www.financial-benefits.com Open in urlscan Pro
162.159.130.79  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2204492&time=1643338428996&url=https%3A%2F%2Fwww.financial-benefits.com%2F HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2204492&time=1643338428996&url=https%3A%2F%2Fwww.financial-benefits.com%2F&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2204492%26time%3D1643338428996%26url%3Dhttps%253A%252F%252Fwww.financial-benefits.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2204492&time=1643338428996&url=https%3A%2F%2Fwww.financial-benefits.com%2F&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2204492&time=1643338428996&url=https%3A%2F%2Fwww.financial-benefits.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLKiHHJbTy47wAAAX6emnRbF6DOmP-M1iImHTe4I6Vi6DcBUvuAqTEIwKF9gZcyz6nwO9VO HTTP 302
• https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=575b02c5-28ff-4945-a8f7-d6a739d68b15 HTTP 302
• https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=575b02c5-28ff-4945-a8f7-d6a739d68b15&_expected_cookie=db671ff10a7a25b151a435b961962697

Request Chain 47

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1002939772/?random=1350485524&cv=9&fst=1643338428999&num=1&value=0&label=PpnuCOuK75MBEPzKnt4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vVrzYb-WA5mToPMP4cWmOA&sscte=1&crd=CNPgGw&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5p3ME749m9bnOzb5ZPP-IqZEYsIalz4sU8 HTTP 302
• https://www.google.com/pagead/1p-conversion/1002939772/?random=1350485524&cv=9&fst=1643338428999&num=1&value=0&label=PpnuCOuK75MBEPzKnt4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=vVrzYb-WA5mToPMP4cWmOA&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5ooJcxmPUb0BOOU-pw2zCA4xIRcB0pT2FM&random=960746000&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.ca/pagead/1p-conversion/1002939772/?random=1350485524&cv=9&fst=1643338428999&num=1&value=0&label=PpnuCOuK75MBEPzKnt4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=vVrzYb-WA5mToPMP4cWmOA&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5ooJcxmPUb0BOOU-pw2zCA4xIRcB0pT2FM&random=960746000&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 48

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972413919/?random=1030084204&cv=9&fst=1643338429004&num=1&value=0&label=pwQdCKbR04kCEN-3188D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vVrzYYKaA8uTxAO8p6yQDg&sscte=1&crd=&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5qTxZ2R_rQnYvFvQFQ_U2ERgvm1YBFomcw HTTP 302
• https://www.google.com/pagead/1p-conversion/972413919/?random=1030084204&cv=9&fst=1643338429004&num=1&value=0&label=pwQdCKbR04kCEN-3188D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vVrzYYKaA8uTxAO8p6yQDg&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5o27frnEKrzyL4A7N9-DrSjFay1MeBWSDM&random=3288839160&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.ca/pagead/1p-conversion/972413919/?random=1030084204&cv=9&fst=1643338429004&num=1&value=0&label=pwQdCKbR04kCEN-3188D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vVrzYYKaA8uTxAO8p6yQDg&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5o27frnEKrzyL4A7N9-DrSjFay1MeBWSDM&random=3288839160&resp=GooglemKTybQhCsO&ipr=y&prhg=0

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.financial-benefits.com/	41 KB 11 KB	1130ms 821ms	Document text/html	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b58afed7a84c35ae5a303bb907e63e117f3a9b136ea767288bac6ce0c41af88f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers date Fri, 28 Jan 2022 02:53:47 GMT content-type text/html;charset=UTF-8 cf-ray 6d46eeb16f9b4003-YYZ cache-control max-age=3600 expires Fri, 28 Jan 2022 02:54:47 GMT vary Accept-Encoding cf-cache-status BYPASS cache-tag html::home content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-ua-compatible IE=edge,chrome=1 server cloudflare content-encoding br
GET H2	200	gtmAdvisorSites.js Show response www.financial-benefits.com/include/js/	2 KB 971 B	132ms 130ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/gtmAdvisorSites.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2516534ac15d811524ea87303a6b63497da52cc452f4b957d779dcf50f8574f0 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 10 Sep 2020 21:25:13 GMT server cloudflare etag W/"80c275deb887d61:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=2729 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eeb6a9304003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	slicknav.css www.financial-benefits.com/include/css/site_styles/default/201303/	3 KB 926 B	134ms 132ms	Stylesheet text/css	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/css/site_styles/default/201303/slicknav.css Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa797ad55a5e7b6dc468b5361761b6ad28443979f315317f5e5962e87ef82c83 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 16 Apr 2021 22:21:44 GMT server cloudflare etag W/"0ccb4e1e33d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cf-polished origSize=3539 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eeb6a9324003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	modals.css www.financial-benefits.com/include/css/	3 KB 753 B	133ms 131ms	Stylesheet text/css	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/css/modals.css?v=2021.07.19 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81c36ca9f9c452d29e402a9608729bf3979bef6202ad2f3c498251015cd31f88 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 27 Jan 2016 01:04:09 GMT server cloudflare etag W/"808a6ca09e58d11:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cf-polished origSize=2937 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eeb6a9344003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	~TO1.css www.financial-benefits.com/include/css/site_styles/M/TO/	58 KB 10 KB	151ms 149ms	Stylesheet text/css	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/css/site_styles/M/TO/~TO1.css?v=2021.07.19 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab53d0c390062bb286c80edf42ce7a8862d799b1c2c58265118e5ebf6600a1c8 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 28 Jan 2022 00:18:55 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-ray 6d46eeb6b9374003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	custom.css