0"
vary: User-Agent
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19009
expires: Fri, 18 Dec 2020 22:42:55 GMT

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 112ms
39ms Script
application/javascript 99.86.4.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.207 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-207.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 792136a6469ccb115af681ae4ab778c8567915914691b7b6405368ec82b2bc3c

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: Public
date: Wed, 18 Nov 2020 03:39:47 GMT
content-encoding: gzip
server: Server
age: 68588
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
x-amz-cf-pop: FRA6-C1
content-length: 7868
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id: vpzeLsbXX8RpAZAZX2PtYmbsSI12JQtdr8jUZoDRckzkT8ZEM4o_og==
expires: Thu, 19 Nov 2020 03:39:47 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 101ms
36ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 18 Nov 2020 22:42:55 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5227
date: Wed, 18 Nov 2020 21:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 18 Nov 2020 23:15:48 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
393 B 40ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1990583089&t=pageview&_s=1&dl=https%3A%2F%2Fedustaffbenefits.com%2F&ul=en-us&de=UTF-8&dt=My%20Education%20Discount%20-%20Teacher%20Discounts%20and%20Education%20Discounts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1423886376&gjid=1801303441&cid=1468988469.1605739375&tid=UA-8780677-1&_gid=943372084.1605739375&_r=1&_slc=1&z=168552663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 13ms
12ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-8780677-1&cid=1468988469.1605739375&jid=1423886376&gjid=1801303441&_gid=943372084.1605739375&_u=IEBAAEAAAAAAAC~&z=1390233306

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 18 Nov 2020 22:42:55 GMT
content-type: text/plain
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ 137 KB
27 KB 419ms
192ms Script
text/javascript 52.46.157.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22size%22%3A%22300x600%22%2C%22placement%22%3A%22adunit0%22%2C%22search_bar%22%3A%22true%22%2C%22tracking_id%22%3A%22myeducationdi-20%22%2C%22search_bar_position%22%3A%22top%22%2C%22ad_mode%22%3A%22search%22%2C%22ad_type%22%3A%22smart%22%2C%22marketplace%22%3A%22amazon%22%2C%22region%22%3A%22US%22%2C%22title%22%3A%22Search%20Amazon%20For%20Discounts%22%2C%22linkid%22%3A%222820c00a62b6203e1be4c81c6ee96222%22%2C%22default_search_phrase%22%3A%22Teacher%22%2C%22default_category%22%3A%22All%22%2C%22rows%22%3A%221%22%2C%22viewerCountry%22%3A%22DK%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22myeducationdi-20%22%2C%22slotNum%22%3A0%2C%22ead%22%3A4%7D&u=https%3A%2F%2Fedustaffbenefits.com%2F&jscb=amzn_assoc_jsonp_callback_adunit0_0
Requested by: Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.157.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 5363a457de9f579a43984b2cb7d0b3c67b6adad620726c4fc6e8b96e34041320

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Server
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ 138 KB
27 KB 476ms
237ms Script
text/javascript 52.46.157.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22size%22%3A%22300x600%22%2C%22placement%22%3A%22adunit0%22%2C%22search_bar%22%3A%22true%22%2C%22tracking_id%22%3A%22myeducationdi-20%22%2C%22search_bar_position%22%3A%22top%22%2C%22ad_mode%22%3A%22search%22%2C%22ad_type%22%3A%22smart%22%2C%22marketplace%22%3A%22amazon%22%2C%22region%22%3A%22US%22%2C%22title%22%3A%22Search%20Amazon%20For%20Discounts%22%2C%22linkid%22%3A%222820c00a62b6203e1be4c81c6ee96222%22%2C%22default_search_phrase%22%3A%22Educators%22%2C%22default_category%22%3A%22All%22%2C%22rows%22%3A%221%22%2C%22viewerCountry%22%3A%22DK%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22myeducationdi-20%22%2C%22slotNum%22%3A1%2C%22ead%22%3A4%7D&u=https%3A%2F%2Fedustaffbenefits.com%2F&jscb=amzn_assoc_jsonp_callback_adunit0_1
Requested by: Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.157.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 272fd91e29d95e6fad87b623f01184a2f58d98a184ca2ab685f1a1e8acca7cec

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Server
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 96ms
32ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48864
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4d88980229d47f9a/ 3 KB
1 KB 205ms
203ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4d88980229d47f9a/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3061571fe495b1ee4e7545643a3ac6f949c36766134f48a3fec77a1cabeb02a8

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
etag: -2036131162--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 941

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 133ms
130ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fb5a36f82ca3b05&bkl=0&bl=1&pdt=744&sid=5fb5a36f82ca3b05&pub=ra-4d88980229d47f9a&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=edustaffbenefits.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=teacher%20discounts%2Ceducation%20discounts&colc=1605739375303&jsl=0&uvs=5fb5a36f7814e61f000&skipb=1&callback=addthis.cbs.jsonp__78573727301670290
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cac4aa6bfdba0933446ef04d31f4bd98470b55ba82df1641171b7e7a61a3561e

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:55 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame EE72 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7B74 0
0 42ms
42ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edustaffbenefits.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://edustaffbenefits.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 checksync.php
contextual.media.net/ Frame C96E 0
0 101ms
101ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HB1IT8E4&prvid=77%2C80%2C97%2C175%2C178%2C184%2C188%2C192%2C193%2C201%2C203%2C214%2C222%2C226%2C3008&itype=HB-CM&rtime=6&https=1&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HB1IT8E4&prvid=77%2C80%2C97%2C175%2C178%2C184%2C188%2C192%2C193%2C201%2C203%2C214%2C222%2C226%2C3008&itype=HB-CM&rtime=6&https=1&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edustaffbenefits.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://edustaffbenefits.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sat, 22 May 2021 22:42:55 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=587360
expires: Wed, 25 Nov 2020 17:52:15 GMT
date: Wed, 18 Nov 2020 22:42:55 GMT
content-length: 7645

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 9 KB
2 KB 224ms
224ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=0&usp_enf=1&usp_status=0&cid=8HB1IT8E4&region=nv&ptrid=8PREB0781&requestString=236436478*4%7C300x600%7C8CUPUJ3VT%7C548524866%7C%40236436478*97%7C300x600%7C8CUPUJ3VT%7C548524866_8CUPUJ3VT%7C%40236436478*175%7C300x600%7C8CUPUJ3VT%7C548524866_8CUPUJ3VT%7C%40236436478*178%7C300x600%7C8CUPUJ3VT%7C548524866_8CUPUJ3VT%7C%40236436478*201%7C300x600%7C8CUPUJ3VT%7C548524866_8CUPUJ3VT%7C%40236436478*203%7C300x600%7C8CUPUJ3VT%7C548524866_8CUPUJ3VT%7C%40236436478*214%7C300x600%7C8CUPUJ3VT%7C548524866_8CUPUJ3VT%7C%40236436478*222%7C300x600%7C8CUPUJ3VT%7C548524866_8CUPUJ3VT%7C&crid=236436478&sd=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&bl=1&rt=5&dn=https://edustaffbenefits.com&https=1&act=headerBid&prvReqId=324050419050532461605739375370&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.6143703585192068&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A2203%7D&itype=HB-CM&cc=DK&ct=COPENHAGEN&bt=1&isRefresh=0&callback=window.hbCMBidxc.rtbsheaderBid3S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c35cc95c2ae875207509c5336f5ec5dc39af72e2a0292fa357c2c2f1fa1ff053

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 1906
x-mnet-hl2: E
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 1 KB
900 B 152ms
151ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=0&usp_enf=1&usp_status=0&cid=8HB1IT8E4&region=nv&ptrid=8PREB0781&requestString=236436478*3008%7C1x1__1%7C8CUPUJ3VT%7C548524866%7C&crid=236436478&sd=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&bl=1&rt=5&dn=https://edustaffbenefits.com&https=1&act=headerBid&prvReqId=470649917068205951605739375373&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.6941864686040236&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A2203%7D&itype=HB-CM&cc=DK&ct=COPENHAGEN&at=3&bt=1&callback=window.hbCMBidxc.rtbsnativeheaderBid3S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ac3d82ba31bf0077f6e23dd11adbdf43f738051db1ad14527e0dfcdbf25b3964

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 690
x-mnet-hl2: E
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame EBA4 54 KB
18 KB 61ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61501109dfad939b31372d5b6ca50cc4678f7bf7fc6adf1be38ffb346b9a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 366 of 1000 / last-modified: 1605701398"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18128
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 9 KB
2 KB 259ms
258ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=0&usp_enf=1&usp_status=0&cid=8HB1IT8E4&region=nv&ptrid=8PREB0781&requestString=511763506*4%7C300x250%7C8CUPUJ3VT%7C552520905%7C%40511763506*97%7C300x250%7C8CUPUJ3VT%7C552520905_8CUPUJ3VT%7C%40511763506*175%7C300x250%7C8CUPUJ3VT%7C552520905_8CUPUJ3VT%7C%40511763506*178%7C300x250%7C8CUPUJ3VT%7C552520905_8CUPUJ3VT%7C%40511763506*201%7C300x250%7C8CUPUJ3VT%7C552520905_8CUPUJ3VT%7C%40511763506*203%7C300x250%7C8CUPUJ3VT%7C552520905_8CUPUJ3VT%7C%40511763506*214%7C300x250%7C8CUPUJ3VT%7C552520905_8CUPUJ3VT%7C%40511763506*222%7C300x250%7C8CUPUJ3VT%7C552520905_8CUPUJ3VT%7C&crid=511763506&sd=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&bl=1&rt=5&dn=https://edustaffbenefits.com&https=1&act=headerBid&prvReqId=334153559661974401605739375383&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.8460947461060373&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A2203%7D&itype=HB-CM&cc=DK&ct=COPENHAGEN&bt=1&isRefresh=0&callback=window.hbCMBidxc.rtbsheaderBid4S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

85692354268b6363ba5550cd85220b9d9cff39579a06aa61a3ecb2c4683618c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 1874
x-mnet-hl2: E
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 1 KB
899 B 161ms
161ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=0&usp_enf=1&usp_status=0&cid=8HB1IT8E4&region=nv&ptrid=8PREB0781&requestString=511763506*3008%7C1x1__1%7C8CUPUJ3VT%7C552520905%7C&crid=511763506&sd=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&bl=1&rt=5&dn=https://edustaffbenefits.com&https=1&act=headerBid&prvReqId=324202521939106151605739375384&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.9113953973236402&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A2203%7D&itype=HB-CM&cc=DK&ct=COPENHAGEN&at=3&bt=1&callback=window.hbCMBidxc.rtbsnativeheaderBid4S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a5a1c656e0da8624cd4a9f1bcaaa62207386b3877c0897a783a25cc3a1f75f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 689
x-mnet-hl2: E
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 972E 54 KB
18 KB 55ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8f3f6ece27f046f9c4d1f1caf611b415f6ebc2aae6fa92d7e82f4fd41b1027f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 724 of 1000 / last-modified: 1605701336"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18126
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 9 KB
2 KB 393ms
393ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=0&usp_enf=1&usp_status=0&cid=8HB1IT8E4&region=nv&ptrid=8PREB0781&requestString=998585695*4%7C300x250%7C8CUPUJ3VT%7C965214225%7C%40998585695*97%7C300x250%7C8CUPUJ3VT%7C965214225_8CUPUJ3VT%7C%40998585695*175%7C300x250%7C8CUPUJ3VT%7C965214225_8CUPUJ3VT%7C%40998585695*178%7C300x250%7C8CUPUJ3VT%7C965214225_8CUPUJ3VT%7C%40998585695*201%7C300x250%7C8CUPUJ3VT%7C965214225_8CUPUJ3VT%7C%40998585695*203%7C300x250%7C8CUPUJ3VT%7C965214225_8CUPUJ3VT%7C%40998585695*214%7C300x250%7C8CUPUJ3VT%7C965214225_8CUPUJ3VT%7C%40998585695*222%7C300x250%7C8CUPUJ3VT%7C965214225_8CUPUJ3VT%7C&crid=998585695&sd=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&bl=1&rt=5&dn=https://edustaffbenefits.com&https=1&act=headerBid&prvReqId=290450839034400581605739375393&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.7728679289195202&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A2203%7D&itype=HB-CM&cc=DK&ct=COPENHAGEN&bt=1&isRefresh=0&callback=window.hbCMBidxc.rtbsheaderBid5S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ab09a13ace8d082e34d0338a98d6add85d9a64e553204672b37fa5d8f99fbde6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 1913
x-mnet-hl2: E
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 1 KB
948 B 308ms
307ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=0&usp_enf=1&usp_status=0&cid=8HB1IT8E4&region=nv&ptrid=8PREB0781&requestString=998585695*3008%7C1x1__1%7C8CUPUJ3VT%7C965214225%7C&crid=998585695&sd=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&bl=1&rt=5&dn=https://edustaffbenefits.com&https=1&act=headerBid&prvReqId=864865259043735101605739375394&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.8943906238549224&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A2203%7D&itype=HB-CM&cc=DK&ct=COPENHAGEN&at=3&bt=1&callback=window.hbCMBidxc.rtbsnativeheaderBid5S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

711970417b7ef261c40032f765bf4b838705a9103785b979e890b1c3fda96878

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 738
x-mnet-hl2: E
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7572 54 KB
18 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8f3f6ece27f046f9c4d1f1caf611b415f6ebc2aae6fa92d7e82f4fd41b1027f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 868 of 1000 / last-modified: 1605701336"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18126
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 61ms
54ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUPUJ3VT&crid=548524866&vi=1605739375920813447&ugd=4&lf=6&cc=DK&wsip=2886781008&r=1605739375342&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001605739375337013824215047973&gdpr=1&vgd_end=1

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 18 Nov 2020 22:42:55 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 61ms
54ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUPUJ3VT&crid=552520905&vi=1605739375515310984&ugd=4&lf=6&cc=DK&wsip=2886781008&r=1605739375381&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001605739375380013824215049751&gdpr=1&vgd_end=1

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 18 Nov 2020 22:42:55 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 64ms
57ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUPUJ3VT&crid=965214225&vi=1605739375276590255&ugd=4&lf=6&cc=DK&wsip=2886781008&r=1605739375392&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001605739375390013824215046677&gdpr=1&vgd_end=1

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 18 Nov 2020 22:42:55 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 pubads_impl_2020111201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7572 277 KB
98 KB 193ms
100ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

0f7629d61b75eb6d7c66ef4b50d1834816a73712cff60247ac19f997502ba573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 09:41:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99790
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 pubads_impl_2020111201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EBA4 277 KB
98 KB 194ms
110ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068759

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

0f7629d61b75eb6d7c66ef4b50d1834816a73712cff60247ac19f997502ba573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 09:41:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99790
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 pubads_impl_2020111201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 972E 277 KB
98 KB 157ms
75ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

0f7629d61b75eb6d7c66ef4b50d1834816a73712cff60247ac19f997502ba573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 09:41:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99790
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:55 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 33ms
33ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 18 Nov 2020 22:42:55 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
245 B 188ms
187ms XHR
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fedustaffbenefits.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: shares-post
last-modified: Wed, 18 Nov 2020 22:00:00 GMT
server: nginx/1.15.8
date: Wed, 18 Nov 2020 22:42:55 GMT
content-type: application/json
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
285 B 199ms
197ms Script
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fedustaffbenefits.com%2F&callback=_ate.cbs.rcb_4m7w0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

03ac65326f119372a6a3e422c33759bd08c6692edf6f04533379eaffe4e8458f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: edustaffbenefits.com/
last-modified: Wed, 18 Nov 2020 22:42:55 GMT
server: nginx/1.15.8
date: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 32 B
284 B 197ms
196ms Script
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fedustaffbenefits.com%2F&callback=_ate.cbs.rcb_hp40

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

5a76f96103772adf1233414ea54026fb3906837719aeaf643d72b9641691fc9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: edustaffbenefits.com/
last-modified: Wed, 18 Nov 2020 22:42:55 GMT
server: nginx/1.15.8
date: Wed, 18 Nov 2020 22:42:55 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 52

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 83 KB
24 KB 573ms
573ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUPUJ3VT&cpcd=fH60FJQFzgZHNuNx1tMg0A%3D%3D&crid=548524866&size=300x600&cc=DK&https=1&vif=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&nse=5&vi=1605739375920813447&lw=1&ugd=4&rtbs=1&hlt=1&dfp=1&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

