urlscan.io logo urlscan.io
SecurityTrails logo

benefitsdepot.net Open in urlscan Pro
209.212.148.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://voluptateqrgts.cartyr.de/rd/u3981gPvDR1188952eeOT54548Eig2499nQCw988
Effective URL: https://benefitsdepot.net/unsubscribe.php
Submission: On January 25 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 7 countries across 44 domains to perform 102 HTTP transactions. The main IP is 209.212.148.3, located in Arlington Heights, United States and belongs to ASN-GIGENET, US. The main domain is benefitsdepot.net.
TLS certificate: Issued by R3 on January 21st 2021. Valid for: 3 months.
This is the only time benefitsdepot.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 78.47.101.54 24940 (HETZNER-AS)
1 1 45.148.9.118 396073 (MAJESTIC-...)
9 209.212.148.3 32181 (ASN-GIGENET)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
1 199.232.196.134 54113 (FASTLY)
2 13.224.102.51 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21a... 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
2 52.71.17.67 14618 (AMAZON-AES)
1 2600:9000:219... 16509 (AMAZON-02)
2 3.124.48.224 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 52.36.160.118 16509 (AMAZON-02)
4 172.217.18.2 15169 (GOOGLE)
2 44.239.227.210 16509 (AMAZON-02)
1 216.52.2.48 30282 (AS-INAPCD...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 178.162.133.150 60781 (LEASEWEB-...)
2 2.18.234.21 16625 (AKAMAI-AS)
4 52.4.152.106 14618 (AMAZON-AES)
1 213.19.147.210 26120 (RHYTHMONE)
5 2606:2800:233... 15133 (EDGECAST)
1 185.255.84.151 200271 (IGUANE-)
2 18.184.181.235 16509 (AMAZON-02)
1 185.33.221.91 29990 (ASN-APPNEX)
3 13.224.103.105 16509 (AMAZON-02)
2 18.211.165.214 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.130 16625 (AKAMAI-AS)
1 52.22.61.253 14618 (AMAZON-AES)
1 104.16.190.66 13335 (CLOUDFLAR...)
1 104.17.120.107 13335 (CLOUDFLAR...)
2 2.18.233.180 16625 (AKAMAI-AS)
1 23.37.42.132 16625 (AKAMAI-AS)
1 104.111.242.245 16625 (AKAMAI-AS)
1 1 13.224.102.11 16509 (AMAZON-02)
1 2 18.185.82.201 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 3.229.183.84 14618 (AMAZON-AES)
4 208.100.17.181 32748 (STEADFAST)
102 52
2    78.47.101.54 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.54.101.47.78.clients.your-server.de
voluptateqrgts.cartyr.de
1    45.148.9.118 (None, )

ASN396073 (MAJESTIC-HOSTING-01, US)
www.fopiwino.com
9    209.212.148.3 (Arlington Heights, United States)

ASN32181 (ASN-GIGENET, US)
PTR: ip-209.212.148.3.hosted.by.gigenet.com
benefitsdepot.net
2    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2190:f800:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-api.sharethis.com
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
benefitsdepot-net.disqus.com
2    13.224.102.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-51.zrh50.r.cloudfront.net
api.pushnami.com
3    2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2190:3000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:21a8:e000:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    52.71.17.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
trc.pushnami.com
1    2600:9000:2190:3e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    3.124.48.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    52.36.160.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
usync.proper.io
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
securepubads.g.doubleclick.net
2    44.239.227.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
bids.proper.io
1    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
apex.go.sonobi.com
2    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
js-sec.indexww.com
4    52.4.152.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ssc.33across.com
1    213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
5    2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)
adserver-us.adtech.advertising.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    18.184.181.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pre.ads.justpremium.com
1    185.33.221.91 (Netherlands)