www.financial-benefits.com/files/20666/	35 KB 7 KB	280ms 279ms	Stylesheet text/css	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/files/20666/custom.css Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24c3fe7792333cc5bfd8172c06e8594360e9193de92fac3f48fca6dcf0539010 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 30 May 2018 21:37:13 GMT server cloudflare etag W/"20282c5f5ef8d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cf-polished origSize=49893 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eeb6b93a4003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	font-awesome.min.css www.financial-benefits.com/include/css/font-awesome/css/	30 KB 7 KB	378ms 377ms	Stylesheet text/css	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/css/font-awesome/css/font-awesome.min.css Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 03 Aug 2017 21:25:34 GMT server cloudflare etag W/"09b89a9fcd31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-ray 6d46eeb6b93b4003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	jquery-1.11.1.min.js Show response www.financial-benefits.com/include/js/jquery/	94 KB 34 KB	134ms 133ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/jquery/jquery-1.11.1.min.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 27 Jan 2016 01:04:27 GMT server cloudflare etag W/"801f27ab9e58d11:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-ray 6d46eeb6b93c4003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	jquery-ui-1.10.4.min.js Show response www.financial-benefits.com/include/js/jquery/jqueryui/js/	223 KB 61 KB	166ms 165ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/jquery/jqueryui/js/jquery-ui-1.10.4.min.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 600759407fde32ff7bd3acc8db8a41f170a137c8bf48d2a2ede342111776c027 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 27 Jan 2016 01:04:27 GMT server cloudflare etag W/"801f27ab9e58d11:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-ray 6d46eeb6b93d4003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	ColorLogoNames2~003.jpg www.financial-benefits.com/files/20666/	9 KB 9 KB	166ms 163ms	Image image/jpeg	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.financial-benefits.com/files/20666/ColorLogoNames2~003.jpg Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b343cd4db536c013f42729dd819c5a8c88242b0ea97ae31442a0a81b53cf191 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Jun 2012 15:07:33 GMT server cloudflare etag "66e56c3f4acd1:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg cf-polished origSize=9687, status=webp_bigger content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj imgq:100,h2pri accept-ranges bytes cf-ray 6d46eebbb9594003-YYZ content-length 8866 x-ua-compatible IE=edge,chrome=1
GET H2	200	product_specific_174X174.jpg www.financial-benefits.com/files/nyl/carousel_images/	23 KB 23 KB	168ms 164ms	Image image/webp	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.financial-benefits.com/files/nyl/carousel_images/product_specific_174X174.jpg Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 968d14ba0cf022179b02154488de3500c497c515ab5ece2ed87e7f36e1d2e33a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com etag "0951e53be88ce1:0" cf-cache-status REVALIDATED cf-polished origFmt=jpeg, origSize=27368 content-disposition inline; filename="product_specific_174X174.webp" content-length 23594 x-ua-compatible IE=edge,chrome=1 last-modified Wed, 24 Jul 2013 22:37:06 GMT server cloudflare date Fri, 28 Jan 2022 02:53:48 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp accept-ranges bytes cf-ray 6d46eebbb95a4003-YYZ cf-bgj imgq:100,h2pri
GET H2	200	generic_174X174.jpg www.financial-benefits.com/files/nyl/carousel_images/	21 KB 22 KB	610ms 606ms	Image image/webp	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.financial-benefits.com/files/nyl/carousel_images/generic_174X174.jpg Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7af3984306e9b97f47299d32f4bb59f100ee20382546bfa0f213cdb5c58d10a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com etag "0d0765bbe88ce1:0" cf-cache-status REVALIDATED cf-polished origFmt=jpeg, origSize=25434 content-disposition inline; filename="generic_174X174.webp" content-length 21926 x-ua-compatible IE=edge,chrome=1 last-modified Wed, 24 Jul 2013 22:37:20 GMT server cloudflare date Fri, 28 Jan 2022 02:53:49 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp accept-ranges bytes cf-ray 6d46eebbb95c4003-YYZ cf-bgj imgq:100,h2pri
GET H2	200	api.marketer.json www.newyorklife.com/bin/nyl/	0 669 B	99ms 28ms	Image text/plain	54.91.113.176 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.newyorklife.com/bin/nyl/api.marketer.json?id=591AXvxn5PE6CeAyla1sLg%3D%3D_kdca5X%2BDSg%3D%3D_SiXmznrlQSBA8frcChMWcpBYBXuVAf%2F12h4hEoVmvEw%3D Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.91.113.176 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-91-113-176.compute-1.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-dispatcher dispatcher1useast1 date Fri, 28 Jan 2022 02:53:48 GMT x-dispatcher-number dispatcher1useast1 x-content-type-options nosniff server Apache x-vhost nyl x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; includeSubdomains; vary User-Agent content-length 0 x-xss-protection 1; mode=block
GET H/1.1	200 OK	modernizr.min.js Show response assets.primeagentmarketing.com/js/emerald/	5 KB 2 KB	364ms 51ms	Script application/javascript	23.239.28.177 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://assets.primeagentmarketing.com/js/emerald/modernizr.min.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.239.28.177 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS grayhorseenterprises.net Software Apache/2.2.22 (Debian) / Resource Hash b79c7c012f0190c7c6858b137d6a051e4c7f3b8ddc470eee00ad0316164989c8 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:53:48 GMT Content-Encoding gzip Last-Modified Wed, 13 May 2015 17:53:48 GMT Server Apache/2.2.22 (Debian) ETag "78805-120a-515fa4b03df20" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 2037