99f8536aff0108e158d84daccecdfa0c013e5e7e6086eed0119cfec0e73a6f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-5
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Wed, 18 Nov 2020 22:42:56 GMT
x-mnt-w: 10-3, 10-5
content-length: 23975
expires: Wed, 18 Nov 2020 22:47:56 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 57 KB
12 KB 377ms
377ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUPUJ3VT&cpcd=fH60FJQFzgZHNuNx1tMg0A%3D%3D&crid=552520905&size=300x250&cc=DK&https=1&vif=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&nse=5&vi=1605739375515310984&lw=1&ugd=4&rtbs=1&hlt=1&dfp=1&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3976f73e83d8a546b1ef0193cdd63d3b2b39f363310899d1c1d111cac53ed0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-5
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Wed, 18 Nov 2020 22:42:56 GMT
x-mnt-w: 10-9
content-length: 12275
expires: Wed, 18 Nov 2020 22:47:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 972E 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=edustaffbenefits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 972E 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edustaffbenefits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 972E 4 KB
3 KB 536ms
485ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1657452616870561&correlator=3611289640423024&output=ldjh&impl=fif&eid=21068750%2C21068030%2C21068418&vrg=2020111201&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201118&iu_parts=45361917%2C8CUPUJ3VT-552520905-searchtargetad2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=crid%3D552520905%26mnet_segment%3D5.72%26mnet_variant%3D426%26pub_domain%3Dedustaffbenefits.com%26mnet_cc%3DDK%26mnet_bucketid%3Db3%26RubiconSS%3D2209%26mnet_pid%3D8PRHGG6T9%26fp%3Dkckq&eri=4&cookie_enabled=1&bc=31&abxe=1&dt=1605739375731&dlt=1605739375386&idt=325&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=315&adys=874&adks=610243829&ucis=jrne877zyy4y&ifi=1&ifk=998759838&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fedustaffbenefits.com%2F&top=edustaffbenefits.com&dssz=5&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1468988469.1605739375&ga_sid=1605739376&ga_hid=1663701352&ga_fc=true&fws=256&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

953f2382dba08291a41de1ef52c413e62ed4f6a1803a9ecbac03358772b095ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2588
x-xss-protection: 0
google-lineitem-id: 731896877
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 33134182877
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
85a2c74732e72d27ef54137e8da193b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 972E 0
0 71ms
38ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://85a2c74732e72d27ef54137e8da193b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame EBA4 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=edustaffbenefits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EBA4 109 B
169 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edustaffbenefits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EBA4 4 KB
3 KB 438ms
421ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2703491899027817&correlator=10772641812034&output=ldjh&impl=fif&eid=21068755%2C21068759%2C21068418&vrg=2020111201&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201118&iu_parts=45361917%2C8CUPUJ3VT-548524866-Ad_Unit_20&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=crid%3D548524866%26mnet_segment%3D5.72%26mnet_variant%3D426%26pub_domain%3Dedustaffbenefits.com%26mnet_cc%3DDK%26mnet_bucketid%3Db3%26RubiconSS%3D2209%26mnet_pid%3D8PRHGG6T9%26fp%3Dkckq&eri=4&cookie_enabled=1&bc=31&abxe=1&dt=1605739375766&dlt=1605739375375&idt=373&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=315&adys=198&adks=2793210303&ucis=25r56uf7gz9o&ifi=1&ifk=998705349&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fedustaffbenefits.com%2F&top=edustaffbenefits.com&dssz=5&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=1468988469.1605739375&ga_sid=1605739376&ga_hid=830951484&ga_fc=true&fws=256&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068759

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

0497a9b4437d4f918455b4097b2eedd811afb4713adfd61836bb7b22e526cd64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2599
x-xss-protection: 0
google-lineitem-id: 731896877
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 35793379877
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
207608e9c4f10bff737dd78609f49d29.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EBA4 0
0 69ms
54ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://207608e9c4f10bff737dd78609f49d29.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068759
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7572 109 B
781 B 36ms
22ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=edustaffbenefits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7572 109 B
781 B 45ms
28ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edustaffbenefits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 79 KB
24 KB 389ms
388ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUPUJ3VT&cpcd=fH60FJQFzgZHNuNx1tMg0A%3D%3D&crid=965214225&size=300x250&cc=DK&https=1&vif=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&nse=5&vi=1605739375276590255&lw=1&ugd=4&rtbs=1&hlt=1&dfp=1&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

214bec3c81c3df6b3334f4240bad72a7f8bcf89ab9617bccfa3dbc66b16a4c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-5
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Wed, 18 Nov 2020 22:42:56 GMT
x-mnt-w: 10-5
content-length: 24020
expires: Wed, 18 Nov 2020 22:47:56 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7572 4 KB
3 KB 496ms
496ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1697850164962379&correlator=4074425709278600&output=ldjh&impl=fif&eid=21067994%2C21068736%2C21068418&vrg=2020111201&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201118&iu_parts=45361917%2C8CUPUJ3VT-965214225-300x250R&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=crid%3D965214225%26mnet_segment%3D5.72%26mnet_variant%3D426%26pub_domain%3Dedustaffbenefits.com%26mnet_cc%3DDK%26mnet_bucketid%3Db3%26RubiconSS%3D2209%26mnet_pid%3D8PRHGG6T9%26fp%3Dkckq&eri=4&cookie_enabled=1&bc=31&abxe=1&dt=1605739375799&dlt=1605739375396&idt=380&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=315&adys=1200&adks=3832757279&ucis=bdjznpota58s&ifi=1&ifk=998759838&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fedustaffbenefits.com%2F&top=edustaffbenefits.com&dssz=5&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1468988469.1605739375&ga_sid=1605739376&ga_hid=518761221&ga_fc=true&fws=256&ohw=0&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

fd75ae2c5ede28770a24de5e7f98c68ae9a513576af565683e5de7420d1b5a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2598
x-xss-protection: 0
google-lineitem-id: 731896877
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 33134140517
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a35a058049bbdaaf9c4f4c40c44b4086.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7572 0
0 51ms
38ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a35a058049bbdaaf9c4f4c40c44b4086.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amzn-nsa-sprite-2x.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ 4 KB
5 KB 108ms
33ms Image
image/png 99.86.6.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/amzn-nsa-sprite-2x.png
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.6.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-6-29.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 3d363721e733cd455560f59c74cffdb28148623c7c716a23403bd6b85696b4fa

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 00:51:15 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jul 2020 09:22:05 GMT
server: Server
age: 251500
etag: "10ef-5a9c2687dd78b"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 4335
x-amz-cf-id: BcuvK-8D92vybpvwFCmTZbkMGx5dCrcgUrjHZ2gPTc8l1XHRNW_QgQ==
expires: Mon, 23 Nov 2020 00:51:15 GMT

GET
H2 200 415bL44KmTL._AC_SL115_.jpg
m.media-amazon.com/images/I/ 3 KB
3 KB 21ms
7ms Image
image/jpeg 2a04:4e42:1b::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/415bL44KmTL._AC_SL115_.jpg
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed1ffb14aed67de4970e9daebcd50d6d09c5df60141c4f5d0cd7c57a0efe483d

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
last-modified: Fri, 30 Sep 2016 17:16:55 GMT
age: 176429
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 11 Nov 2040 21:42:26 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: b446de6e-6bb2-4a75-b1d1-8039d1ef57ec
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 3126
x-served-by: cache-dca17761-DCA, cache-hhn4039-HHN

GET
H2 200 41EaEnCIE2L._AC_SL115_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 21ms
6ms Image
image/jpeg 2a04:4e42:1b::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41EaEnCIE2L._AC_SL115_.jpg
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cb3e757bd3ff3154d5501007bc746f2b4861540c6f1ad9b19d161f918c1205e6

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
last-modified: Fri, 09 Oct 2020 09:07:01 GMT
age: 453350
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 02 Nov 2040 02:11:41 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: ce525d6e-a0cc-4b31-8ce0-0ba6de4ce45e
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2072
x-served-by: cache-dca17740-DCA, cache-hhn4039-HHN

GET
H/1.1 200
OK /
aax-us-east.amazon-adsystem.com/x/px/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/ 43 B
245 B 113ms
112ms Image
image/gif 52.46.157.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/?assoc_payload=%7B%22regionId%22%3A%221%22%2C%22ref%22%3A%22sm_n_se_dkp_DK_%22%2C%22adMode%22%3A%22search%22%2C%22linkCode%22%3A%22w42%22%2C%22trackingId%22%3A%22myeducationdi-20%22%2C%22linkId%22%3A%222820c00a62b6203e1be4c81c6ee96222%22%2C%22country%22%3A%22DK%22%2C%22deviceType%22%3A%22BROWSER%22%2C%22searchBarPresent%22%3Atrue%2C%22defaultCategory%22%3A%22All%22%2C%22defaultSearchPhrase%22%3A%22Teacher%22%2C%22givenWidth%22%3A%22300%22%2C%22givenHeight%22%3A%22600%22%2C%22givenRows%22%3A1%2C%22visibleItemCount%22%3A2%2C%22axfExperiment%22%3A%22%5B%5D%22%2C%22slotNum%22%3A%220%22%2C%22items%22%3A%5B%7B%22itemType%22%3A%22ASIN%22%2C%22id%22%3A%22B01LZXSO3H%22%2C%22source%22%3A%22Search%22%2C%22row%22%3A0%2C%22column%22%3A0%2C%22extraInfo%22%3A%7B%7D%7D%2C%7B%22itemType%22%3A%22ASIN%22%2C%22id%22%3A%22B071S6MDD9%22%2C%22source%22%3A%22Search%22%2C%22row%22%3A0%2C%22column%22%3A1%2C%22extraInfo%22%3A%7B%7D%7D%5D%2C%22logType%22%3A%22smart_impressions%22%2C%22design%22%3A%22grid%22%2C%22ead%22%3A4%2C%22livePoolPCScore%22%3A-1%2C%22livePoolModelVersion%22%3A%22LivePoolV1%22%2C%22contXPCScore%22%3A-1%2C%22contXModelVersion%22%3A%22ContXV1%22%2C%22totalDocHeight%22%3A2203%2C%22totalDocWidth%22%3A1600%2C%22actualWidth%22%3A300%2C%22actualHeight%22%3A325%2C%22atfInFirstLoad%22%3Atrue%2C%22posX%22%3A315%2C%22posY%22%3A838%2C%22refUrl%22%3A%22https%3A%2F%2Fedustaffbenefits.com%2F%22%7D
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.157.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Nov 2020 22:42:55 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H/1.1 204
No Content cm_:onejs_load_evt@v=864,onejs_exec_time@v=1,aax_load_time@v=610,aax_load_time_smart@v=610,wdgt_load_time@v=1529,wdgt_load_time_DK@v=1529,wdgt_load_time_smart@v=1529,wdgt_load_time_invoke@v=665,wdg...
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 0
146 B 446ms
110ms Image
text/plain 52.94.233.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=864,onejs_exec_time@v=1,aax_load_time@v=610,aax_load_time_smart@v=610,wdgt_load_time@v=1529,wdgt_load_time_DK@v=1529,wdgt_load_time_smart@v=1529,wdgt_load_time_invoke@v=665,wdgt_load_time_invoke_smart@v=665,wdgt_load_time_invoke_smart_DK@v=665?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=635905ea-0623-49a6-a309-25596102107f&session=1627844c-9637-4998-b61b-3e7ca4f799d7
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:55 GMT
x-amzn-RequestId: d58a7f6b-ba35-4028-8b84-c88c6a655403
Content-Type: text/plain

GET
H/1.1 200
OK %7B%22adViewability%22:[%7B%22above_the_fold%22:true,%22topPos%22:0.7,%22leftPos%22:0.198125%7D]%7D&cb=5062969
aax-us-east.amazon-adsystem.com/x/px/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/ 43 B
245 B 132ms
121ms Image
image/gif 52.46.157.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/%7B%22adViewability%22:[%7B%22above_the_fold%22:true,%22topPos%22:0.7,%22leftPos%22:0.198125%7D]%7D&cb=5062969
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.157.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Nov 2020 22:42:55 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H2 200 41+aN7ZbS9L._AC_SL115_.jpg
m.media-amazon.com/images/I/ 3 KB
3 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41+aN7ZbS9L._AC_SL115_.jpg
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c5efc664bc211ca29f9e635e2f21383b26a19e6c1eb5916dafa4d28730791403

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
last-modified: Sun, 14 Jul 2019 14:10:45 GMT
age: 470791
x-cache: MISS from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 08 Nov 2040 11:56:24 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: e3e71d9a-ee07-4b3b-ac1f-515180054c43
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 3016
x-served-by: cache-dca17743-DCA, cache-hhn4039-HHN

GET
H2 200 41Se4x9nnBL._AC_SL115_.jpg
m.media-amazon.com/images/I/ 3 KB
3 KB 95ms
94ms Image
image/jpeg 2a04:4e42:1b::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41Se4x9nnBL._AC_SL115_.jpg
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3783fb5ce0f248cb72d0d223d103247b42d1be871d02c89bdf0fac0dbef7cd5e

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
last-modified: Thu, 20 Jun 2019 19:42:45 GMT
age: 1069977
x-cache: HIT from fastly, MISS from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 01 Nov 2040 13:29:59 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: 0d0a9377-d096-4f47-af0d-ffa03cdbd276
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 3077
x-served-by: cache-dca17768-DCA, cache-hhn4039-HHN

GET
H/1.1 200
OK /
aax-us-east.amazon-adsystem.com/x/px/QlFsd9X7FQ7OcoBQabWDiZAAAAF13YZr7AEAAAFKAWFOW70/ 43 B
245 B 191ms
118ms Image
image/gif 52.46.157.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/QlFsd9X7FQ7OcoBQabWDiZAAAAF13YZr7AEAAAFKAWFOW70/?assoc_payload=%7B%22regionId%22%3A%221%22%2C%22ref%22%3A%22sm_n_se_dkp_DK_%22%2C%22adMode%22%3A%22search%22%2C%22linkCode%22%3A%22w42%22%2C%22trackingId%22%3A%22myeducationdi-20%22%2C%22linkId%22%3A%222820c00a62b6203e1be4c81c6ee96222%22%2C%22country%22%3A%22DK%22%2C%22deviceType%22%3A%22BROWSER%22%2C%22searchBarPresent%22%3Atrue%2C%22defaultCategory%22%3A%22All%22%2C%22defaultSearchPhrase%22%3A%22Educators%22%2C%22givenWidth%22%3A%22300%22%2C%22givenHeight%22%3A%22600%22%2C%22givenRows%22%3A1%2C%22visibleItemCount%22%3A2%2C%22axfExperiment%22%3A%22%5B%5D%22%2C%22slotNum%22%3A%221%22%2C%22items%22%3A%5B%7B%22itemType%22%3A%22ASIN%22%2C%22id%22%3A%22B072BLVM83%22%2C%22source%22%3A%22Search%22%2C%22row%22%3A0%2C%22column%22%3A0%2C%22extraInfo%22%3A%7B%7D%7D%2C%7B%22itemType%22%3A%22ASIN%22%2C%22id%22%3A%220826194931%22%2C%22source%22%3A%22Search%22%2C%22row%22%3A0%2C%22column%22%3A1%2C%22extraInfo%22%3A%7B%7D%7D%5D%2C%22logType%22%3A%22smart_impressions%22%2C%22design%22%3A%22grid%22%2C%22ead%22%3A4%2C%22livePoolPCScore%22%3A-1%2C%22livePoolModelVersion%22%3A%22LivePoolV1%22%2C%22contXPCScore%22%3A-1%2C%22contXModelVersion%22%3A%22ContXV1%22%2C%22totalDocHeight%22%3A2203%2C%22totalDocWidth%22%3A1600%2C%22actualWidth%22%3A300%2C%22actualHeight%22%3A325%2C%22atfInFirstLoad%22%3Afalse%2C%22posX%22%3A315%2C%22posY%22%3A1489%2C%22refUrl%22%3A%22https%3A%2F%2Fedustaffbenefits.com%2F%22%7D
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.157.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Nov 2020 22:42:56 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H/1.1 204
No Content cm_:wdgt_load_time@v=1571,wdgt_load_time_DK@v=1571,wdgt_load_time_smart@v=1571
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 0
146 B 443ms
110ms Image
text/plain 52.94.233.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:wdgt_load_time@v=1571,wdgt_load_time_DK@v=1571,wdgt_load_time_smart@v=1571?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=5bbcb598-1250-49bc-bac7-6fa20f5c6ea1&session=bf475db2-d418-4dd6-9d35-384e4b656ceb
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:55 GMT
x-amzn-RequestId: 43010259-a1d9-4633-828d-86a43d0a4ba4
Content-Type: text/plain