ASN29990 (ASN-APPNEX, US)
ib.adnxs.com
3    13.224.103.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net
c.amazon-adsystem.com
2    18.211.165.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
psp.pushnami.com
4    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
pagead2.googlesyndication.com
1    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
47816f839ddc8a86cc85fb643c61aeee.safeframe.googlesyndication.com
9    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    52.22.61.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mantodea.mantisadnetwork.com
1    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
1    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.37.42.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    13.224.102.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-11.zrh50.r.cloudfront.net
ib.3lift.com
2    18.185.82.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
1    2600:9000:2190:c800:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
1    3.229.183.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
4    208.100.17.181 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip181.208-100-17.static.steadfastdns.net
de.tynt.com
Apex Domain
Subdomains		 Transfer
13 googlesyndication.com
47816f839ddc8a86cc85fb643c61aeee.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
79 KB
9 benefitsdepot.net
benefitsdepot.net
165 KB
6 proper.io
global.proper.io
usync.proper.io
bids.proper.io
eb.proper.io
87 KB
6 pushnami.com
api.pushnami.com
trc.pushnami.com
psp.pushnami.com
12 KB
5 ampproject.org
cdn.ampproject.org
96 KB
5 advertising.com
adserver-us.adtech.advertising.com
711 B
5 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
127 KB
4 tynt.com
de.tynt.com
4 33across.com
ssc.33across.com
3 KB
4 sharethis.com
platform-api.sharethis.com
buttons-config.sharethis.com
l.sharethis.com
33 KB
3 3lift.com
ib.3lift.com
eb2.3lift.com
638 B
3 amazon-adsystem.com
c.amazon-adsystem.com
34 KB
2 pubmatic.com
ads.pubmatic.com
2 google.com
adservice.google.com
www.google.com
265 B
2 adnxs.com
ib.adnxs.com
acdn.adnxs.com
714 B
2 justpremium.com
pre.ads.justpremium.com
253 B
2 yahoo.com
ups.analytics.yahoo.com
1 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
31 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
38 KB
2 cartyr.de
voluptateqrgts.cartyr.de
594 B
1 bfmio.com
sync.bfmio.com
1 undertone.com
cdn.undertone.com
1 teads.tv
sync.teads.tv
1 rubiconproject.com
eus.rubiconproject.com
1 brealtime.com
biddr.brealtime.com
1 districtm.io
cdn.districtm.io
1 mantisadnetwork.com
mantodea.mantisadnetwork.com
1 indexww.com
js-sec.indexww.com
1 google.nl
adservice.google.nl
803 B
1 omnitagjs.com
hb-api.omnitagjs.com
866 B
1 1rx.io
tag.1rx.io
274 B
1 casalemedia.com
as-sec.casalemedia.com
2 KB
1 sonobi.com
apex.go.sonobi.com
796 B
1 criteo.com
bidder.criteo.com
147 B
1 lijit.com
ap.lijit.com
729 B
1 quantcount.com
rules.quantcount.com
346 B
1 consensu.org
c.sharethis.mgr.consensu.org
1 gstatic.com
fonts.gstatic.com
42 KB
1 disqus.com
benefitsdepot-net.disqus.com
2 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
1 cloudflare.com
cdnjs.cloudflare.com
7 KB
1 fopiwino.com
www.fopiwino.com
187 B
102 44
Domain Requested by
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
benefitsdepot.net
tpc.googlesyndication.com
cdn.ampproject.org
9 benefitsdepot.net voluptateqrgts.cartyr.de
benefitsdepot.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 adserver-us.adtech.advertising.com global.proper.io
4 de.tynt.com global.proper.io
4 ssc.33across.com global.proper.io
4 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
benefitsdepot.net
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com global.proper.io
c.amazon-adsystem.com
2 eb2.3lift.com 1 redirects global.proper.io
2 ads.pubmatic.com global.proper.io
2 psp.pushnami.com api.pushnami.com
2 pre.ads.justpremium.com global.proper.io
2 bids.proper.io global.proper.io
2 ups.analytics.yahoo.com 2 redirects
2 l.sharethis.com platform-api.sharethis.com
benefitsdepot.net
2 trc.pushnami.com api.pushnami.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 global.proper.io benefitsdepot.net
global.proper.io
2 api.pushnami.com benefitsdepot.net
api.pushnami.com
2 maxcdn.bootstrapcdn.com benefitsdepot.net
2 voluptateqrgts.cartyr.de 1 redirects
1 sync.bfmio.com global.proper.io
1 cdn.undertone.com global.proper.io
1 ib.3lift.com 1 redirects
1 sync.teads.tv global.proper.io
1 eus.rubiconproject.com global.proper.io
1 biddr.brealtime.com global.proper.io
1 cdn.districtm.io global.proper.io
1 mantodea.mantisadnetwork.com global.proper.io
1 js-sec.indexww.com global.proper.io
1 acdn.adnxs.com global.proper.io
1 googleads.g.doubleclick.net benefitsdepot.net
1 www.google.com 1 redirects
1 47816f839ddc8a86cc85fb643c61aeee.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 eb.proper.io global.proper.io
1 ib.adnxs.com global.proper.io
1 hb-api.omnitagjs.com global.proper.io
1 tag.1rx.io global.proper.io
1 as-sec.casalemedia.com global.proper.io
1 apex.go.sonobi.com global.proper.io
1 bidder.criteo.com global.proper.io
1 ap.lijit.com global.proper.io
1 usync.proper.io benefitsdepot.net
1 pixel.quantserve.com benefitsdepot.net
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com global.proper.io
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 fonts.gstatic.com fonts.googleapis.com
1 benefitsdepot-net.disqus.com benefitsdepot.net
1 platform-api.sharethis.com benefitsdepot.net
1 www.googletagmanager.com benefitsdepot.net
1 fonts.googleapis.com benefitsdepot.net
1 cdnjs.cloudflare.com benefitsdepot.net
1 ajax.googleapis.com benefitsdepot.net
1 www.fopiwino.com 1 redirects
102 59