GET H/1.1	200 OK	lodash.min.js Show response assets.primeagentmarketing.com/js/emerald/	52 KB 19 KB	102ms 102ms	Script application/javascript	23.239.28.177 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://assets.primeagentmarketing.com/js/emerald/lodash.min.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.239.28.177 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS grayhorseenterprises.net Software Apache/2.2.22 (Debian) / Resource Hash d684b9359013eecddf35106d9b7cd1c0356130a176cdcf70d2c66432f77c7e29 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:53:48 GMT Content-Encoding gzip Last-Modified Wed, 13 May 2015 17:52:37 GMT Server Apache/2.2.22 (Debian) ETag "78804-d0ee-515fa46d2755e" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 19554
GET H/1.1	200 OK	init.js Show response assets.primeagentmarketing.com/js/emerald/20150513/	11 KB 3 KB	50ms 50ms	Script application/javascript	23.239.28.177 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://assets.primeagentmarketing.com/js/emerald/20150513/init.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.239.28.177 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS grayhorseenterprises.net Software Apache/2.2.22 (Debian) / Resource Hash ddd7058795abf6d5a9a62db5d17c29843598177a9e5580e6d26c7e7810a9fe95 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:53:48 GMT Content-Encoding gzip Last-Modified Wed, 02 Oct 2019 14:57:52 GMT Server Apache/2.2.22 (Debian) ETag "16e2005-2c5d-593eeb177e54c" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 3281
GET H2	200	lodash.min.js Show response www.financial-benefits.com/include/js/plugins/lodash/	72 KB 25 KB	262ms 262ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/plugins/lodash/lodash.min.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash effca8652df9e3c7d74915ea73fc58ce3b26b96dec14aceebce087774e8f9a9b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 21 Aug 2019 21:25:28 GMT server cloudflare etag W/"014f3f36658d51:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-ray 6d46eebb68d34003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	bootstrap.min.js Show response www.financial-benefits.com/include/js/bootstrap/	28 KB 8 KB	125ms 119ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/bootstrap/bootstrap.min.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7139d8b43b314fc6764a4d2e6bdfe3ff341b4e027cf67505515a09fcd349556f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 27 Jan 2016 01:04:27 GMT server cloudflare etag W/"801f27ab9e58d11:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-ray 6d46eebb991f4003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	jwplayer.js Show response www.financial-benefits.com/include/js/video/jwplayer890/	105 KB 34 KB	290ms 284ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/video/jwplayer890/jwplayer.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b56a270c3648f03fd4354544c3ea92743d02e3c4dd77c550df99fee1c32272cc Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 03 Jul 2019 20:40:30 GMT server cloudflare etag W/"033938ddf31d51:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=107953 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eebb99274003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	jquery.slicknav.min.js Show response www.financial-benefits.com/include/js/navigation/	8 KB 3 KB	391ms 385ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/navigation/jquery.slicknav.min.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17fbc9ef92ebe65634893b29466456b54f45fc1b404c9f1b6ef0c2edd2eb61a5 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 09 Feb 2017 16:46:43 GMT server cloudflare etag W/"805bcb17f482d21:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-ray 6d46eebb99284003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	slick.min.js Show response www.financial-benefits.com/include/js/jquery/plugins/	52 KB 12 KB	172ms 166ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/jquery/plugins/slick.min.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa953dbf36b56acf2d780ab67a613e7691c51c9a52ee5f652308e88a996989da Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 16 Apr 2021 22:21:45 GMT server cloudflare etag W/"80624de2e33d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-ray 6d46eebb99294003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	global.js Show response www.financial-benefits.com/include/js/	17 KB 6 KB	123ms 117ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/global.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a3d62bb33f32f84237dc22a0cc3fcc6d5398f3d4bdd78a4e2d55ed2fda0d3ca Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 12 Nov 2021 23:24:10 GMT server cloudflare etag W/"0893e651cd8d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=25236 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eebb992b4003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	modals.js Show response www.financial-benefits.com/include/js/	10 KB 3 KB	121ms 116ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/modals.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd18a7390310d81820ed849058bd069080a7fb1476ac2fe51269c7794d04eb21 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 27 Jan 2016 01:04:27 GMT server cloudflare etag W/"801f27ab9e58d11:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=14739 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eebb992d4003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	keys.js Show response www.financial-benefits.com/include/js/ada/	2 KB 805 B	274ms 269ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/ada/keys.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72dccb5ee0928ae51eb9f30beae8addaf2ce8ad040903eb1d6d4fc340a133675 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 19 Mar 2021 21:25:09 GMT server cloudflare etag W/"80e88f5661dd71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=4021 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eebb992e4003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	nav_surgeon.js Show response www.financial-benefits.com/include/js/navigation/	1 KB 694 B	291ms 286ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/navigation/nav_surgeon.