GET
H/1.1 200
OK %7B%22adViewability%22:[%7B%22above_the_fold%22:false,%22topPos%22:1.2425,%22leftPos%22:0.198125%7D]%7D&cb=7174416
aax-us-east.amazon-adsystem.com/x/px/QlFsd9X7FQ7OcoBQabWDiZAAAAF13YZr7AEAAAFKAWFOW70/ 43 B
245 B 211ms
120ms Image
image/gif 52.46.157.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/QlFsd9X7FQ7OcoBQabWDiZAAAAF13YZr7AEAAAFKAWFOW70/%7B%22adViewability%22:[%7B%22above_the_fold%22:false,%22topPos%22:1.2425,%22leftPos%22:0.198125%7D]%7D&cb=7174416
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.157.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Nov 2020 22:42:56 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H2 200 41EaEnCIE2L._AC_SL133_.jpg
m.media-amazon.com/images/I/ 3 KB
3 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41EaEnCIE2L._AC_SL133_.jpg
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f044c9d5ae8336d7157bcfb643c23cc95337d599d9be3fba740aa9d47f40023f

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
last-modified: Fri, 09 Oct 2020 09:07:01 GMT
age: 1853066
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 23 Oct 2040 11:58:29 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: fd572f8b-5fd2-4173-8c2b-3988929c75fb
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2871
x-served-by: cache-dca17757-DCA, cache-hhn4039-HHN

GET
H2 200 415bL44KmTL._AC_SL133_.jpg
m.media-amazon.com/images/I/ 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/415bL44KmTL._AC_SL133_.jpg
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 34da9d27eda26d81f5b25a2bd3d3d9e9010eb9be0d64f85ece450c981fc6dbf0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:55 GMT
last-modified: Fri, 30 Sep 2016 17:16:55 GMT
age: 464700
x-cache: MISS from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 08 Nov 2040 13:37:55 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: 6e80656d-f915-4f59-af5d-660727ea7173
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 3630
x-served-by: cache-dca17763-DCA, cache-hhn4039-HHN

GET
H/1.1 200
OK ffse-overlay.min.css
inc.freefind.com/inc/ 2 KB
862 B 270ms
270ms Stylesheet
text/css 63.249.66.205
CZIO-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inc.freefind.com/inc/ffse-overlay.min.css
Requested by: Host: inc.freefind.com
URL: https://inc.freefind.com/inc/ffse-overlay.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.249.66.205 Santa Cruz, United States, ASN11994 (CZIO-ASN, US),
Reverse DNS: freefind.com
Software: unknown /
Resource Hash: df74e422956fa90c9bce29777a9b815e170a468b485c19f704e14f38e93a895b

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
Last-Modified: Tue, 10 Apr 2018 20:54:25 GMT
Server: unknown
Content-Type: text/css; charset=utf-8
Cache-control: max-age=300
Content-Length: 591
Expires: Wed, 18 Nov 2020 22:47:56 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0E6A 0
0 79ms
78ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLsbPZ0tyYon-YzgQZ66g5tKvJQsdGg4zXGaGJxi2RmEcL7WOXO88q4egmyh4D8G4wwcIzZNp8AWFBcWywCe0gHmrRqhYHIFvJjEYlF_moX1wo1jXKtNottqvcPXXXgs951Aro97xeWNymd0fkDx8uKlah-4E3tuOAm5XzecjX6xN1BIIQfa9Op3d5IE8BFyFdumFLmG7i2wEIQHqV2cVXu-QhRB_bk5NJmY3O2Ba-Q_Q1xJ1tFAADLboOSqLNACMxb9T9t9oOtkHO2MIyvonFDaMZvpYHLO_hXHTst_W-&sai=AMfl-YRIBejosEZwnATqbtvFjbRu5Ne89w70_kw27koTsgBQEMtRnI1jqXJi1Exv2MSTJLN07WbmkWVNZWNs8aGoE4iwlw680tdvge3VM_6M6TIGdrgimRsZZ-JCCRVppus&sig=Cg0ArKJSzEs9XVcm3o9OEAE&urlfix=1&adurl=

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H2 200 nrrV97497.js Show response
contextual.media.net/4a/ Frame D846 92 KB
30 KB 44ms
44ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV97497.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

80b8c415d0a2860143f7a4efeb7411e12dbd8574082ef69b63236fe735557182

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "6b9b6ac54c0e2971948a958e12b6cad2"
vary: Accept-Encoding
x-mnet-h: 12-27
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Wed, 18 Nov 2020 22:42:56 GMT
content-length: 30495
expires: Wed, 02 Dec 2020 22:42:56 GMT

GET
H2 200 bg-yellow.png
contextual.media.net/__media__/pics/8000/89/218/ Frame D846 6 KB
6 KB 36ms
36ms Image
image/png 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/__media__/pics/8000/89/218/bg-yellow.png

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7383dc547250603ddcf81ecb1c4d3799c0fb39934c4aeb5eef3ac5e5aae108ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
last-modified: Thu, 24 Sep 2020 10:41:54 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/png
cache-control: max-age=626639
accept-ranges: bytes
content-length: 5737
expires: Thu, 26 Nov 2020 04:46:55 GMT

GET
DATA 200
OK truncated
/ Frame D846 196 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3769cc3789afe18f35f27f145acbbd2e731bdb1dad2d628d30e430ee8ccc112c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D846 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D846 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D846 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E6A 75 KB
29 KB 59ms
45ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068759

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 37ms
31ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=awlog&pid=8PREB0781&itype=HB-CM&dn=edustaffbenefits.com&cid=8HB1IT8E4&svr=2020111812_73&servname=hbcm_na&gdpr=1&csex=2&suc=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001605739375613013824215041731&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=DK&sc=&ct=COPENHAGEN&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1600&vh=1200&pht=2877&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=4&prvAccId=548524866&prvApiId=8CUPUJ3VT&exid=31&pcId=0000EEA&pseat=&mowxReqId=324050419050532461605739375370&crid=236436478&g=0&size=300x600&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&rtime=36&dtc=nydc&rtbsv2=&mp_seg%3C%3E=&apid=1&wsip=c10-mowx-web-48&ltime=235&abs=0&ssregion=&ssreqid=&sssvnm=&bdp=5.72&cbdp=5.72&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&pvAgNm=&pvAgId=&advId=&advNm=&advUrl=unknown&dfpBd=5.72&nms=1&di=&dt=O&epc=548524866&ogbdp=5.72&s=1&snm=success&dbf=1&bdata=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3Db18c6a536f7ae6f564affba5edac200a%7C%7Csd%3D1%7C%7Cuid%3Dl0Jgaps34Ec7qEWyI%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cbat%3D0%2C0%2C0%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x600%7C%7Cbsb%3D0%7C%7Cbsp%3D0&cmpid=&bId=&pcrid=8CUPUJ3VT-548524866-47-27&ruct=0&brs=&brr=&iurl=https%3A%2F%2Fiurl-a.akamaihd.net%2Fybntag%3F%26cid%3D8CUPUJ3VT%26crid%3D548524866%26size%3D300x600%26requrl%3Dhttps%253A%252F%252Fedustaffbenefits.com%252F&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D0%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctkd%3Dnull&bfs=0&seat=&nbr=0&ba=627&ybnca_gbid=&ybnca_erpm=5.72&ybnca_vbid=5.72&yogbdp=11.63&yErpmFlag=1&smsrc=1&strg=&ybnca_bbid=-1.0&prvReqId=26144103682187705_827072548_236436478141&dStat=0&ogbid=11.63&acid=884131712024741371605739375365&act=headerBid&dtfdl=&dspltime=&ttfd=&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=-1&adj1=0&adj0=0&adj2=0&adj3=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&top=0&btm=0&lft=0&rght=0&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=1&mx_GCID=0&mx_IAB2=0&mx_vsGap=&mx_dgf=0&mx_BCN_BF=&mx_bsBucket=0&mx_ssProfile=0&mx_BCE=&mx_lr=0&mx_BCI=&mx_uid_sent=0&mx_yhs_enabled=&mx_SC=0&mx_BCT=&mx_yhs_target_bidders=&mx_BCN_YHS=&mx_BCW=&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=0&mx_supply_path=&mx_sbp=-10&mx_yhs_deal_sent=&mx_aqcpl_crid=0&mx_yhs_selected_deal=&mx_tgs=300x600&mx_nsz=1&mx_TAS=&mx_aurt=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=false&ngFunDl=false&rDl=false&actltime=245&auMxTm=&brf=0&dcs=&dfpDiv=&dfpPos=&dfpAdPath=&lper=1&td=r%3Dstr%7Cab%3D0%7C&oyaf=0&sbdrid=426&ra_sz=300x600&tk=&sc_pvid=&sc_ogbdp=0&sc_adj1=0&sc_adj0=0&sc_adj2=0&sc_prspt=&sc_act=&sc_bdata=&sc_bdp=0&sc_cbdp=0&sc_bId=&sc_cat=&sc_cmpid=&sc_advId=&sc_advNm=&sc_advUrl=&udc=&rti=-1&rme=ADPTR&bbdrid=&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&kwrf=&epurl=
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:56 GMT
server: Jetty(9.4.25.v20191220)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBA4 73 KB
28 KB 59ms
49ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068759

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EBA4 8 KB
7 KB 38ms
18ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d418e80c6e32466c2dc0883f0451c53c9cfdcee62e445e067916ecc654b6954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6307
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FF3 0
0 79ms
79ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6pE1AmB60xtEcAIfK7Kw3oNuHlRyO8O4SxFYR6LoMjI_SUsXVf5ib1_EOiOJRPhMglaS2bf019LBnuEcogCmha5Ry3z_zpAUaGHwYHUr1Y-nh7gsJO0VTnE92AX_GpWXsXXRAFGyw6_HvxGhESWIFzYxpiPrOuTs1SAO6xH-w0DlqX4_Y8ILs_XFDjMoTBRGrYVqzHLrKAnbfxGf6Xj5JMkZao9T1PJWWwASXLVcD8J-zAX0a0rZUtQmbOHNy-ozSKXCT7HUUb8Oib8Q6HnSq_nhsvDKqdyH6gC_KTi1_twNKnA&sai=AMfl-YQsUIwpwck1Wgqc3ixDQwejTmAEl2ejKpl3YvMqYgHaJrKg162Hcu_BTDutvq6BtOOgxqOoyTYZv4Ko7HYSLmLuh0e4_2g3XAVqXLOGo4_KKVTVBBXR6RRB-rY9GAY&sig=Cg0ArKJSzAw2n1Lwy_FHEAE&urlfix=1&adurl=

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H2 200 nrrV97497.js Show response
contextual.media.net/4a/ Frame 3C58 92 KB
30 KB 42ms
41ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV97497.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

80b8c415d0a2860143f7a4efeb7411e12dbd8574082ef69b63236fe735557182

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "6b9b6ac54c0e2971948a958e12b6cad2"
vary: Accept-Encoding
x-mnet-h: 12-27
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Wed, 18 Nov 2020 22:42:56 GMT
content-length: 30495
expires: Wed, 02 Dec 2020 22:42:56 GMT

GET
H/1.1 200
OK AdChoices.png
res-a.akamaihd.net/__media__/pics/800010042/ Frame 3C58 129 B
439 B 654ms
563ms Image
image/png 2.16.186.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res-a.akamaihd.net/__media__/pics/800010042/AdChoices.png
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.43 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e8b1012f16a7c0a81edf99671c9b9070b5a43cd55eb64d4f9ab8ca6a025647c0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:56 GMT
Last-Modified: Thu, 23 Jan 2020 11:03:49 GMT
Server: nginx
ETag: "5e297d95-81"
Content-Type: image/png
Cache-Control: public, max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 129
Expires: Wed, 02 Dec 2020 22:42:56 GMT

GET
H/1.1 200
OK head.gif
res-a.akamaihd.net/__media__/pics/1630/ Frame 3C58 807 B
1 KB 640ms
548ms Image
image/gif 2.16.186.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res-a.akamaihd.net/__media__/pics/1630/head.gif
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.43 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 32eb32026e78d37d07bf05436f96c942c897dd36cdba948b86eb28cbccf07db5

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:56 GMT
Last-Modified: Thu, 23 Jan 2020 09:56:22 GMT
Server: nginx
ETag: "5e296dc6-327"
Content-Type: image/gif
Cache-Control: public, max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 807
Expires: Wed, 02 Dec 2020 22:42:56 GMT

GET
H/1.1 200
OK circle.gif
res-a.akamaihd.net/__media__/pics/1630/ Frame 3C58 807 B
1 KB 636ms
544ms Image
image/gif 2.16.186.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res-a.akamaihd.net/__media__/pics/1630/circle.gif
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.43 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 32eb32026e78d37d07bf05436f96c942c897dd36cdba948b86eb28cbccf07db5

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:56 GMT
Last-Modified: Thu, 23 Jan 2020 09:54:30 GMT
Server: nginx
ETag: "5e296d56-327"
Content-Type: image/gif
Cache-Control: public, max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 807
Expires: Wed, 02 Dec 2020 22:42:56 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FF3 75 KB
29 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 33ms
33ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=awlog&pid=8PREB0781&itype=HB-CM&dn=edustaffbenefits.com&cid=8HB1IT8E4&svr=2020111812_73&servname=hbcm_na&gdpr=1&csex=2&suc=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001605739375613013824215041731&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=DK&sc=&ct=COPENHAGEN&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1600&vh=1200&pht=2527&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=4&prvAccId=552520905&prvApiId=8CUPUJ3VT&exid=31&pcId=0000EEA&pseat=&mowxReqId=334153559661974401605739375383&crid=511763506&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&rtime=27&dtc=nydc&rtbsv2=&mp_seg%3C%3E=&apid=1&wsip=c10-mowx-web-22&ltime=262&abs=0&ssregion=&ssreqid=&sssvnm=&bdp=5.72&cbdp=5.72&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&pvAgNm=&pvAgId=&advId=&advNm=&advUrl=unknown&dfpBd=5.72&nms=1&di=&dt=O&epc=552520905&ogbdp=5.72&s=1&snm=success&dbf=1&bdata=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3D552520905%7C%7Csd%3D1%7C%7Cuid%3D3o7iCLC2ENaNFC0dPf%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x250%7C%7Cbsb%3D0%7C%7Cbsp%3D0&cmpid=&bId=&pcrid=8CUPUJ3VT-552520905-47-0&ruct=0&brs=&brr=&iurl=https%3A%2F%2Fiurl-a.akamaihd.net%2Fybntag%3F%26cid%3D8CUPUJ3VT%26crid%3D552520905%26size%3D300x250%26requrl%3Dhttps%253A%252F%252Fedustaffbenefits.com%252F&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D0%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctkd%3Dnull&bfs=0&seat=&nbr=0&ba=652&ybnca_gbid=&ybnca_erpm=5.72&ybnca_vbid=5.72&yogbdp=11.63&yErpmFlag=1&smsrc=1&strg=&ybnca_bbid=-1.0&prvReqId=43672124510364714_1087337148_511763506141&dStat=0&ogbid=11.63&acid=401292290939522011605739375382&act=headerBid&dtfdl=&dspltime=&ttfd=&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=-1&adj1=0&adj0=0&adj2=0&adj3=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&top=0&btm=0&lft=0&rght=0&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=1&mx_GCID=0&mx_IAB2=0&mx_vsGap=&mx_dgf=0&mx_BCN_BF=&mx_bsBucket=0&mx_ssProfile=0&mx_BCE=&mx_lr=0&mx_BCI=&mx_uid_sent=0&mx_yhs_enabled=&mx_SC=0&mx_BCT=&mx_yhs_target_bidders=&mx_BCN_YHS=&mx_BCW=&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=0&mx_supply_path=&mx_sbp=-10&mx_yhs_deal_sent=&mx_aqcpl_crid=0&mx_yhs_selected_deal=&mx_tgs=300x250&mx_nsz=1&mx_TAS=&mx_aurt=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=false&ngFunDl=false&rDl=false&actltime=265&auMxTm=&brf=0&dcs=&dfpDiv=&dfpPos=&dfpAdPath=&lper=1&td=r%3Dstr%7Cab%3D0%7C&oyaf=0&sbdrid=426&ra_sz=300x250&tk=&sc_pvid=&sc_ogbdp=0&sc_adj1=0&sc_adj0=0&sc_adj2=0&sc_prspt=&sc_act=&sc_bdata=&sc_bdp=0&sc_cbdp=0&sc_bId=&sc_cat=&sc_cmpid=&sc_advId=&sc_advNm=&sc_advUrl=&udc=&rti=-1&rme=ADPTR&bbdrid=&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&kwrf=&epurl=
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:56 GMT
server: Jetty(9.4.25.v20191220)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 972E 73 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 972E 8 KB
7 KB 37ms
24ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e5b0596101ccae695eacd474c2e3b123e35c89d0684b5783fc1f3587b588e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6525
x-xss-protection: 0

GET
H2 200 bql.php Show response
lg3.media.net/ Frame D846 15 B
216 B 34ms
33ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605739375337013824215047973&geo=55.67|12.58&lper=100&bdrid=4&subBdr=426&fp=shO0oFOX5BuuL1QkVWwctYLYAUvvf7cei3AkIlZMjJT6QdPzdL7KHTFOUHSGKCAjwW6LNdvK6GN15MO-uCvPTIEJAXeP3-FEmHaunFp9m1hEAqJbRffCEHFZxDD0wggcNfHf_h1CCWg%3D&lpid=&tsid=18&q=&prv=&type=&ps=&cme=iXSftj0mJtNEkjvr_IFW4n8by0bzifKnsvmevuxHxA8n8peEIsCq49_FE3UcP8WNpKt5pWMAaoOijYb8qEjpYdEgSRz5Kk1ShlepSgMMzvelTpX5mnrGdFWH01mKLFA9AzrMPmrrx-4m1Qi08iwC6qTtezTxhT4MTa66rlcyMt7O9-SAtikmRDaTXk7PCIaqDAxZqQ1Dge8%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ%3D%3D%7CN7fu2vKt8_s%3D%7CZrgaFDV2sw3PDV9TzxsfiCVNlzzj1GYs90NKfR_nf_3ovYZFoQ37Bean2Se97IFS3A6rme0rbdgAfZK-XYbU9A5jTJ78mQgNkPzCG3OJIyu5pm1Y-LyDvHAbHzB3G9KuFhnvOzLjmiojp_3g7nUFi2un_1OVOflz0q0SwTEKhO0t0mMx8H1aTFP6sBrW0ROmI2j1rQvt_ijSiRd4Kd8k8Q%3D%3D%7C&hint=&td=&cc=DK&wsip=2887305229&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=Nu9&&rc=0&ksu=207&vgd_aid=884131712024741371605739375365&fdkt=307&kwd[]=Grants%20for%20Aspiring%20Teachers&kwt[]=307&kbc[]=54277&kwp[]=1&kid[]=329689657&kbc2[]=0%7C%7Cactr%3D2.488%7C%7Cps%3D1.077%7C%7Crpc%3D0.40%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Find%20Scholarships%20for%20Teachers&kwt[]=307&kbc[]=107486&kwp[]=2&kid[]=329976327&kbc2[]=0%7C%7Cactr%3D1.145%7C%7Cps%3D1.077%7C%7Crpc%3D0.39%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Grants%20to%20Become%20a%20Teacher&kwt[]=307&kbc[]=113604&kwp[]=3&kid[]=91481441&kbc2[]=0%7C%7Cactr%3D0.650%7C%7Cps%3D1.077%7C%7Crpc%3D0.44%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Teachers%20Discounts%20Online&kwt[]=307&kbc[]=106848&kwp[]=4&kid[]=325333510&kbc2[]=0%7C%7Cactr%3D0.338%7C%7Cps%3D1.077%7C%7Crpc%3D0.41%7C%7Clvl%3D1.00&ktd[]=3573446476032&kwd[]=Teacher%20Discounts%202020&kwt[]=307&kbc[]=54394&kwp[]=5&kid[]=329928159&kbc2[]=0%7C%7Cactr%3D0.015%7C%7Cps%3D1.077%7C%7Crpc%3D0.39%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Apple%20Discounts%20for%20Teachers&kwt[]=307&kbc[]=54394&kwp[]=6&kid[]=329713238&kbc2[]=0%7C%7Cactr%3D0.021%7C%7Cps%3D1.077%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Amazon%20Teachers%20Discounts&kwt[]=307&kbc[]=54394&kwp[]=7&kid[]=329708091&kbc2[]=0%7C%7Cactr%3D0.014%7C%7Cps%3D1.077%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Teacher%27s%20Vacation%20Packages&kwt[]=307&kbc[]=66997&kwp[]=8&kid[]=324700814&kbc2[]=0%7C%7Cps%3D1.077%7C%7Crpc%3D0.36%7C%7Clvl%3D1.00&ktd[]=1128373841756416&kwd[]=Auto%20Rental%20Discount&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=9&kid[]=2641954&kbc2[]=0%7C%7Cps%3D0.951%7C%7Crpc%3D0.82%7C%7Clvl%3D1.00&ktd[]=274911854848&rand=1605739376314&cid=8CUPUJ3VT&vwid=1605739375920813447&vi=1605739375920813447&l3ch=0&slnkp=no&bdrct=5.72&vgd_mseg=5.72&vgd_rt=250&bto=0&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605739375157529740&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&axbx=bl5&vgd_matchstr=hr%3D2&sttm=1605739375337&upk=1605739375.6659&hvsid=00001605739375337013824215047973&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1605718559C8S12U888&vgd_isiolc=1&rtbsd=10&bidData=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3Db18c6a536f7ae6f564affba5edac200a%7C%7Csd%3D1%7C%7Cuid%3Dl0Jgaps34Ec7qEWyI%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cbat%3D0%2C0%2C0%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x600%7C%7Cbsb%3D0%7C%7Cbsp%3D0&matchString=hr%3D2&matm=1605739376325&vgd_ltime=997&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l2ch=0&vgd_l1ch=1&vgd_altbql=get&vgd_pdtid=1&vgd_implt=3&vgd_dfp_tgt=%7B%22crid%22%3A%22548524866%22%2C%22mnet_segment%22%3A%225.72%22%2C%22mnet_variant%22%3A%22426%22%2C%22pub_domain%22%3A%22edustaffbenefits.com%22%2C%22mnet_cc%22%3A%22DK%22%2C%22mnet_bucketid%22%3A%22b3%22%2C%22mnet_nat_tpid%22%3A%22%22%2C%22RubiconSS%22%3A%222209%22%2C%22mnet_pid%22%3A%228PRHGG6T9%22%7D&vgd_sbSup=1&vgd_l2wsip=2887305231&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-548524866%7CTD&vgd_x_pos=315&vgd_y_pos=198&vgd_ren_page_h=2273&vgd_cty=COPENHAGEN&vgd_l1hcsd=C17%7C7715&vgd_sethcsd=N5%7C7700&vgde_bdata=QOfvzxjj%7C%7CGGvuiF%7C%7Ceev9%7C%7CJLEYvX.hf%7C%7CmyJLEYvX.hf%7C%7CGYvf.9H%7C%7CQ8OvGuWNF1XAFkh1JFkXFH1kkG1XJO1Nf991%7C%7CQOvu%7C%7Cx8Ovj96y1EQAH4Nh%204p5V%7C%7CONfvu%7C%7CG7OvuFWhHiFHhiWAAWiAhfXhHAWWuHuHfuu9ifHW%7C%7CG17v9%2C9%2C9%7C%7CQNOvWH%7C%7Cx8Yv9%7C%7CxLjM7UNv9%7C%7CQQvuF99-uf99%7C%7Cx8Bvou%7C%7Cj1Q7v9%7C%7C%3DVvff9W%7C%7C8Evue5x2f%7C%7CkGGv9%7C%7C7Gvou%7C%7CN7vG1jjJLxE%7C%7CLNvu%7C%7CG1Q8QfvuiF%7C%7CxLjMGvX.hu%7C%7CG1Q8QuvuiF%7C%7C8QDJkv9%7C%7CjNv9%7C%7CxLjM7e8v9%7C%7CxLjMjvu9%7C%7CG8OvX.hf%7C%7CONvh%7C%7CyN17vX99iuF%7C%7CmyG8OvX.hf%7C%7CNGOEvX.hf%7C%7CGkj1yvu%7C%7CQmGEv9%7C%7COO8ev%25%25rs0MrV%2F%25%25%7C%7COYYv%7C%7C8GNvu%7C%7COO7vou%7C%7CzQlvu%7C%7C7yQvA99-F99%7C%7CGQGv9%7C%7CGQEv9&vgd_cfud=200924&vgd_is_amp=0&vgd_icat=132&vgd_spcat=500916&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_600&vgd_scr_h=1200&vgd_scr_w=1600&oRurl=http%3A%2F%2Fcdn3e%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDK%26isOffice%3D0%26fvips%3D0%26vi%3D1605739375920813447%26lw%3D1%26rtbs%3D1%26esi%3D1%26size%3D300x600%26crid%3D548524866%26vpf%3D000%26cid%3D8CUPUJ3VT%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26dfp%3D1%26cpcd%3DfH60FJQFzgZHNuNx1tMg0A%253d%253d%26nb%3D1%26gdpr%3D1%26hlt%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO8Z5EB3%26requrl%3Dhttps%253a%252f%252fedustaffbenefits.com%26bid%3D290831&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A600%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A9&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 18 Nov 2020 22:42:56 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame D846 35 B
329 B 119ms
33ms Image
image/gif 2.16.186.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=altbql&flt=0&&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605739375337013824215047973&geo=55.67|12.58&lper=100&bdrid=4&subBdr=426&fp=shO0oFOX5BuuL1QkVWwctYLYAUvvf7cei3AkIlZMjJT6QdPzdL7KHTFOUHSGKCAjwW6LNdvK6GN15MO-uCvPTIEJAXeP3-FEmHaunFp9m1hEAqJbRffCEHFZxDD0wggcNfHf_h1CCWg%3D&lpid=&tsid=18&q=&prv=&type=&ps=&cme=iXSftj0mJtNEkjvr_IFW4n8by0bzifKnsvmevuxHxA8n8peEIsCq49_FE3UcP8WNpKt5pWMAaoOijYb8qEjpYdEgSRz5Kk1ShlepSgMMzvelTpX5mnrGdFWH01mKLFA9AzrMPmrrx-4m1Qi08iwC6qTtezTxhT4MTa66rlcyMt7O9-SAtikmRDaTXk7PCIaqDAxZqQ1Dge8%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ%3D%3D%7CN7fu2vKt8_s%3D%7CZrgaFDV2sw3PDV9TzxsfiCVNlzzj1GYs90NKfR_nf_3ovYZFoQ37Bean2Se97IFS3A6rme0rbdgAfZK-XYbU9A5jTJ78mQgNkPzCG3OJIyu5pm1Y-LyDvHAbHzB3G9KuFhnvOzLjmiojp_3g7nUFi2un_1OVOflz0q0SwTEKhO0t0mMx8H1aTFP6sBrW0ROmI2j1rQvt_ijSiRd4Kd8k8Q%3D%3D%7C&hint=&td=&cc=DK&wsip=2887305229&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=Nu9&&rc=0&ksu=207&vgd_aid=884131712024741371605739375365&fdkt=307&kwd[]=Grants%20for%20Aspiring%20Teachers&kwt[]=307&kbc[]=54277&kwp[]=1&kid[]=329689657&kbc2[]=0%7C%7Cactr%3D2.488%7C%7Cps%3D1.077%7C%7Crpc%3D0.40%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Find%20Scholarships%20for%20Teachers&kwt[]=307&kbc[]=107486&kwp[]=2&kid[]=329976327&kbc2[]=0%7C%7Cactr%3D1.145%7C%7Cps%3D1.077%7C%7Crpc%3D0.39%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Grants%20to%20Become%20a%20Teacher&kwt[]=307&kbc[]=113604&kwp[]=3&kid[]=91481441&kbc2[]=0%7C%7Cactr%3D0.650%7C%7Cps%3D1.077%7C%7Crpc%3D0.44%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Teachers%20Discounts%20Online&kwt[]=307&kbc[]=106848&kwp[]=4&kid[]=325333510&kbc2[]=0%7C%7Cactr%3D0.338%7C%7Cps%3D1.077%7C%7Crpc%3D0.41%7C%7Clvl%3D1.00&ktd[]=3573446476032&kwd[]=Teacher%20Discounts%202020&kwt[]=307&kbc[]=54394&kwp[]=5&kid[]=329928159&kbc2[]=0%7C%7Cactr%3D0.015%7C%7Cps%3D1.077%7C%7Crpc%3D0.39%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Apple%20Discounts%20for%20Teachers&kwt[]=307&kbc[]=54394&kwp[]=6&kid[]=329713238&kbc2[]=0%7C%7Cactr%3D0.021%7C%7Cps%3D1.077%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Amazon%20Teachers%20Discounts&kwt[]=307&kbc[]=54394&kwp[]=7&kid[]=329708091&kbc2[]=0%7C%7Cactr%3D0.014%7C%7Cps%3D1.077%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Teacher%27s%20Vacation%20Packages&kwt[]=307&kbc[]=66997&kwp[]=8&kid[]=324700814&kbc2[]=0%7C%7Cps%3D1.077%7C%7Crpc%3D0.36%7C%7Clvl%3D1.00&ktd[]=1128373841756416&kwd[]=Auto%20Rental%20Discount&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=9&kid[]=2641954&kbc2[]=0%7C%7Cps%3D0.951%7C%7Crpc%3D0.82%7C%7Clvl%3D1.00&ktd[]=274911854848&rand=1605739376314&cid=8CUPUJ3VT&vwid=1605739375920813447&vi=1605739375920813447&l3ch=0&slnkp=no&bdrct=5.72&vgd_mseg=5.72&vgd_rt=250&bto=0&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605739375157529740&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&axbx=bl5&vgd_matchstr=hr%3D2&sttm=1605739375337&upk=1605739375.6659&hvsid=00001605739375337013824215047973&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1605718559C8S12U888&vgd_isiolc=1&rtbsd=10&bidData=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3Db18c6a536f7ae6f564affba5edac200a%7C%7Csd%3D1%7C%7Cuid%3Dl0Jgaps34Ec7qEWyI%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cbat%3D0%2C0%2C0%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x600%7C%7Cbsb%3D0%7C%7Cbsp%3D0&matchString=hr%3D2&matm=1605739376325&vgd_ltime=997&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l2ch=0&vgd_l1ch=1&vgd_altbql=get&vgd_pdtid=1&vgd_implt=3&vgd_dfp_tgt=%7B%22crid%22%3A%22548524866%22%2C%22mnet_segment%22%3A%225.72%22%2C%22mnet_variant%22%3A%22426%22%2C%22pub_domain%22%3A%22edustaffbenefits.com%22%2C%22mnet_cc%22%3A%22DK%22%2C%22mnet_bucketid%22%3A%22b3%22%2C%22mnet_nat_tpid%22%3A%22%22%2C%22RubiconSS%22%3A%222209%22%2C%22mnet_pid%22%3A%228PRHGG6T9%22%7D&vgd_sbSup=1&vgd_l2wsip=2887305231&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-548524866%7CTD&vgd_x_pos=315&vgd_y_pos=198&vgd_ren_page_h=2273&vgd_cty=COPENHAGEN&vgd_l1hcsd=C17%7C7715&vgd_sethcsd=N5%7C7700&vgde_bdata=QOfvzxjj%7C%7CGGvuiF%7C%7Ceev9%7C%7CJLEYvX.hf%7C%7CmyJLEYvX.hf%7C%7CGYvf.9H%7C%7CQ8OvGuWNF1XAFkh1JFkXFH1kkG1XJO1Nf991%7C%7CQOvu%7C%7Cx8Ovj96y1EQAH4Nh%204p5V%7C%7CONfvu%7C%7CG7OvuFWhHiFHhiWAAWiAhfXhHAWWuHuHfuu9ifHW%7C%7CG17v9%2C9%2C9%7C%7CQNOvWH%7C%7Cx8Yv9%7C%7CxLjM7UNv9%7C%7CQQvuF99-uf99%7C%7Cx8Bvou%7C%7Cj1Q7v9%7C%7C%3DVvff9W%7C%7C8Evue5x2f%7C%7CkGGv9%7C%7C7Gvou%7C%7CN7vG1jjJLxE%7C%7CLNvu%7C%7CG1Q8QfvuiF%7C%7CxLjMGvX.hu%7C%7CG1Q8QuvuiF%7C%7C8QDJkv9%7C%7CjNv9%7C%7CxLjM7e8v9%7C%7CxLjMjvu9%7C%7CG8OvX.hf%7C%7CONvh%7C%7CyN17vX99iuF%7C%7CmyG8OvX.hf%7C%7CNGOEvX.hf%7C%7CGkj1yvu%7C%7CQmGEv9%7C%7COO8ev%25%25rs0MrV%2F%25%25%7C%7COYYv%7C%7C8GNvu%7C%7COO7vou%7C%7CzQlvu%7C%7C7yQvA99-F99%7C%7CGQGv9%7C%7CGQEv9&vgd_cfud=200924&vgd_is_amp=0&vgd_icat=132&vgd_spcat=500916&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_600&vgd_scr_h=1200&vgd_scr_w=1600&r=1605739376329
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-104.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Nov 2020 22:42:56 GMT
Server: Jetty(9.4.25.v20191220)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EBA4 16 KB
6 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A11B 0
0 79ms
79ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfNKxMEM3Smb_Lax-tNPo4rZyHyeSuSR5dWlzB8FMkmnDT7Ez7o668jktTtqBXMOq3vws1SFQpYzsxcE4ZHJV1WQBOxCzEKXuU7lmPC1rGZbGNtNjDPwTvj6rKFP0qPZHRV1wDSlGOMpdtPSKuRDJg9jsvRa4NlOlVISeG7oqOQ_f6yuThTXzs0MEBtp7WtM5kEFj28QMvNd2tm-VeLDxA-aAQtAIK0DnF1i12WwEGQJrOrN9s8Tq0lIwvzeaf-A6DLb8GQwsu5RuyTDnrZjcyP_shE_PaoYGRRgxy&sai=AMfl-YQ3zUzgpO4n5l3BuzDxUGBTBkioOYX8TDOqKEy2VZ_PZtrdZBuyY887BdRhn1DRsC6MfPl4rw2NDKh6U01tUqrbaLIDAQMOcvGTVQISm1VtFZC6flfsde7WWoYnyLQf&sig=Cg0ArKJSzLuVfNL5TQmFEAE&urlfix=1&adurl=