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b2eef99d8c899898013d7264ff9c47567a7462202bfca852df91f316a83f84f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 09 Jul 2021 22:28:23 GMT server cloudflare etag W/"805d3aba1175d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=1971 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eebb992f4003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	navigation.js Show response www.financial-benefits.com/include/js/site_styles/new_york_life/201304/	2 KB 734 B	276ms 271ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/site_styles/new_york_life/201304/navigation.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd15c5db5ddc6b16af3b1c241ac0faea33c81ab692290e532ac37272ce10b812 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 27 Jan 2016 01:04:27 GMT server cloudflare etag W/"801f27ab9e58d11:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=2499 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eebb99304003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	slickNavLaunch.js Show response www.financial-benefits.com/include/js/navigation/	7 KB 2 KB	124ms 120ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/navigation/slickNavLaunch.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26b88882953bc75fcbe67fdc7962485179a6cce8fb3a7ec27c69520e486b6535 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 29 Oct 2021 22:25:02 GMT server cloudflare etag W/"033b0d013cdd71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=8791 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eebb99324003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	default.js Show response www.financial-benefits.com/include/js/site_styles/new_york_life/201304/	11 KB 3 KB	132ms 128ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/site_styles/new_york_life/201304/default.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 355c52fe81f6c9881e33f2781c7f35412b78e0de1c7b506d88eac24df1209371 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 03 Jul 2019 20:40:29 GMT server cloudflare etag W/"809cfa8cdf31d51:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=16336 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eebbb9544003-YYZ x-ua-compatible IE=edge,chrome=1
GET H/1.1	200 OK	finra.js Show response assets.primeagentmarketing.com/widgets/nyl/	291 B 515 B	71ms 50ms	Script application/javascript	23.239.28.177 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://assets.primeagentmarketing.com/widgets/nyl/finra.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.239.28.177 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS grayhorseenterprises.net Software Apache/2.2.22 (Debian) / Resource Hash fdc3130630c0df3d7ce7b2ab48e051a6bea3236ad11188048fc68f71286e913c Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:53:48 GMT Content-Encoding gzip Last-Modified Thu, 08 Oct 2020 21:52:57 GMT Server Apache/2.2.22 (Debian) ETag "1c809a-123-5b12fdae4750d" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 219
GET H2	200	brokerCheck2.js Show response www.financial-benefits.com/include/js/	5 KB 1 KB	339ms 335ms	Script application/x-javascript	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/js/brokerCheck2.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 402f81262e360e89b5d251179702d02606be2dfd4beb614e4f3ee1e9bebe3681 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 30 Apr 2021 23:34:57 GMT server cloudflare etag W/"80e6eb6d193ed71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cf-polished origSize=5831 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eebbb9564003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	gtm.js Show response www.googletagmanager.com/	208 KB 70 KB	91ms 43ms	Script application/javascript	2607:f8b0:4006:81f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P7LM8CD Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 79563be2a2c8069a951aec3e4e727602554a19e9b9d01d19543f97fd81310774 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 71646 x-xss-protection 0 last-modified Fri, 28 Jan 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 28 Jan 2022 02:53:48 GMT
GET H/1.1	200 OK	font-awesome.min.css s3-us-west-2.amazonaws.com/primeagentmarketing/library/fontawesome/4.3.0/css/	25 KB 25 KB	388ms 115ms	Stylesheet text/css	52.218.181.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/primeagentmarketing/library/fontawesome/4.3.0/css/font-awesome.min.css Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/files/20666/custom.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.181.80 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash ca8713f236c5dc2550853d804c38b41ed20f228f756c3e1fa37b3b5e0d11c3bb Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:53:49 GMT Last-Modified Mon, 26 Jan 2015 21:04:21 GMT Server AmazonS3 x-amz-request-id 19P53PS7GKEACXEF ETag "aeef159508dbc7422befb631c120ae01" Content-Type text/css Cache-Control max-age=31536000 Accept-Ranges bytes Content-Length 25601 x-amz-id-2 NEkrf2HA2iZ7hQlgsurPhQ6ZX9FA4oJm6a6DG8QD+Lb+SRJsrromehLK5fip6JvPZuTjtZUeoAc=
GET H2	200	animate.css cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/	71 KB 4 KB	74ms 29ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.css Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/files/20666/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 13333023 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3541 timing-allow-origin * last-modified Mon, 04 May 2020 16:04:58 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d2a-11a43" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQwhc8HBwMzGOJKq8DMC0GGVjGeydyn03N6uc9BNvNtMxsmnpmDjcr3MLDLs1lBOJ3MOabRZVeDWZXitvmi%2BL8PBlytcKsy8yRuxVj8tJ1HZkiujMh9dFRBduqNwP3ZUfy18M5LqEglFXlg2O6IID24e"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6d46eeb8b989ca53-YUL expires Wed, 18 Jan 2023 02:53:48 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	83ms 37ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,700 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/files/20666/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 79fd81f44308bea1a5f9134ad14851c0c7b520439085c4d92879ce17bf21538f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 28 Jan 2022 02:17:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 28 Jan 2022 02:53:48 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 28 Jan 2022 02:53:48 GMT