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 nrrV97497.js Show response
contextual.media.net/4a/ Frame 1722 92 KB
30 KB 43ms
42ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV97497.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

80b8c415d0a2860143f7a4efeb7411e12dbd8574082ef69b63236fe735557182

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "6b9b6ac54c0e2971948a958e12b6cad2"
vary: Accept-Encoding
x-mnet-h: 12-27
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Wed, 18 Nov 2020 22:42:56 GMT
content-length: 30495
expires: Wed, 02 Dec 2020 22:42:56 GMT

GET
H/1.1 200
OK 1x1.gif
res-a.akamaihd.net/__media__/pics/800028474/ Frame 1722 42 B
350 B 111ms
37ms Image
image/gif 2.16.186.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res-a.akamaihd.net/__media__/pics/800028474/1x1.gif
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.43 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:56 GMT
Last-Modified: Mon, 04 Jun 2018 10:04:19 GMT
Server: nginx
ETag: "5b150ea3-2a"
Content-Type: image/gif
Cache-Control: public, max-age=332738
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Sun, 22 Nov 2020 19:08:34 GMT

GET
DATA 200
OK truncated
/ Frame 1722 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1722 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bullet3.woff
res-a.akamaihd.net/__media__/fonts/bullet3/ Frame 1722 2 KB
2 KB 146ms
69ms Font
application/font-woff 2.16.186.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet3/bullet3.woff
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.43 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f

Request headers

Origin: https://edustaffbenefits.com
Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:56 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-698"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1688

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A11B 75 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxlidarlistenercontrol

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 33ms
32ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=awlog&pid=8PREB0781&itype=HB-CM&dn=edustaffbenefits.com&cid=8HB1IT8E4&svr=2020111812_73&servname=hbcm_na&gdpr=1&csex=2&suc=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001605739375613013824215041731&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=DK&sc=&ct=COPENHAGEN&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1600&vh=1200&pht=2527&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=4&prvAccId=965214225&prvApiId=8CUPUJ3VT&exid=31&pcId=0000EEA&pseat=&mowxReqId=290450839034400581605739375393&crid=998585695&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&rtime=26&dtc=nydc&rtbsv2=&mp_seg%3C%3E=15143&apid=1&wsip=c10-mowx-web-53&ltime=396&abs=0&ssregion=&ssreqid=&sssvnm=&bdp=5.72&cbdp=5.72&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&pvAgNm=&pvAgId=&advId=&advNm=&advUrl=unknown&dfpBd=5.72&nms=1&di=&dt=O&epc=965214225&ogbdp=5.72&s=1&snm=success&dbf=1&bdata=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3D965214225%7C%7Csd%3D1%7C%7Cuid%3D3o7iBca8uJD8hzLjFS%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x250%7C%7Cbsb%3D0%7C%7Cbsp%3D0&cmpid=&bId=&pcrid=8CUPUJ3VT-965214225-47-10&ruct=0&brs=&brr=&iurl=https%3A%2F%2Fiurl-a.akamaihd.net%2Fybntag%3F%26cid%3D8CUPUJ3VT%26crid%3D965214225%26size%3D300x250%26requrl%3Dhttps%253A%252F%252Fedustaffbenefits.com%252F&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D0%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctkd%3Dnull&bfs=0&seat=&nbr=0&ba=559&ybnca_gbid=&ybnca_erpm=5.72&ybnca_vbid=5.72&yogbdp=11.63&yErpmFlag=1&smsrc=1&strg=&ybnca_bbid=-1.0&prvReqId=22202138791170448_1922109520_998585695141&dStat=0&ogbid=11.63&acid=154678276226757441605739375392&act=headerBid&dtfdl=&dspltime=&ttfd=&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=-1&adj1=0&adj0=0&adj2=0&adj3=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&top=0&btm=0&lft=0&rght=0&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_vsGap=&mx_dgf=0&mx_BCN_BF=&mx_bsBucket=0&mx_ssProfile=0&mx_BCE=&mx_lr=0&mx_BCI=&mx_uid_sent=0&mx_yhs_enabled=&mx_SC=0&mx_BCT=&mx_yhs_target_bidders=&mx_BCN_YHS=&mx_BCW=&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=0&mx_supply_path=&mx_sbp=-10&mx_yhs_deal_sent=&mx_aqcpl_crid=0&mx_yhs_selected_deal=&mx_tgs=300x250&mx_nsz=1&mx_TAS=&mx_aurt=0&pgcatiab=IAB4-2&pgcatiab2=132&pgcatsprig=74&gFunDl=false&ngFunDl=false&rDl=false&actltime=399&auMxTm=&brf=0&dcs=&dfpDiv=&dfpPos=&dfpAdPath=&lper=1&td=r%3Dstr%7Cab%3D0%7C&oyaf=0&sbdrid=426&ra_sz=300x250&tk=&sc_pvid=&sc_ogbdp=0&sc_adj1=0&sc_adj0=0&sc_adj2=0&sc_prspt=&sc_act=&sc_bdata=&sc_bdp=0&sc_cbdp=0&sc_bId=&sc_cat=&sc_cmpid=&sc_advId=&sc_advNm=&sc_advUrl=&udc=&rti=-1&rme=ADPTR&bbdrid=&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&kwrf=&epurl=
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:56 GMT
server: Jetty(9.4.25.v20191220)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7572 73 KB
28 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7572 8 KB
6 KB 23ms
23ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19beaa2c767b4058883ece974d728007700847dc9930988dd1e3dbe7e16df77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6568
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0E6A 0
22 B 78ms
78ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWGBk6-P3KV6nXgh3YMM1PWLYTykO7PVPr1BhKCvZGr7lLRSfrS-yYjIYfhXbMidSkRXvt8xFHXskfvpdqaQRcyJw0yY2KJ9jhtWQGJuqhTkuBF536mbLSJD0ceqRbrJUxHm6lfycNEZZQe_t7n9uCZ-13yUObSWAJUcFjIxx_T6ZOfPFpui6kWHq_bbUigN0Gjno_6lKQ__eyeCvHJPVgQSR4AWknXBG5yWInLq1IoEVvIJIc_RxHlSINw-aYpQZ3T11vvwezIaEMWSFT5SSIyS3cxHW_jJyjLC_SZ3mS29o&sai=AMfl-YReVi0B-wHxi92NcA1zbTisFYW-bDZWz0EiG2JKaO3Q6grQQqwd9NNFYGjryg1lFL7-Efk-zx5bEYvXJu5EJzb5n3kCCUvKw292bNJ_9K_fhJRbMtBhRFSIDrNbMls&sig=Cg0ArKJSzBb2thnxInTeEAE&urlfix=1&adurl=

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 972E 16 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FF3 0
22 B 79ms
77ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPXeWrebFjviFjmj0PESNK1jCUq0NRuQTTnaJa7Fej1Ijz7z1_zJ60lrqFD2NUbHzu0y_ZCKmw0ee1WBMqaHuRPd0I2uhzjd1bGE-xCMkd271n-_13b7zvhdDtmttzlIYP61akEVqH-G7ZVhcHN_X4tIfnpZd4foFM2cyPrsNzaf-2krW21y_H_OjevIQ1mB1DTEJsWrZQp2UkmJXijIvXKJ9AD2budZC70DlLS0EF5uTP2S2p1Pu_PLFWWPC0FILBlDzxqUi5EMIJY1QFHvlpWUSJAVp_Z8GreNqcAKnQSW16mhP6&sai=AMfl-YRwOmMllsI2LZz5lP1ZkwPFiVjHSoUtI8G2oYiVHcHr-tOk6fR-reYHaWuglkTlHpzk1OQSE4IdAdzAfCAIY5WA83hn4sTlQFQS_AH3nIgj73xTMgNVETyB2fx946U&sig=Cg0ArKJSzD41amtBaJflEAE&urlfix=1&adurl=

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7572 16 KB
6 KB 60ms
46ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 22:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H/1.1 200
OK Lato-Bold.woff
res-a.akamaihd.net/__media__/fonts/Lato-Bold/ Frame 1722 57 KB
58 KB 104ms
45ms Font
application/font-woff 2.16.186.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/Lato-Bold/Lato-Bold.woff
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.43 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7d7789a468cb12a69ea6ed9d4cff64be0b5b2803ef3af8fba4554b462ccb1624

Request headers

Origin: https://edustaffbenefits.com
Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 18 Nov 2020 22:42:56 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-e538"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58680

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A11B 0
22 B 80ms
79ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXjnowae6Z7LXlMkve1iuIg3xhAducrdgONwenFMFCqfpIufWk4sHrvCt-ZAoMea1jSWdyzskqB5AlEanGZAjBoTDAAwufETedYHbH6j8nVkKge4fipy9VPkE8PGJOaGe6x6urjihwubLCp2DZ8IYpTD6vn_8s6oQi6Gf5GHsKhQMcBLqyfqHT-iWWMBA8dFc52k4q8r9mwQOqiftUH2hdqHiLaqEtWeQ3YFIYvFW2CbLuqZUj5bloTbfW_XscBL5DGkRKT9KjVfjcWndheQV87Aaa5JtO8_ihfMoUfs8&sai=AMfl-YTS1vfFOMuN8Viu6iAD6cCR8Z73cYsImnZJuQlW75fyWzvb83QRP9GljPTLHx-B87Jal2XMXnL0q_8NJkGQ7WXtwU-pe05Z3jSBRXhxhChBV5K_lJhDxQTlYtq2kkq0&sig=Cg0ArKJSzN6uvCKWbXk-EAE&urlfix=1&adurl=

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 22:42:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 8D23 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edustaffbenefits.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://edustaffbenefits.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 18 Nov 2020 21:27:15 GMT
expires: Thu, 18 Nov 2021 21:27:15 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4541
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame FE86 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edustaffbenefits.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://edustaffbenefits.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 18 Nov 2020 21:27:15 GMT
expires: Thu, 18 Nov 2021 21:27:15 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4541
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame C549 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edustaffbenefits.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://edustaffbenefits.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 18 Nov 2020 21:27:15 GMT
expires: Thu, 18 Nov 2021 21:27:15 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4541
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 1722 15 B
216 B 50ms
49ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605739375390013824215046677&geo=55.67|12.58&lper=100&bdrid=4&subBdr=426&fp=MzajbIe14-rPgPH0Ww9LEmc-y3pRVMpMIKg81enEz8qU5KZQw2FBRcpyWEoUVhzPYrgrh2LYPgra6G1G3zYHYhIDzoP_qfpeNNT3qU9uGk0gNehMrbEIM1bgvAzyaVMB5AW7vuK6Urw%3D&lpid=&tsid=1&q=&prv=&type=&ps=&cme=6-s7NxuNzmuSG3ayRLWtTc8RhpMRfVKiWPo7VqUhgHZussQh2unxjTmKknD7Wio2PUG41pIZKFBSrhVPnfizawjVXEiOCPzMCPJMu3D7Srw8x7S-RcYyw-CDCY-pgIO2tE2AaPDPksaEXXyJ_jy_4DMkbN3d6mrboYk_1_eFbqdiHDhQ99Y20hhNSIxg8C3p%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ%3D%3D%7CN7fu2vKt8_s%3D%7C5plqcozCuSKJY18jirKewYNEPVtTgC0jfq3tIBymxb_vMvorB6x1HC74n2p2v-8umNlnjYv81fQ8XjDO4KUtl2EYz-BLNxF6jl5rWLWH1ROeDLHy1Ku2IfDn2Pbd0y35jfPFFedeErFdFmVzPCGYSPiLZYhPsFJ62iWMlAQ1c5NG-en2yjGYe-Zjildfboxh2OPouTss-8_u9ugfw8_pNhIrvrirCTIo%7C&hint=&td=&cc=DK&wsip=2887305231&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=0&vgde_setid=Nu9&&rc=0&ksu=207&vgd_aid=154678276226757441605739375392&fdkt=307&kwd[]=Amazon%20Teachers%20Discounts&kwt[]=307&kbc[]=54394&kwp[]=1&kid[]=329708091&kbc2[]=0%7C%7Cactr%3D0.014%7C%7Cps%3D1.077%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Teacher%27s%20Vacation%20Packages&kwt[]=307&kbc[]=66997&kwp[]=2&kid[]=324700814&kbc2[]=0%7C%7Cps%3D1.077%7C%7Crpc%3D0.36%7C%7Clvl%3D1.00&ktd[]=2473934913792&kwd[]=Free%20Certificate%20Courses&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=3&kid[]=217710609&kbc2[]=0%7C%7Cps%3D0.951%7C%7Crpc%3D0.12%7C%7Clvl%3D1.98&ktd[]=274911854848&kwd[]=Best%20Laptops%20for%20Sale&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=4&kid[]=48897800&kbc2[]=0%7C%7Cps%3D0.951%7C%7Crpc%3D0.45%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Sprint%20Cell%20Phone%20Plans&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=5&kid[]=26868368&kbc2[]=0%7C%7Cps%3D0.951%7C%7Crpc%3D0.44%7C%7Clvl%3D1.00&ktd[]=274911854848&rand=1605739376434&cid=8CUPUJ3VT&vwid=1605739375276590255&vi=1605739375276590255&l3ch=0&slnkp=no&bdrct=5.72&vgd_mseg=5.72&vgd_rt=401&bto=0&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605739375157529740&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&axbx=bl5&vgd_matchstr=hr%3D2&sttm=1605739375390&upk=1605739375.6659&hvsid=00001605739375390013824215046677&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1605718559C8S12U888&vgd_isiolc=1&npgv=1&rtbsd=10&bidData=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3D965214225%7C%7Csd%3D1%7C%7Cuid%3D3o7iBca8uJD8hzLjFS%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x250%7C%7Cbsb%3D0%7C%7Cbsp%3D0&matchString=hr%3D2&matm=1605739376438&vgd_ltime=1183&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_bkwds=Grants%20for%20Aspiring%20Teachers%7CFind%20Scholarships%20for%20Teachers%7CGrants%20to%20Become%20a%20Teacher%7CTeachers%20Discounts%20Online%7CTeacher%20Discounts%202020%7CApple%20Discounts%20for%20Teachers%7C&vgd_l2ch=0&vgd_l1ch=1&vgd_altbql=get&vgd_pdtid=1&vgd_implt=3&vgd_dfp_tgt=%7B%22crid%22%3A%22965214225%22%2C%22mnet_segment%22%3A%225.72%22%2C%22mnet_variant%22%3A%22426%22%2C%22pub_domain%22%3A%22edustaffbenefits.com%22%2C%22mnet_cc%22%3A%22DK%22%2C%22mnet_bucketid%22%3A%22b3%22%2C%22mnet_nat_tpid%22%3A%22%22%2C%22RubiconSS%22%3A%222209%22%2C%22mnet_pid%22%3A%228PRHGG6T9%22%7D&vgd_sbSup=1&vgd_l2wsip=2887305231&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-965214225%7CTD&vgd_x_pos=315&vgd_y_pos=1850&vgd_ren_page_h=2273&vgd_cty=COPENHAGEN&vgd_l1hcsd=C17%7C7715&vgd_sethcsd=N5%7C7700&vgde_bdata=QOfvzxjj%7C%7CGGvuiF%7C%7Ceev9%7C%7CJLEYvX.hf%7C%7CmyJLEYvX.hf%7C%7CGYvf.9H%7C%7CQ8OviFXfuHffX%7C%7CQOvu%7C%7Cx8OvAmh8RN1Wx6rWwlTdsb%7C%7CONfvu%7C%7CG7OvuFWhHiFHhiWAAWiAhfXhHAWWuHuHfuu9ifHW%7C%7CQNOvWH%7C%7Cx8Yv9%7C%7CxLjM7UNv9%7C%7CQQvuF99-uf99%7C%7Cx8Bvou%7C%7Cj1Q7v9%7C%7C%3DVvff9W%7C%7C8Evue5x2f%7C%7CkGGv9%7C%7C7Gvou%7C%7CN7vG1jjJLxE%7C%7CLNvu%7C%7CG1Q8QfvuiF%7C%7CxLjMGvX.hu%7C%7CG1Q8QuvuiF%7C%7C8QDJkv9%7C%7CjNv9%7C%7CxLjM7e8v9%7C%7CxLjMjvu9%7C%7CG8OvX.hf%7C%7CONvh%7C%7CyN17vX99iuF%7C%7CmyG8OvX.hf%7C%7CNGOEvX.hf%7C%7CGkj1yvu%7C%7CQmGEv9%7C%7COO8ev%25%25rs0MrV%2F%25%25%7C%7COYYv%7C%7C8GNvu%7C%7COO7vou%7C%7CzQlvu%7C%7C7yQvA99-fX9%7C%7CGQGv9%7C%7CGQEv9&vgd_cfud=200615&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&oRurl=http%3A%2F%2Fcdng%2Ffcmain.js%3F%26esi%3D1%26%26fvips%3D0%26vpf%3D000%26chost%3Dcontextual.media.net%26%26gdpr%3D1%26cid%3D8CUPUJ3VT%26cpcd%3DfH60FJQFzgZHNuNx1tMg0A%253D%253D%26crid%3D965214225%26size%3D300x250%26cc%3DDK%26https%3D1%26vif%3D1%26requrl%3Dhttps%253A%252F%252Fedustaffbenefits.com%252F%26nse%3D5%26vi%3D1605739375276590255%26lw%3D1%26ugd%3D4%26rtbs%3D1%26hlt%3D1%26dfp%3D1%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26blacpfl%3D1%26baeFlag%3D0%26blapd%3D0%26isOffice%3D0&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 18 Nov 2020 22:42:56 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 1722 35 B
329 B 33ms
33ms Image
image/gif 2.16.186.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=altbql&flt=0&&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605739375390013824215046677&geo=55.67|12.58&lper=100&bdrid=4&subBdr=426&fp=MzajbIe14-rPgPH0Ww9LEmc-y3pRVMpMIKg81enEz8qU5KZQw2FBRcpyWEoUVhzPYrgrh2LYPgra6G1G3zYHYhIDzoP_qfpeNNT3qU9uGk0gNehMrbEIM1bgvAzyaVMB5AW7vuK6Urw%3D&lpid=&tsid=1&q=&prv=&type=&ps=&cme=6-s7NxuNzmuSG3ayRLWtTc8RhpMRfVKiWPo7VqUhgHZussQh2unxjTmKknD7Wio2PUG41pIZKFBSrhVPnfizawjVXEiOCPzMCPJMu3D7Srw8x7S-RcYyw-CDCY-pgIO2tE2AaPDPksaEXXyJ_jy_4DMkbN3d6mrboYk_1_eFbqdiHDhQ99Y20hhNSIxg8C3p%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ%3D%3D%7CN7fu2vKt8_s%3D%7C5plqcozCuSKJY18jirKewYNEPVtTgC0jfq3tIBymxb_vMvorB6x1HC74n2p2v-8umNlnjYv81fQ8XjDO4KUtl2EYz-BLNxF6jl5rWLWH1ROeDLHy1Ku2IfDn2Pbd0y35jfPFFedeErFdFmVzPCGYSPiLZYhPsFJ62iWMlAQ1c5NG-en2yjGYe-Zjildfboxh2OPouTss-8_u9ugfw8_pNhIrvrirCTIo%7C&hint=&td=&cc=DK&wsip=2887305231&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=0&vgde_setid=Nu9&&rc=0&ksu=207&vgd_aid=154678276226757441605739375392&fdkt=307&kwd[]=Amazon%20Teachers%20Discounts&kwt[]=307&kbc[]=54394&kwp[]=1&kid[]=329708091&kbc2[]=0%7C%7Cactr%3D0.014%7C%7Cps%3D1.077%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Teacher%27s%20Vacation%20Packages&kwt[]=307&kbc[]=66997&kwp[]=2&kid[]=324700814&kbc2[]=0%7C%7Cps%3D1.077%7C%7Crpc%3D0.36%7C%7Clvl%3D1.00&ktd[]=2473934913792&kwd[]=Free%20Certificate%20Courses&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=3&kid[]=217710609&kbc2[]=0%7C%7Cps%3D0.951%7C%7Crpc%3D0.12%7C%7Clvl%3D1.98&ktd[]=274911854848&kwd[]=Best%20Laptops%20for%20Sale&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=4&kid[]=48897800&kbc2[]=0%7C%7Cps%3D0.951%7C%7Crpc%3D0.45%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Sprint%20Cell%20Phone%20Plans&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=5&kid[]=26868368&kbc2[]=0%7C%7Cps%3D0.951%7C%7Crpc%3D0.44%7C%7Clvl%3D1.00&ktd[]=274911854848&rand=1605739376434&cid=8CUPUJ3VT&vwid=1605739375276590255&vi=1605739375276590255&l3ch=0&slnkp=no&bdrct=5.72&vgd_mseg=5.72&vgd_rt=401&bto=0&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605739375157529740&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&axbx=bl5&vgd_matchstr=hr%3D2&sttm=1605739375390&upk=1605739375.6659&hvsid=00001605739375390013824215046677&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1605718559C8S12U888&vgd_isiolc=1&npgv=1&rtbsd=10&bidData=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3D965214225%7C%7Csd%3D1%7C%7Cuid%3D3o7iBca8uJD8hzLjFS%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x250%7C%7Cbsb%3D0%7C%7Cbsp%3D0&matchString=hr%3D2&matm=1605739376438&vgd_ltime=1183&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_bkwds=Grants%20for%20Aspiring%20Teachers%7CFind%20Scholarships%20for%20Teachers%7CGrants%20to%20Become%20a%20Teacher%7CTeachers%20Discounts%20Online%7CTeacher%20Discounts%202020%7CApple%20Discounts%20for%20Teachers%7C&vgd_l2ch=0&vgd_l1ch=1&vgd_altbql=get&vgd_pdtid=1&vgd_implt=3&vgd_dfp_tgt=%7B%22crid%22%3A%22965214225%22%2C%22mnet_segment%22%3A%225.72%22%2C%22mnet_variant%22%3A%22426%22%2C%22pub_domain%22%3A%22edustaffbenefits.com%22%2C%22mnet_cc%22%3A%22DK%22%2C%22mnet_bucketid%22%3A%22b3%22%2C%22mnet_nat_tpid%22%3A%22%22%2C%22RubiconSS%22%3A%222209%22%2C%22mnet_pid%22%3A%228PRHGG6T9%22%7D&vgd_sbSup=1&vgd_l2wsip=2887305231&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-965214225%7CTD&vgd_x_pos=315&vgd_y_pos=1850&vgd_ren_page_h=2273&vgd_cty=COPENHAGEN&vgd_l1hcsd=C17%7C7715&vgd_sethcsd=N5%7C7700&vgde_bdata=QOfvzxjj%7C%7CGGvuiF%7C%7Ceev9%7C%7CJLEYvX.hf%7C%7CmyJLEYvX.hf%7C%7CGYvf.9H%7C%7CQ8OviFXfuHffX%7C%7CQOvu%7C%7Cx8OvAmh8RN1Wx6rWwlTdsb%7C%7CONfvu%7C%7CG7OvuFWhHiFHhiWAAWiAhfXhHAWWuHuHfuu9ifHW%7C%7CQNOvWH%7C%7Cx8Yv9%7C%7CxLjM7UNv9%7C%7CQQvuF99-uf99%7C%7Cx8Bvou%7C%7Cj1Q7v9%7C%7C%3DVvff9W%7C%7C8Evue5x2f%7C%7CkGGv9%7C%7C7Gvou%7C%7CN7vG1jjJLxE%7C%7CLNvu%7C%7CG1Q8QfvuiF%7C%7CxLjMGvX.hu%7C%7CG1Q8QuvuiF%7C%7C8QDJkv9%7C%7CjNv9%7C%7CxLjM7e8v9%7C%7CxLjMjvu9%7C%7CG8OvX.hf%7C%7CONvh%7C%7CyN17vX99iuF%7C%7CmyG8OvX.hf%7C%7CNGOEvX.hf%7C%7CGkj1yvu%7C%7CQmGEv9%7C%7COO8ev%25%25rs0MrV%2F%25%25%7C%7COYYv%7C%7C8GNvu%7C%7COO7vou%7C%7CzQlvu%7C%7C7yQvA99-fX9%7C%7CGQGv9%7C%7CGQEv9&vgd_cfud=200615&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&r=1605739376573
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-104.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Nov 2020 22:42:56 GMT
Server: Jetty(9.4.25.v20191220)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 972E 0
201 B 16ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111201&jk=1657452616870561&bg=!T0ylTGzNAAVGySeIRlim-owBk1DESAIAAADhUgAAAB9oAQcKAWEimx9nf4X5YCYDxuwYv7HYs1cuobP-k92YONI3-tSy2a-70eqvykkD02FXqOvUP4ZdylnAIGBkmo2mcTmJUmcR0PxiE8p8HB_Eh3DWwVBF1KFApcJwM9siYT_4Sa1VvDU5up3LsjHPtHzBO26ucjd80nUpd0ypGEAq3bA707MQppc3pj_1viYK6NdT7izyWW7dmyiJ3hCyCYNa3Q2KX3E52HdsfLaSJkQFW6jtMNxoNvUqjErmGEDFXp9gRJbpDtSEiaWJORCeuJVKxpwP-IVr1NQD1gAa_HuTs4zqIBzJ25nBs4UEetx5Q6j05r1pCuIABAgqIFQWJYZEXHNZJJIGaTFjzgSpWxU3uVKpyr0tCNq6SaRVhC3pIl5LQyjmtoPn7FqIrWufuCp1GCCgEhyt93e-PYNMNbkdt0ZqsAuzhvi-KTrMrxZWpEn9dpjx589rTYRRSoo6dESLivB3iAwseZkB2xhfQ-4Lo-KMGmCQJaaab-JdHaZIpKcujGg1bYCeRqXZzwAWsXVOHYsTD8d2TiplN7BkU4txDOrZ-UGQTBdw5K3T-YLfphL3kD9LMmHIRTdbOldE-pnb_lg_YWMgrzILEPH0YYIQI65EM9GKTHcClYIivdqj7u4NV0ZUpTx6jnMqTtmckKjJSHw604JXFwCm60Bv1QWvQTM4Lrk10bqFyjQH88TTvGaJR3LnWw2Soa10wnxBK7koqeG_gQ7H6Z9QIO7MDTups_r6BmhIoC79NdriPThJLqA8ivWNtyflGgiLsj23yTrXymqhp6yFeSaDpWz71vOUvUx-yUOlb6V1A-e5MYoUAoXGajUXH3AHGEifFWiQ5c-XbtO47yuA8p15w5wKOu4nyMDvGjG6snZ7Gl02l_zbIPB4ttg9hFcy3CYeo8U651Lx-8qBZTqGN2ZQIKD45Ml8rjV6NkDswV5Zq-5vzzjVhgeB6TlFjqWYbNSNLE5dhCCYi3NVlXJ4Y2eKduCL_85mvsWlLgTi0YOc-CuMA5ms_YX-68dHm3qLJwu-h_CW1ipB-BJnL3F-fhk6QENfP6XMUTXyxeIWcmRWDTJCRGBVg3AoELchUI7yT0Y2leBdtztg08HT-lI

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EBA4 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111201&jk=2703491899027817&bg=!HxylHDzNAAUoamvQKFitO_Yv7eX8HAIAAAEMUgAAAC9oAQcKATF8W2DyXbAgDOPDtowRyiEYEsK78F7fCogWn8RJlzEoGY4U-UOvMusyTjerNlMldth-ATDiMqFHhqgAEpA2Dkfbf6M0BQy8P68uTlInfBlqbyF2HgzcvVqjRiZA1NCIuzbJs8TSTmx__jhsqWc0FvgfEvxXA43Cz1KWuMA0JltRcPgjgtCqOuvxTdbf2d4LuJWBcEOe98c40Lhxz82IbyHknHvNJ9om0kyFCpKX2c5lKKTNp44tl69-7e6_De3hwOwdgQlJF2bF-aPmKokZ8HkTXOOxa8FLQw0s_DesreUjo3uZNGPURI17fC4_z6srBWBkX3sNZF2DiYlRh3cthGmU5rQqxO2JgxrJF-npvHlvI48YA8CS4N3giSW3B-E1pnZRppqXho1_ojiCnADtalZmT5kB2wElhBGHKVRj-54BbC2JFO4xEG2KhiXl82aGzLBxwvohwFcejSzqqYwilEMVQKMPfkNb41JXzcmZCyenZ8OedKbEgFrOffvnMv3kbG9KWlIvXN4GwhI3p9H0wpDdJoYY6BbcajXuig3VSMVHD_BUvTxAqGqaJ5SmWu13TcMtFFNKqI8gO4hBBloO9JvvhfJ2JPixvVnLLXLjHADXjOh3NZaoVHE5_k02s7coFpV5b51Oh05-A35GRfUYclXRYoGXanUN0Xm_tw1z2Yc7gblBLg5Rezb99TlupwCxR7Yknzxdak0JhM-OM-yMowGvdGtMbL8zhhP1b1zbpMiD8in9mw8dngqbGXBfbrKnidGvCLC_N5YpL0oFgnklhwCb2G9-jZK2zK9Xk4GvWwrfv3GJgSczvmmTGgcvHygUv7SUrXjiSUAtx7Zx1eLhuMmrQXQFm1I7AUzOfRV9aJOZEXu3njZWyxm2YvFPSEFF7YPVkVz29NQFqh3ugKMo2w329QMkqKueycgvjI1N15mHFV0lzL9o2U_LZ5GYLi3qsWxOCGDpuAb-O9RLA1vxfVgAriMLZFQf5S0l2WqAWPAmOuk3VLp9Ex0yQCJ44Mn_xvMjUY-ckRQkg7e8C1wD-8A