GET H2	200	css fonts.googleapis.com/	13 KB 920 B	84ms 38ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/files/20666/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f264d6eff903ee22b1d37e609eca7e4b8577d4edf2cf194583f4b87d3eeb9592 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 28 Jan 2022 02:35:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 28 Jan 2022 02:53:48 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 28 Jan 2022 02:53:48 GMT
GET H/1.1	200 OK	st eanotify.us/1410/	169 B 363 B	893ms 488ms	Image image/png	199.103.4.193 PROMINIC-NET-INC
General Check archive.org Show headers Download Go to Show image Full URL https://eanotify.us/1410/st?s=7CB78851-FDF1-4599-A8CB-9618EBFA1579&r= Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 199.103.4.193 Fort Worth, United States, ASN22663 (PROMINIC-NET-INC, US), Reverse DNS 199-103-4-193.ip.prominic.net Software Lotus-Domino / Resource Hash e606402b2d46cd70a45c09ab11255e7290731d882cf2c71408b550d986f864fb Security Headers Name Value Strict-Transport-Security max-age=604800 X-Frame-Options SAMEORIGIN Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:53:51 GMT Strict-Transport-Security max-age=604800 Server Lotus-Domino Connection close X-Frame-Options SAMEORIGIN Content-Type image/png
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	70ms 20ms	Script text/javascript	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7LM8CD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1917 date Fri, 28 Jan 2022 02:21:51 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 28 Jan 2022 04:21:51 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	39 KB 15 KB	90ms 44ms	Script text/javascript	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7LM8CD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash 73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:48 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14860 x-xss-protection 0 server cafe etag 9607039154328110559 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 28 Jan 2022 02:53:48 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	5 KB 2 KB	85ms 21ms	Script application/x-javascript	2600:141b:13::17d7:8262 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7LM8CD Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:8262 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:53:48 GMT Content-Encoding gzip Last-Modified Wed, 29 Sep 2021 19:17:49 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=23235 Connection keep-alive Accept-Ranges bytes Content-Length 2036
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 26 KB	59ms 19ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 26237 x-xss-protection 0 pragma public x-fb-debug wUoYJD9QLxIwZuenPPO7JqZrWYpUh0ft7sRkp/bPLpdERZdEVzvsTKukZ4DFpjy7Oasdm1oqoG9bXhIciWs83g== x-fb-trip-id 1512268381 x-frame-options DENY date Fri, 28 Jan 2022 02:53:48 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	424319248117121 Show response connect.facebook.net/signals/config/	305 KB 88 KB	206ms 204ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/424319248117121?v=2.9.51&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d304f33b01ceadb698656816266fc94ad43eec6861569cc7dc563c29a25202dc Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug 84WG7rfGI+CjZDe5I/+wCWSI3naOp57DbmWjWXpwKLCvRunM2wlVe70gleZc168Bxzfw2G4WjtFjzCLc2JTH4A== x-fb-trip-id 1512268381 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Fri, 28 Jan 2022 02:53:49 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 215 B	36ms 34ms	XHR text/plain	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=330423763&t=pageview&_s=1&dl=https%3A%2F%2Fwww.financial-benefits.com%2F&ul=en-us&de=UTF-8&dt=Financial%20Benefits%2C%20Inc.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=693835082&gjid=646386233&cid=1878118297.1643338429&tid=UA-126655021-15&_gid=368085701.1643338429&_r=1&gtm=2wg1q0P7LM8CD&cd3=20666&cd4=Tamara%20Burke&cd5=GTM-P7LM8CD%20%7C%2096%20%7C%20Production&z=244559850 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.financial-benefits.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:48 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.financial-benefits.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.google-analytics.com/gtm/	87 KB 34 KB	62ms 38ms	Script application/javascript	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=OPT-KNT98M5&t=gtm6&cid=1878118297.1643338429 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fbae1ac359d63503b1d0a22f52bcf51295d57e3c1e42d134d0e5a1478575fe30 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34755 x-xss-protection 0 last-modified Fri, 28 Jan 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 28 Jan 2022 02:53:49 GMT
GET H2	200	/ p.adsymptotic.com/d/px/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2204492&time=1643338428996&url=https%3A%2F%2Fwww.financial-benefits.com%2F https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2204492&time=1643338428996&url=https%3A%2F%2Fwww.financial-benefits.com%2F&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2204492%26time%3D1643338428996%26url%3Dhttps%253A%252F%252Fwww.financial-benefits... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2204492&time=1643338428996&url=https%3A%2F%2Fwww.financial-benefits.com%2F&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2204492&time=1643338428996&url=https%3A%2F%2Fwww.financial-benefits.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLKiHHJbTy47wAAAX6emnRbF6DOmP-M1i... https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=575b02c5-28ff-4945-a8f7-d6a739d68b15 https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=575b02c5-28ff-4945-a8f7-d6a739d68b15&_expected_cookie=db671ff10a7a25b151a435b9...	43 B 142 B	56ms 56ms	Image image/gif	104.18.100.