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7572 0
23 B 15ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111201&jk=1697850164962379&bg=!eXqlelrNAAUoamvQKFgGbFHE91i8jAIAAAEZUgAAABNoAQcKAaSCZx0aLHiPlxLz_sVJYwLsSWv7_k7tfSvbbYfG4pTOj5rnYO4hgs2N58B0swKLH1zxT-VxAKHRFxg--IhWgM9VRwrkvdn-LM-9QhcR-wcbG5F0jRr26PDN0T2tvR-mgmJ1tQkVmN3HlXko6T3mSVyXcIOgt-2rcRHNUNHFJvNLBPaTPn-pEq1_MGZfKv0Fsx7Yd3TBvMZbe8C5XmVU-49Bmsm9DdXjSEShy7lvc5DiUY57t01FVjvpk5t1yNamHDWfJ767BgHmvUrKOmzMDqnbxzh5NZ3WCs8wQGgYMh8Z5LPg4anyt8CO-tP6DJb8Ed0iB5IXRhwR2QPL0OLRFRT6wjNjZlAdyMpp017I0YKRTbj2k0xverwuOMRzvKlgT4Y0uCUakQPP30H1WRwkchG2hkRNHHa8vfM7Eo60Onl7ADWwkrKGCzFGPXB1cYFX9Q6873dELJ_y1-mUgyFXfjUfONqyxKbBY7_7DpRP6hVHq2wX9lAkqgHIPmqxZ-QgzN9RmJRF7W3Xp5cy96F_vvIIumYni4v37yeuXwcsXPQ2uOvip72ZAdvpA_AceVf93C7bAefbIxEra9eX2sz5QszfuA8u0jdc1Te2r-5flfWRvCTaUDunOKkX7I0AywiWLHu9BsvH54hVHmNXg5RGcSt2r0oTIgxpfUhC1QDKeC99WnTHKA1X3jS2si9aZp6j7pKcF-wbJqVia4BRq63ymGtwhOqr-fw5EHtTfuIm6NDdhIn-1Z8yqSJWNoYQca2zi5KGtXbJy7aV1gNir32JRKML7UMUMJbjJGRc8_AYWEReOW1YtfLjl2QxXFH9jHYqlc5bn8Vc9eLh3wLMNF5AZ99I6g-C9qexrzCMn43APxeuVdU_tPcIdy9_v6qJZ8ch8eI8Kmdj2w9pg1yLUThqMduH4wxniVHRWhyRvERxtMtCANG_2CXzKxMf_X-iz3vwsii7iXpkpZU8OcoBdiSn-AqldW7ek2hyd99TY65KmNtEjKYZQFCgefE7RXLjSwfaVI0srKvN9F-rDvGznDukQL5ZqFGthnCsY7PNImmVnHNJtNcPLATseFJ2T4iTJEfH_ataioMicNJ2ZXcNbIJsVHasjDbT_TuWTvGgZVkvMToeElVpa04xrW9mb9WVg9Smw-NYwJ1GyxBuwL7_EmK2h6G6QtxHwC6mVsn99oYFK7QVd8pK

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK %7B%22adViewability%22:[%7B%22viewable%22:true%7D]%7D&cb=4531465
aax-us-east.amazon-adsystem.com/x/px/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/ 43 B
245 B 122ms
121ms Image
image/gif 52.46.157.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/QtzQhiH4Lae3JbVdhJDFRS0AAAF13YZrwQEAAAFKAUFT9Ns/%7B%22adViewability%22:[%7B%22viewable%22:true%7D]%7D&cb=4531465
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.157.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Nov 2020 22:42:56 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 3C58 15 B
216 B 34ms
33ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605739375380013824215049751&geo=55.67|12.58&lper=100&bdrid=4&subBdr=426&fp=ggpn8fgcwCV3LlbxcO3I1ToF5Jhv-uCa7UKvlDMFwvCjiW2Cs0arVh1WTGG1PtpUcqGBJYiLobANBdzuMVeH5boBRik3jAp9LgMy_z2Th49AkF3fPUxmvM2kejCGYhY2iaGyfgg7K08%3D&lpid=&tsid=1&q=&prv=&type=&ps=&cme=kH45mypc6SmBYBEivw_SPZVUfPIAReeeiWisbwnjQL5O3Scj4RqegX3plwHEuYiBc8Jmo8EgDLyymmWzqyw5A3idyvBnCOUSzg5569Y4GWdPVxL5ypO18GxFxApdOT7lKvBd9vchQBXx9IloHaIuKF3nHp-S1cf_4LFhZHxLpiYMH-0dvNZpiQ3VQNn7JuiZ%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ%3D%3D%7CN7fu2vKt8_s%3D%7Cg-y6HZN4sLd-eCjRzPg4EYvip3OHAep1kDXV7jfHHsWm_S8eMk5Lfr4JBajnlNSuCufXaSQgryhA3_79Bt8kLeyQuMJ7H4Fcvl3ZqVj28YhPUXe54teNznjQSFZr7X4GeF3i1adGHuto__O_ROmjPJvg-qKRrFgF1TD1AVdHk1OAxxzYAYtFkLR6FZbW7hZ1Wn0Xwu1jh1i0qOn2H6cIAg%3D%3D%7C&hint=&td=&cc=DK&wsip=2887305235&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=0&vgde_setid=Nu9&&rc=0&ksu=207&vgd_aid=401292290939522011605739375382&fdkt=307&kwd[]=Grants%20for%20Aspiring%20Teachers&kwt[]=307&kbc[]=54277&kwp[]=1&kid[]=329689657&kbc2[]=0%7C%7Cactr%3D22.575%7C%7Cps%3D1.077%7C%7Crpc%3D0.40%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Find%20Scholarships%20for%20Teachers&kwt[]=307&kbc[]=107486&kwp[]=2&kid[]=329976327&kbc2[]=0%7C%7Cactr%3D2.279%7C%7Cps%3D1.077%7C%7Crpc%3D0.39%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Grants%20to%20Become%20a%20Teacher&kwt[]=307&kbc[]=113604&kwp[]=3&kid[]=91481441&kbc2[]=0%7C%7Cactr%3D0.881%7C%7Cps%3D1.077%7C%7Crpc%3D0.44%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Teachers%20Discounts%20Online&kwt[]=307&kbc[]=106848&kwp[]=4&kid[]=325333510&kbc2[]=0%7C%7Cactr%3D0.315%7C%7Cps%3D1.077%7C%7Crpc%3D0.41%7C%7Clvl%3D1.00&ktd[]=3573446476032&kwd[]=Teacher%20Discounts%202020&kwt[]=307&kbc[]=54394&kwp[]=5&kid[]=329928159&kbc2[]=0%7C%7Cactr%3D0.015%7C%7Cps%3D1.077%7C%7Crpc%3D0.39%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Apple%20Discounts%20for%20Teachers&kwt[]=307&kbc[]=54394&kwp[]=6&kid[]=329713238&kbc2[]=0%7C%7Cactr%3D0.021%7C%7Cps%3D1.077%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=3573429764352&rand=1605739376384&cid=8CUPUJ3VT&vwid=1605739375515310984&vi=1605739375515310984&l3ch=0&slnkp=no&bdrct=5.72&vgd_mseg=5.72&vgd_rt=268&bto=0&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605739375157529740&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&axbx=bl5&vgd_matchstr=hr%3D2&sttm=1605739375380&upk=1605739375.6659&hvsid=00001605739375380013824215049751&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1605718559C8S12U888&vgd_isiolc=1&npgv=1&rtbsd=10&bidData=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3D552520905%7C%7Csd%3D1%7C%7Cuid%3D3o7iCLC2ENaNFC0dPf%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x250%7C%7Cbsb%3D0%7C%7Cbsp%3D0&matchString=hr%3D2&matm=1605739376390&vgd_ltime=1567&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_bkwds=&vgd_l2ch=0&vgd_l1ch=1&vgd_altbql=get&vgd_pdtid=1&vgd_implt=3&vgd_dfp_tgt=%7B%22crid%22%3A%22552520905%22%2C%22mnet_segment%22%3A%225.72%22%2C%22mnet_variant%22%3A%22426%22%2C%22pub_domain%22%3A%22edustaffbenefits.com%22%2C%22mnet_cc%22%3A%22DK%22%2C%22mnet_bucketid%22%3A%22b3%22%2C%22mnet_nat_tpid%22%3A%22%22%2C%22RubiconSS%22%3A%222209%22%2C%22mnet_pid%22%3A%228PRHGG6T9%22%7D&vgd_sbSup=1&vgd_l2wsip=2887305235&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-552520905%7CTD&vgd_x_pos=315&vgd_y_pos=1199&vgd_ren_page_h=2273&vgd_cty=COPENHAGEN&vgd_l1hcsd=C17%7C7715&vgd_sethcsd=N5%7C7700&vgde_bdata=QOfvzxjj%7C%7CGGvuiF%7C%7Ceev9%7C%7CJLEYvX.hf%7C%7CmyJLEYvX.hf%7C%7CGYvf.9H%7C%7CQ8OvXXfXf9i9X%7C%7CQOvu%7C%7Cx8OvAmh8%3DT%3Df4I1Is%3D9O0k%7C%7CONfvu%7C%7CG7OvuFWhHiFHhiWAAWiAhfXhHAWWuHuHfuu9ifHW%7C%7CQNOvWH%7C%7Cx8Yv9%7C%7CxLjM7UNv9%7C%7CQQvuF99-uf99%7C%7Cx8Bvou%7C%7Cj1Q7v9%7C%7C%3DVvff9W%7C%7C8Evue5x2f%7C%7CkGGv9%7C%7C7Gvou%7C%7CN7vG1jjJLxE%7C%7CLNvu%7C%7CG1Q8QfvuiF%7C%7CxLjMGvX.hu%7C%7CG1Q8QuvuiF%7C%7C8QDJkv9%7C%7CjNv9%7C%7CxLjM7e8v9%7C%7CxLjMjvu9%7C%7CG8OvX.hf%7C%7CONvh%7C%7CyN17vX99iuF%7C%7CmyG8OvX.hf%7C%7CNGOEvX.hf%7C%7CGkj1yvu%7C%7CQmGEv9%7C%7COO8ev%25%25rs0MrV%2F%25%25%7C%7COYYv%7C%7C8GNvu%7C%7COO7vou%7C%7CzQlvu%7C%7C7yQvA99-fX9%7C%7CGQGv9%7C%7CGQEv9&vgd_cfud=191126&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&oRurl=http%3A%2F%2Fcdng%2Ffcmain.js%3F%26esi%3D1%26%26fvips%3D0%26vpf%3D000%26chost%3Dcontextual.media.net%26%26gdpr%3D1%26cid%3D8CUPUJ3VT%26cpcd%3DfH60FJQFzgZHNuNx1tMg0A%253D%253D%26crid%3D552520905%26size%3D300x250%26cc%3DDK%26https%3D1%26vif%3D1%26requrl%3Dhttps%253A%252F%252Fedustaffbenefits.com%252F%26nse%3D5%26vi%3D1605739375515310984%26lw%3D1%26ugd%3D4%26rtbs%3D1%26hlt%3D1%26dfp%3D1%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26blacpfl%3D1%26baeFlag%3D0%26blapd%3D0%26isOffice%3D0&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A6&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 18 Nov 2020 22:42:56 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 3C58 35 B
329 B 33ms
32ms Image
image/gif 2.16.186.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=altbql&flt=0&&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605739375380013824215049751&geo=55.67|12.58&lper=100&bdrid=4&subBdr=426&fp=ggpn8fgcwCV3LlbxcO3I1ToF5Jhv-uCa7UKvlDMFwvCjiW2Cs0arVh1WTGG1PtpUcqGBJYiLobANBdzuMVeH5boBRik3jAp9LgMy_z2Th49AkF3fPUxmvM2kejCGYhY2iaGyfgg7K08%3D&lpid=&tsid=1&q=&prv=&type=&ps=&cme=kH45mypc6SmBYBEivw_SPZVUfPIAReeeiWisbwnjQL5O3Scj4RqegX3plwHEuYiBc8Jmo8EgDLyymmWzqyw5A3idyvBnCOUSzg5569Y4GWdPVxL5ypO18GxFxApdOT7lKvBd9vchQBXx9IloHaIuKF3nHp-S1cf_4LFhZHxLpiYMH-0dvNZpiQ3VQNn7JuiZ%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ%3D%3D%7CN7fu2vKt8_s%3D%7Cg-y6HZN4sLd-eCjRzPg4EYvip3OHAep1kDXV7jfHHsWm_S8eMk5Lfr4JBajnlNSuCufXaSQgryhA3_79Bt8kLeyQuMJ7H4Fcvl3ZqVj28YhPUXe54teNznjQSFZr7X4GeF3i1adGHuto__O_ROmjPJvg-qKRrFgF1TD1AVdHk1OAxxzYAYtFkLR6FZbW7hZ1Wn0Xwu1jh1i0qOn2H6cIAg%3D%3D%7C&hint=&td=&cc=DK&wsip=2887305235&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=0&vgde_setid=Nu9&&rc=0&ksu=207&vgd_aid=401292290939522011605739375382&fdkt=307&kwd[]=Grants%20for%20Aspiring%20Teachers&kwt[]=307&kbc[]=54277&kwp[]=1&kid[]=329689657&kbc2[]=0%7C%7Cactr%3D22.575%7C%7Cps%3D1.077%7C%7Crpc%3D0.40%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Find%20Scholarships%20for%20Teachers&kwt[]=307&kbc[]=107486&kwp[]=2&kid[]=329976327&kbc2[]=0%7C%7Cactr%3D2.279%7C%7Cps%3D1.077%7C%7Crpc%3D0.39%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Grants%20to%20Become%20a%20Teacher&kwt[]=307&kbc[]=113604&kwp[]=3&kid[]=91481441&kbc2[]=0%7C%7Cactr%3D0.881%7C%7Cps%3D1.077%7C%7Crpc%3D0.44%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Teachers%20Discounts%20Online&kwt[]=307&kbc[]=106848&kwp[]=4&kid[]=325333510&kbc2[]=0%7C%7Cactr%3D0.315%7C%7Cps%3D1.077%7C%7Crpc%3D0.41%7C%7Clvl%3D1.00&ktd[]=3573446476032&kwd[]=Teacher%20Discounts%202020&kwt[]=307&kbc[]=54394&kwp[]=5&kid[]=329928159&kbc2[]=0%7C%7Cactr%3D0.015%7C%7Cps%3D1.077%7C%7Crpc%3D0.39%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Apple%20Discounts%20for%20Teachers&kwt[]=307&kbc[]=54394&kwp[]=6&kid[]=329713238&kbc2[]=0%7C%7Cactr%3D0.021%7C%7Cps%3D1.077%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=3573429764352&rand=1605739376384&cid=8CUPUJ3VT&vwid=1605739375515310984&vi=1605739375515310984&l3ch=0&slnkp=no&bdrct=5.72&vgd_mseg=5.72&vgd_rt=268&bto=0&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605739375157529740&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&axbx=bl5&vgd_matchstr=hr%3D2&sttm=1605739375380&upk=1605739375.6659&hvsid=00001605739375380013824215049751&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1605718559C8S12U888&vgd_isiolc=1&npgv=1&rtbsd=10&bidData=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3D552520905%7C%7Csd%3D1%7C%7Cuid%3D3o7iCLC2ENaNFC0dPf%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x250%7C%7Cbsb%3D0%7C%7Cbsp%3D0&matchString=hr%3D2&matm=1605739376390&vgd_ltime=1567&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_bkwds=&vgd_l2ch=0&vgd_l1ch=1&vgd_altbql=get&vgd_pdtid=1&vgd_implt=3&vgd_dfp_tgt=%7B%22crid%22%3A%22552520905%22%2C%22mnet_segment%22%3A%225.72%22%2C%22mnet_variant%22%3A%22426%22%2C%22pub_domain%22%3A%22edustaffbenefits.com%22%2C%22mnet_cc%22%3A%22DK%22%2C%22mnet_bucketid%22%3A%22b3%22%2C%22mnet_nat_tpid%22%3A%22%22%2C%22RubiconSS%22%3A%222209%22%2C%22mnet_pid%22%3A%228PRHGG6T9%22%7D&vgd_sbSup=1&vgd_l2wsip=2887305235&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-552520905%7CTD&vgd_x_pos=315&vgd_y_pos=1199&vgd_ren_page_h=2273&vgd_cty=COPENHAGEN&vgd_l1hcsd=C17%7C7715&vgd_sethcsd=N5%7C7700&vgde_bdata=QOfvzxjj%7C%7CGGvuiF%7C%7Ceev9%7C%7CJLEYvX.hf%7C%7CmyJLEYvX.hf%7C%7CGYvf.9H%7C%7CQ8OvXXfXf9i9X%7C%7CQOvu%7C%7Cx8OvAmh8%3DT%3Df4I1Is%3D9O0k%7C%7CONfvu%7C%7CG7OvuFWhHiFHhiWAAWiAhfXhHAWWuHuHfuu9ifHW%7C%7CQNOvWH%7C%7Cx8Yv9%7C%7CxLjM7UNv9%7C%7CQQvuF99-uf99%7C%7Cx8Bvou%7C%7Cj1Q7v9%7C%7C%3DVvff9W%7C%7C8Evue5x2f%7C%7CkGGv9%7C%7C7Gvou%7C%7CN7vG1jjJLxE%7C%7CLNvu%7C%7CG1Q8QfvuiF%7C%7CxLjMGvX.hu%7C%7CG1Q8QuvuiF%7C%7C8QDJkv9%7C%7CjNv9%7C%7CxLjM7e8v9%7C%7CxLjMjvu9%7C%7CG8OvX.hf%7C%7CONvh%7C%7CyN17vX99iuF%7C%7CmyG8OvX.hf%7C%7CNGOEvX.hf%7C%7CGkj1yvu%7C%7CQmGEv9%7C%7COO8ev%25%25rs0MrV%2F%25%25%7C%7COYYv%7C%7C8GNvu%7C%7COO7vou%7C%7CzQlvu%7C%7C7yQvA99-fX9%7C%7CGQGv9%7C%7CGQEv9&vgd_cfud=191126&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&r=1605739376947
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-104.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Nov 2020 22:42:56 GMT
Server: Jetty(9.4.25.v20191220)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 18 Nov 2020 22:42:56 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 34ms
33ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=aplog&pid=8PREB0781&itype=HB-CM&dn=edustaffbenefits.com&cid=8HB1IT8E4&svr=2020111812_73&servname=hbcm_na&gdpr=1&csex=2&suc=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001605739375613013824215041731&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=DK&sc=&ct=COPENHAGEN&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1600&vh=1200&pht=2273&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=0&prvAccId=&prvApiId=&exid=&pcId=0000EEA&pseat=&adj1=0&adj0=0&adj2=0&adj3=0&mowxReqId=&crid=236436478&g=0&size=300x600&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0&cbdp=0&dcbdp=0&ckfl=&cs=&mnet_ckfl=&cat=&attr=&pvAgNm=&pvAgId=&advId=&advNm=&advUrl=&dfpBd=0&nms=1&di=&dt=&epc=&ogbdp=0&s=1&snm=success&dbf=1&bdata=&cmpid=&bId=&pcrid=&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0&exp=&bfs=0&seat=&nbr=&ba=1&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=884131712024741371605739375365&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=&rtbsv2=&mp_seg%3C%3E=&apid=&wsip=&ltime=&abs=&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=-1&patkey=&patint=&pc=&spSource=0&spIvt=0&spId=&spFst=0&spIsReq=0&spTo=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=false&ngFunDl=false&rDl=false&refVisId=&osnbr=&brf=0&iwb=1&toconsider=0&dcs=&auMxTm=&actltime=245&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=%7C&pvNbr=&pvNbrDtls=&lper=1&pvid=0&prvAccId=&prvApiId=&exid=&pcId=0000EEA&pseat=&adj1=0&adj0=0&adj2=0&adj3=0&mowxReqId=&crid=511763506&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0&cbdp=0&dcbdp=0&ckfl=&cs=&mnet_ckfl=&cat=&attr=&pvAgNm=&pvAgId=&advId=&advNm=&advUrl=&dfpBd=0&nms=1&di=&dt=&epc=&ogbdp=0&s=1&snm=success&dbf=1&bdata=&cmpid=&bId=&pcrid=&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0&exp=&bfs=0&seat=&nbr=&ba=1&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=401292290939522011605739375382&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=&rtbsv2=&mp_seg%3C%3E=&apid=&wsip=&ltime=&abs=&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=-1&patkey=&patint=&pc=&spSource=0&spIvt=0&spId=&spFst=0&spIsReq=0&spTo=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=false&ngFunDl=false&rDl=false&refVisId=&osnbr=&brf=0&iwb=1&toconsider=0&dcs=&auMxTm=&actltime=265&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=%7C&pvNbr=&pvNbrDtls=&lper=1&pvid=0&prvAccId=&prvApiId=&exid=&pcId=0000EEA&pseat=&adj1=0&adj0=0&adj2=0&adj3=0&mowxReqId=&crid=998585695&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0&cbdp=0&dcbdp=0&ckfl=&cs=&mnet_ckfl=&cat=&attr=&pvAgNm=&pvAgId=&advId=&advNm=&advUrl=&dfpBd=0&nms=1&di=&dt=&epc=&ogbdp=0&s=1&snm=success&dbf=1&bdata=&cmpid=&bId=&pcrid=&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0&exp=&bfs=0&seat=&nbr=&ba=0&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=154678276226757441605739375392&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=&rtbsv2=&mp_seg%3C%3E=&apid=&wsip=&ltime=&abs=&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=-1&patkey=&patint=&pc=&spSource=0&spIvt=0&spId=&spFst=0&spIsReq=0&spTo=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=false&ngFunDl=false&rDl=false&refVisId=&osnbr=&brf=0&iwb=1&toconsider=0&dcs=&auMxTm=&actltime=399&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=%7C&pvNbr=&pvNbrDtls=&lper=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&kwrf=&epurl=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:57 GMT
server: Jetty(9.4.25.v20191220)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 18 Nov 2020 22:42:57 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 34ms
34ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=relog&pid=8PREB0781&itype=HB-CM&dn=edustaffbenefits.com&cid=8HB1IT8E4&svr=2020111812_73&servname=hbcm_na&gdpr=1&csex=2&suc=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001605739375613013824215041731&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=DK&sc=&ct=COPENHAGEN&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1600&vh=1200&pht=2273&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&ffp=5.50&efp=kckq&mdf=5.72&mdk=mnet_segment&rp=&rf=&rfs=nfetched&dfpAdPath=%2F45361917%2F8CUPUJ3VT-552520905-searchtargetad2&src=Dynamic&lper=1&ffp=5.50&efp=kckq&mdf=5.72&mdk=mnet_segment&rp=&rf=&rfs=nfetched&dfpAdPath=%2F45361917%2F8CUPUJ3VT-548524866-Ad_Unit_20&src=Dynamic&lper=1&ffp=5.50&efp=kckq&mdf=5.72&mdk=mnet_segment&rp=&rf=&rfs=nfetched&dfpAdPath=%2F45361917%2F8CUPUJ3VT-965214225-300x250R&src=Dynamic&lper=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&kwrf=&epurl=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:57 GMT
server: Jetty(9.4.25.v20191220)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 18 Nov 2020 22:42:57 GMT

GET
H2 200 log
lg3.media.net/ 35 B
206 B 34ms
34ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/log?&logid=kfk&evtid=adPrvLog&otherprov=0&cid=8CUPUJ3VT&crid=965214225&cc=DK&ugd=4&timeTaken=1&vi=1605739375276590255&r=1605739377025

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.25.v20191220) /

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 22:42:57 GMT
server: Jetty(9.4.25.v20191220)
strict-transport-security: max-age=21600
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 18 Nov 2020 22:42:57 GMT

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 32ms
32ms Image
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO8Z5EB3&vgd_viab=1&cme=iXSftj0mJtNEkjvr_IFW4n8by0bzifKnsvmevuxHxA8n8peEIsCq49_FE3UcP8WNpKt5pWMAaoOijYb8qEjpYdEgSRz5Kk1ShlepSgMMzvelTpX5mnrGdFWH01mKLFA9AzrMPmrrx-4m1Qi08iwC6qTtezTxhT4MTa66rlcyMt7O9-SAtikmRDaTXk7PCIaqDAxZqQ1Dge8=||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|YdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ==|N7fu2vKt8_s=|ZrgaFDV2sw3PDV9TzxsfiCVNlzzj1GYs90NKfR_nf_3ovYZFoQ37Bean2Se97IFS3A6rme0rbdgAfZK-XYbU9A5jTJ78mQgNkPzCG3OJIyu5pm1Y-LyDvHAbHzB3G9KuFhnvOzLjmiojp_3g7nUFi2un_1OVOflz0q0SwTEKhO0t0mMx8H1aTFP6sBrW0ROmI2j1rQvt_ijSiRd4Kd8k8Q==|&gdpr=1&prid=8PRHGG6T9&cid=8CUPUJ3VT&crid=548524866&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&vi=1605739375920813447&ugd=4&cc=DK&bdrid=4&startTime=1605739375330&l2type=setting&vgd_l1rakh=1605739375157529740&l1ch=1&sttm=1605739375337&upk=1605739375.6659&hvsid=00001605739375337013824215047973&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&vgd_hbReqId=T1605718559C8S12U888&l1hcsd=l1!C17|7715&vgd_uspa=0&vgd_isiolc=1&l3c=%7B%7D&l3d=%7B%22cntrdt%22%3A%22AS%7CDIV-548524866%7CTD%22%7D&l3l=%7B%7D&rtbsd=10&bidData=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D5.72%7C%7Cogerpm%3D5.72%7C%7Cbm%3D2.04%7C%7Csid%3Db18c6a536f7ae6f564affba5edac200a%7C%7Csd%3D1%7C%7Cuid%3Dl0Jgaps34Ec7qEWyI%7C%7Cdc2%3D1%7C%7Cbtd%3D168749647983389372574388141421109248%7C%7Cbat%3D0%2C0%2C0%7C%7Cscd%3D84%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2208%7C%7Cip%3D1vyuZ2%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dballerup%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D5.71%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D5.72%7C%7Cdc%3D7%7C%7Cgcat%3D500916%7C%7Cogbid%3D5.72%7C%7Ccbdp%3D5.72%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x600%7C%7Cbsb%3D0%7C%7Cbsp%3D0&matchString=hr%3D2&l2ch=0&l2wsip=2887305231

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 18 Nov 2020 22:42:57 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Wed, 18 Nov 2020 22:42:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 23:31:07	Name: loc Value: MDAwMDBFVURLODEyMzcwMTg5ODAwNDAwMDBDSA==
.media.net/	1970-01-19 18:28:43	Name: gdpr_status Value: 1
edustaffbenefits.com/	1970-01-19 14:02:21	Name: session_depth Value: edustaffbenefits.com%3D1%7C548524866%3D1%7C552520905%3D1%7C965214225%3D1
.edustaffbenefits.com/	1970-01-19 23:23:55	Name: __gads Value: ID=971c5014c1fa6d22-2206524a74a600b5:T=1605739375:S=ALNI_MaMQzbtD24DarYyxPrh4YRzOZ8NDg
edustaffbenefits.com/	1970-01-19 23:31:07	Name: __atuvc Value: 1%7C47
.edustaffbenefits.com/	1970-01-19 14:02:19	Name: _gat Value: 1
edustaffbenefits.com/	1970-01-19 14:02:20	Name: __atuvs Value: 5fb5a36f7814e61f000
.addthis.com/	1970-01-19 23:31:07	Name: uvc Value: 1%7C47
.edustaffbenefits.com/	1970-01-19 14:03:45	Name: _gid Value: GA1.2.943372084.1605739375
edustaffbenefits.com/	1969-12-31 23:59:59	Name: hbcm_sd Value: 1%7C1605739375347
.edustaffbenefits.com/	1970-01-20 07:33:31	Name: _ga Value: GA1.2.1468988469.1605739375

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

207608e9c4f10bff737dd78609f49d29.safeframe.googlesyndication.com
85a2c74732e72d27ef54137e8da193b9.safeframe.googlesyndication.com
a35a058049bbdaaf9c4f4c40c44b4086.safeframe.googlesyndication.com
aax-us-east.amazon-adsystem.com
adservice.google.com
adservice.google.de
api-public.addthis.com
contextual.media.net
edustaffbenefits.com
fls-na.amazon-adsystem.com
hblg.media.net
inc.freefind.com
lg3.media.net
m.addthis.com
m.media-amazon.com
pagead2.googlesyndication.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
wms-na.amazon-adsystem.com
www.google-analytics.com
www.googletagservices.com
z-na.amazon-adsystem.com
z.moatads.com
s7.addthis.com
104.75.88.112
172.217.18.162
173.236.164.104
2.16.186.104
2.16.186.43
2.18.235.40
2.18.235.93
2a00:1450:4001:802::2002
2a00:1450:4001:817::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9b
2a04:4e42:1b::272
52.46.157.171
52.94.233.131
63.249.66.205
99.86.4.207
99.86.6.29
03ac65326f119372a6a3e422c33759bd08c6692edf6f04533379eaffe4e8458f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0497a9b4437d4f918455b4097b2eedd811afb4713adfd61836bb7b22e526cd64
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a4f6713e204ad529e8d6b1699b0652c11071747293b118c3eeee19dc48e5425
0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f
0f7629d61b75eb6d7c66ef4b50d1834816a73712cff60247ac19f997502ba573
19beaa2c767b4058883ece974d728007700847dc9930988dd1e3dbe7e16df77e
214bec3c81c3df6b3334f4240bad72a7f8bcf89ab9617bccfa3dbc66b16a4c2c
272fd91e29d95e6fad87b623f01184a2f58d98a184ca2ab685f1a1e8acca7cec
3061571fe495b1ee4e7545643a3ac6f949c36766134f48a3fec77a1cabeb02a8
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32eb32026e78d37d07bf05436f96c942c897dd36cdba948b86eb28cbccf07db5
34da9d27eda26d81f5b25a2bd3d3d9e9010eb9be0d64f85ece450c981fc6dbf0
3769cc3789afe18f35f27f145acbbd2e731bdb1dad2d628d30e430ee8ccc112c
3783fb5ce0f248cb72d0d223d103247b42d1be871d02c89bdf0fac0dbef7cd5e
3976f73e83d8a546b1ef0193cdd63d3b2b39f363310899d1c1d111cac53ed0bf
3d363721e733cd455560f59c74cffdb28148623c7c716a23403bd6b85696b4fa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5363a457de9f579a43984b2cb7d0b3c67b6adad620726c4fc6e8b96e34041320
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a76f96103772adf1233414ea54026fb3906837719aeaf643d72b9641691fc9e
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61501109dfad939b31372d5b6ca50cc4678f7bf7fc6adf1be38ffb346b9a1223
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5b0596101ccae695eacd474c2e3b123e35c89d0684b5783fc1f3587b588e68
711970417b7ef261c40032f765bf4b838705a9103785b979e890b1c3fda96878
7383dc547250603ddcf81ecb1c4d3799c0fb39934c4aeb5eef3ac5e5aae108ba
792136a6469ccb115af681ae4ab778c8567915914691b7b6405368ec82b2bc3c
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7d7789a468cb12a69ea6ed9d4cff64be0b5b2803ef3af8fba4554b462ccb1624
808dfff53a1b63da76e07ff30c84fa98f20a5130220554353ba7822227cf54fb
80b8c415d0a2860143f7a4efeb7411e12dbd8574082ef69b63236fe735557182
85692354268b6363ba5550cd85220b9d9cff39579a06aa61a3ecb2c4683618c3
8818c60cc013ab666ff48bc5ba5e103dea360adc4b1db9ecaa54151a23617095
953f2382dba08291a41de1ef52c413e62ed4f6a1803a9ecbac03358772b095ad
99f8536aff0108e158d84daccecdfa0c013e5e7e6086eed0119cfec0e73a6f7b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5a1c656e0da8624cd4a9f1bcaaa62207386b3877c0897a783a25cc3a1f75f04
a839fd8c9525049492e5bedbaf3b7dbd63d7b324059c412936366d4e69c76cf1
ab09a13ace8d082e34d0338a98d6add85d9a64e553204672b37fa5d8f99fbde6
ac3d82ba31bf0077f6e23dd11adbdf43f738051db1ad14527e0dfcdbf25b3964
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
c35cc95c2ae875207509c5336f5ec5dc39af72e2a0292fa357c2c2f1fa1ff053
c5efc664bc211ca29f9e635e2f21383b26a19e6c1eb5916dafa4d28730791403
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cac4aa6bfdba0933446ef04d31f4bd98470b55ba82df1641171b7e7a61a3561e
cb3e757bd3ff3154d5501007bc746f2b4861540c6f1ad9b19d161f918c1205e6
d418e80c6e32466c2dc0883f0451c53c9cfdcee62e445e067916ecc654b6954d
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
df74e422956fa90c9bce29777a9b815e170a468b485c19f704e14f38e93a895b
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8b1012f16a7c0a81edf99671c9b9070b5a43cd55eb64d4f9ab8ca6a025647c0
e8f3f6ece27f046f9c4d1f1caf611b415f6ebc2aae6fa92d7e82f4fd41b1027f
ed1ffb14aed67de4970e9daebcd50d6d09c5df60141c4f5d0cd7c57a0efe483d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f044c9d5ae8336d7157bcfb643c23cc95337d599d9be3fba740aa9d47f40023f
fd75ae2c5ede28770a24de5e7f98c68ae9a513576af565683e5de7420d1b5a9d

edustaffbenefits.com Open in urlscan Pro 173.236.164.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

97 %HTTPS

37 %IPv6

15 Domains

28 Subdomains

20 IPs

5 Countries

1268 kBTransfer

3626 kBSize

11 Cookies

254 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

edustaffbenefits.com Open in urlscan Pro
173.236.164.104 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

97 %
HTTPS

37 %
IPv6

15
Domains

28
Subdomains

20
IPs

5
Countries

1268 kB
Transfer

3626 kB
Size

11
Cookies

116 HTTP transactions
4 data transactions