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=575b02c5-28ff-4945-a8f7-d6a739d68b15&_expected_cookie=db671ff10a7a25b151a435b961962697 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Server 104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6d46eec299c15413-YYZ p3p CP='NON DSP COR CONi OUR BUS CNT' content-type image/gif content-length 43 Redirect headers location https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=575b02c5-28ff-4945-a8f7-d6a739d68b15&_expected_cookie=db671ff10a7a25b151a435b961962697 date Fri, 28 Jan 2022 02:53:49 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6d46eec249205413-YYZ content-length 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/1002939772/	2 KB 1 KB	65ms 35ms	Script text/javascript	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/1002939772/?random=1643338428999&cv=9&fst=1643338428999&num=1&value=0&label=PpnuCOuK75MBEPzKnt4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash 4364d11fc3fe55fb1ad9c12cd8a88cc8474c9d4d5377bab30aebac5169481e39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1212 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/972413919/	2 KB 1 KB	64ms 37ms	Script text/javascript	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/972413919/?random=1643338429004&cv=9&fst=1643338429004&num=1&value=0&label=pwQdCKbR04kCEN-3188D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash 9793f462ee409123a321f5625a66a9fdc7ba393af230efee465329446af31ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1204 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/941985878/	2 KB 2 KB	91ms 40ms	Script text/javascript	2607:f8b0:4006:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941985878/?random=1643338429009&cv=9&fst=1643338429009&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cf53a847b57bd1c9792ea1f888a1f06b82466a75123c7fe0fd2bb96849160a3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1016 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 450 B	131ms 52ms	XHR text/plain	2607:f8b0:4023:1407::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126655021-15&cid=1878118297.1643338429&jid=693835082&gjid=646386233&_gid=368085701.1643338429&_u=YEBAAEACQAAAAC~&z=315390266 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1407::9d Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.financial-benefits.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 28 Jan 2022 02:53:49 GMT content-type text/plain access-control-allow-origin https://www.financial-benefits.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.ca/pagead/1p-conversion/1002939772/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1002939772/?random=1350485524&cv=9&fst=1643338428999&num=1&value=0&label=PpnuCOuK75MBEPzKnt4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200... https://www.google.com/pagead/1p-conversion/1002939772/?random=1350485524&cv=9&fst=1643338428999&num=1&value=0&label=PpnuCOuK75MBEPzKnt4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u... https://www.google.ca/pagead/1p-conversion/1002939772/?random=1350485524&cv=9&fst=1643338428999&num=1&value=0&label=PpnuCOuK75MBEPzKnt4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...	42 B 64 B	42ms 41ms	Image image/gif	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-conversion/1002939772/?random=1350485524&cv=9&fst=1643338428999&num=1&value=0&label=PpnuCOuK75MBEPzKnt4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=vVrzYb-WA5mToPMP4cWmOA&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5ooJcxmPUb0BOOU-pw2zCA4xIRcB0pT2FM&random=960746000&resp=GooglemKTybQhCsO&ipr=y&prhg=0 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H3 Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.ca/pagead/1p-conversion/1002939772/?random=1350485524&cv=9&fst=1643338428999&num=1&value=0&label=PpnuCOuK75MBEPzKnt4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=vVrzYb-WA5mToPMP4cWmOA&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5ooJcxmPUb0BOOU-pw2zCA4xIRcB0pT2FM&random=960746000&resp=GooglemKTybQhCsO&ipr=y&prhg=0 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.ca/pagead/1p-conversion/972413919/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972413919/?random=1030084204&cv=9&fst=1643338429004&num=1&value=0&label=pwQdCKbR04kCEN-3188D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&... https://www.google.com/pagead/1p-conversion/972413919/?random=1030084204&cv=9&fst=1643338429004&num=1&value=0&label=pwQdCKbR04kCEN-3188D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_... https://www.google.ca/pagead/1p-conversion/972413919/?random=1030084204&cv=9&fst=1643338429004&num=1&value=0&label=pwQdCKbR04kCEN-3188D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...	42 B 64 B	40ms 40ms	Image image/gif	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-conversion/972413919/?random=1030084204&cv=9&fst=1643338429004&num=1&value=0&label=pwQdCKbR04kCEN-3188D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vVrzYYKaA8uTxAO8p6yQDg&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5o27frnEKrzyL4A7N9-DrSjFay1MeBWSDM&random=3288839160&resp=GooglemKTybQhCsO&ipr=y&prhg=0 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H3 Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.ca/pagead/1p-conversion/972413919/?random=1030084204&cv=9&fst=1643338429004&num=1&value=0&label=pwQdCKbR04kCEN-3188D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&auid=1641264557.1643338429&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vVrzYYKaA8uTxAO8p6yQDg&eitems=ChEIgKLJjwYQ7pXLh4O23JTYARIdAJbxL5o27frnEKrzyL4A7N9-DrSjFay1MeBWSDM&random=3288839160&resp=GooglemKTybQhCsO&ipr=y&prhg=0 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/941985878/	42 B 548 B	91ms 39ms	Image image/gif	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/941985878/?random=1643338429009&cv=9&fst=1643335200000&num=1&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&async=1&fmt=3&is_vtc=1&random=252447463&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ca/pagead/1p-user-list/941985878/	42 B 548 B	91ms 40ms	Image image/gif	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/941985878/?random=1643338429009&cv=9&fst=1643335200000&num=1&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Fwww.financial-benefits.com%2F&tiba=Financial%20Benefits%2C%20Inc.&async=1&fmt=3&is_vtc=1&random=252447463&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	logo-top-small.png www.financial-benefits.com/files/20666/	4 KB 4 KB	267ms 265ms	Image image/webp	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.financial-benefits.com/files/20666/logo-top-small.png Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a6399a2d062f754938dcb5660569c925489afaabe3e8037af40cc3148c06a11 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com etag "2049e33d9890d21:0" cf-cache-status REVALIDATED cf-polished origFmt=png, origSize=23089 content-disposition inline; filename="logo-top-small.webp" content-length 3846 x-ua-compatible IE=edge,chrome=1 last-modified Mon, 27 Feb 2017 01:24:29 GMT server cloudflare date Fri, 28 Jan 2022 02:53:49 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp accept-ranges bytes cf-ray 6d46eebe4e794003-YYZ cf-bgj imgq:100,h2pri
GET H2	200	footer-logo.png www.financial-benefits.com/files/20666/	3 KB 3 KB	285ms 283ms	Image image/webp	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.financial-benefits.com/files/20666/footer-logo.png Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab0727d6c0bd70bcac8561c15b5c655d16214d7f29ad21bb1baf129f911830d0 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com etag "b09a5a89890d21:0" cf-cache-status REVALIDATED cf-polished origFmt=png, origSize=5790 content-disposition inline; filename="footer-logo.webp" content-length 3066 x-ua-compatible IE=edge,chrome=1 last-modified Mon, 27 Feb 2017 01:22:59 GMT server cloudflare date Fri, 28 Jan 2022 02:53:49 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp accept-ranges bytes cf-ray 6d46eebe4e7d4003-YYZ cf-bgj imgq:100,h2pri
GET H2	200	nature-image-dark.jpg www.financial-benefits.com/files/20666/	384 KB 384 KB	140ms 139ms	Image image/jpeg	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.financial-benefits.com/files/20666/nature-image-dark.jpg Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/files/20666/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f6e2bf174ecbd49968b478c1975771ecd0e6a5677af7edde7a1ea703d24a4ff Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/files/20666/custom.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-cache-status EXPIRED last-modified Mon, 27 Feb 2017 01:25:11 GMT server cloudflare etag "706c38579890d21:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg date Fri, 28 Jan 2022 02:53:49 GMT accept-ranges bytes cf-ray 6d46eebe4e884003-YYZ content-length 392822 x-ua-compatible IE=edge,chrome=1
GET H2	200	orange-arrow-down.png www.financial-benefits.com/files/20666/	198 B 402 B	269ms 269ms	Image image/webp	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.financial-benefits.com/files/20666/orange-arrow-down.png Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/files/20666/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28b8315bcb543c3eb225608db98b74aeda9260790f5e0901cf07b1ef6471e607 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/files/20666/custom.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com etag "201995759890d21:0" cf-cache-status REVALIDATED cf-polished origFmt=png, origSize=491 content-disposition inline; filename="orange-arrow-down.webp" content-length 198 x-ua-compatible IE=edge,chrome=1 last-modified Mon, 27 Feb 2017 01:26:02 GMT server cloudflare date Fri, 28 Jan 2022 02:53:49 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp accept-ranges bytes cf-ray 6d46eebe5e8a4003-YYZ cf-bgj imgq:100,h2pri
GET H2	200	callouts-background.png www.financial-benefits.com/files/20666/	2 MB 2 MB	291ms 291ms	Image image/webp	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.financial-benefits.com/files/20666/callouts-background.png Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/files/20666/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10c1a855ef3acd2e1ad48acc0afea66103088c607ca80baee38d2cc8233ee8c1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/files/20666/custom.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com etag "e09a5e79790d21:0" cf-cache-status REVALIDATED cf-polished origFmt=png, origSize=2638497 content-disposition inline; filename="callouts-background.webp" content-length 1819756 x-ua-compatible IE=edge,chrome=1 last-modified Mon, 27 Feb 2017 01:22:04 GMT server cloudflare date Fri, 28 Jan 2022 02:53:49 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp accept-ranges bytes cf-ray 6d46eebe5ebe4003-YYZ cf-bgj imgq:100,h2pri
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v21/	30 KB 31 KB	68ms 20ms	Font font/woff2	2607:f8b0:4006:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.financial-benefits.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 25 Jan 2022 19:32:28 GMT x-content-type-options nosniff age 199281 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30876 x-xss-protection 0 last-modified Tue, 11 Jan 2022 19:19:51 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 25 Jan 2023 19:32:28 GMT
GET H2	200	4iCs6KVjbNBYlgoKfw72.woff2 fonts.gstatic.com/s/ubuntu/v19/	34 KB 34 KB	103ms 55ms	Font font/woff2	2607:f8b0:4006:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v19/4iCs6KVjbNBYlgoKfw72.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.financial-benefits.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 19:35:34 GMT x-content-type-options nosniff age 112695 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34852 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:56:27 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 19:35:34 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff2 s3-us-west-2.amazonaws.com/primeagentmarketing/library/fontawesome/4.3.0/fonts/	55 KB 56 KB	359ms 103ms	Font application/octet-stream	52.218.181.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/primeagentmarketing/library/fontawesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 Requested by Host: s3-us-west-2.amazonaws.com URL: https://s3-us-west-2.amazonaws.com/primeagentmarketing/library/fontawesome/4.3.0/css/font-awesome.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.181.80 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c Request headers Referer https://s3-us-west-2.amazonaws.com/primeagentmarketing/library/fontawesome/4.3.0/css/font-awesome.min.css Origin https://www.financial-benefits.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:53:50 GMT Last-Modified Mon, 26 Jan 2015 20:57:28 GMT Server AmazonS3 x-amz-request-id XKGTBHA71E64953P ETag "97493d3f11c0a3bd5cbd959f5d19b699" Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Content-Type application/octet-stream Access-Control-Allow-Origin * Access-Control-Max-Age 3000 Cache-Control max-age=31536000 Accept-Ranges bytes Content-Length 56780 x-amz-id-2 sbMsSSabAbLEvMnbz/f/ttmLhakRNDqKoMRrU2OfTpbgQBAwltHNUL1XUd9u+RFZP3bJyywe2LY=
GET H2	200	4iCv6KVjbNBYlgoC1CzjsGyN.woff2 fonts.gstatic.com/s/ubuntu/v19/	38 KB 38 KB	87ms 40ms	Font font/woff2	2607:f8b0:4006:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v19/4iCv6KVjbNBYlgoC1CzjsGyN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.financial-benefits.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 19:39:10 GMT x-content-type-options nosniff age 112479 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38752 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:56:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 19:39:10 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	66ms 38ms	Image image/gif	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126655021-15&cid=1878118297.1643338429&jid=693835082&_u=YEBAAEACQAAAAC~&z=1893820552 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	64ms 37ms	Image image/gif	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126655021-15&cid=1878118297.1643338429&jid=693835082&_u=YEBAAEACQAAAAC~&z=1893820552 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:53:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	292386831988893 Show response connect.facebook.net/signals/config/	305 KB 87 KB	139ms 139ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/292386831988893?v=2.9.51&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e1179a1933dfd0f350dba8a93fcbbdf8baee1cc77d20c6d1084660ba552389ee Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug U92ZQwMYasdplCAxjbAgIBxeRAgjXDhDkMqvH4x2WA2OpNUyhrvWrfNdZ2PiugJ38fXX+Wv/uS8yvD2Ri11ssA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 28 Jan 2022 02:53:49 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 408 B	61ms 20ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=424319248117121&ev=PageView&dl=https%3A%2F%2Fwww.financial-benefits.com%2F&rl=&if=false&ts=1643338429280&sw=1600&sh=1200&v=2.9.51&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1643338429279.1010545737&it=1643338428956&coo=false&exp=p1&rqm=GET Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Fri, 28 Jan 2022 02:53:49 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	38ms 18ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=292386831988893&ev=PageView&dl=https%3A%2F%2Fwww.financial-benefits.com%2F&rl=&if=false&ts=1643338429479&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643338429279.1010545737&it=1643338428956&coo=false&exp=p1&rqm=GET Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Fri, 28 Jan 2022 02:53:49 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	19ms 19ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=424319248117121&ev=Microdata&dl=https%3A%2F%2Fwww.financial-benefits.com%2F&rl=&if=false&ts=1643338429783&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Financial%20Benefits%2C%20Inc.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Financial%20Benefits%20Inc.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1643338429279.1010545737&it=1643338428956&coo=false&es=automatic&tm=3&exp=p1&rqm=GET Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Fri, 28 Jan 2022 02:53:49 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	20ms 19ms	Image image/gif	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=330423763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.financial-benefits.com%2F&ul=en-us&de=UTF-8&dt=Financial%20Benefits%2C%20Inc.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=25&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=1878118297.1643338429&tid=UA-126655021-15&_gid=368085701.1643338429&gtm=2wg1q0P7LM8CD&cd3=20666&cd4=Tamara%20Burke&cd5=GTM-P7LM8CD%20%7C%2096%20%7C%20Production&z=327326937 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Thu, 27 Jan 2022 11:55:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 53917 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	19ms 19ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=292386831988893&ev=Microdata&dl=https%3A%2F%2Fwww.financial-benefits.com%2F&rl=&if=false&ts=1643338429981&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Financial%20Benefits%2C%20Inc.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Financial%20Benefits%20Inc.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643338429279.1010545737&it=1643338428956&coo=false&es=automatic&tm=3&exp=p1&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:49 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Fri, 28 Jan 2022 02:53:49 GMT
GET H2	200	brokerCheck2.css www.financial-benefits.com/include/css/broker-check/	5 KB 1 KB	280ms 279ms	Stylesheet text/css	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/css/broker-check/brokerCheck2.css?v30.11.2016 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/include/js/brokerCheck2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36bdb34aaf88619fb3a6b14600f65909d58df29319ad4af861a6935e13a31fe2 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.financial-benefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:50 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 16 Apr 2021 22:21:45 GMT server cloudflare etag W/"80624de2e33d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cf-polished origSize=6033 content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-bgj minify cf-ray 6d46eec479c64003-YYZ x-ua-compatible IE=edge,chrome=1
GET H2	200	fontawesome-webfont.woff2 www.financial-benefits.com/include/css/font-awesome/fonts/	75 KB 76 KB	181ms 181ms	Font application/font-woff2	162.159.130.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.financial-benefits.com/include/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: www.financial-benefits.com URL: https://www.financial-benefits.com/include/css/font-awesome/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com Request headers Referer https://www.financial-benefits.com/include/css/font-awesome/css/font-awesome.min.css Origin https://www.financial-benefits.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://admin.emeraldconnect.com https://admin2.emeraldconnect.com cf-cache-status REVALIDATED last-modified Thu, 03 Aug 2017 21:25:35 GMT server cloudflare etag "803122b9fcd31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff2 date Fri, 28 Jan 2022 02:53:50 GMT accept-ranges bytes cf-ray 6d46eec64d6f4003-YYZ content-length 77160 x-ua-compatible IE=edge,chrome=1