This site contains links to these domains. Also see Links.

Domain
proper.io
Subject Issuer Validity Valid
benefitsdepot.net
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
sharethis.com
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.pushnami.com
Amazon		 2020-05-16 -
2021-06-16		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
sharethis.mgr.consensu.org
Amazon		 2020-05-05 -
2021-06-05		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-17 -
2021-02-14		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2019-02-01 -
2021-02-04		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.adtech.advertising.com
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2021-06-18		 a year crt.sh
tracking.justpremium.com
Amazon		 2020-11-26 -
2021-12-25		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.google.nl
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2020-01-02 -
2021-04-02		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2020-11-13 -
2021-12-12		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2020-02-26 -
2021-05-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-05 -
2022-01-18		 a year crt.sh
teads.tv
Let's Encrypt Authority X3		 2020-11-19 -
2021-02-17		 3 months crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.undertone.com
Amazon		 2020-12-11 -
2022-01-09		 a year crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh

This page contains 22 frames:

Primary Page: https://benefitsdepot.net/unsubscribe.php
Frame ID: 104C8D3E00EC42EFBA8AFBD910242D2D
Requests: 66 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 1657158CC53FA8D0DC14642168BEFDB0
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 15A555F0F5B85856F223535B9A0A7395
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: ED0398B6416E51580A74E67AFE90370E
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 630A83D8D504E9A6AE16E6F843AF6B0F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 2E5A890196DF8FEEC960999F172F2409
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0F98B6BA0D1F10940116674F63BCCF9F
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?referrer=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988&tz=-60&buster=1611534001984&secure=true&version=9&mobile=false&title=BenefitsDepot&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php
Frame ID: 5556D9D0264A508C2CEBAECB5A96264D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: A02915054F9B59F1863DB457A04530AF
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 3DBB6A8A2473674F2BD9924F13B2498C
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=aw0g1jd1611534002077
Frame ID: 5EFEA2F223E05B7F06BEAE880A6711B9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7A06DDB8DEF0C3438BBBD80AC2CC75A9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 471BF7B6769A349EED9399B971B10CA0
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Frame ID: E73764D43CDDFEEF680B50A58851147A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: F4896E1670E9B2B883C25187E7038DBF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 4525F01D751AB3E5DA8E336DF8B4817C
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Frame ID: F4FE63E61C83E99FB84EFC8ED5AD7DEE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1802B29E6A51832209A76D9911690C02
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cyKUv-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: E6FB07C4AB8A9198C0EF754C1D8BA7A3
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=chtZg-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 556CBD6FE52D0C2F5FD9CC17805A338D
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=crfUxYicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 8E66E1DAC14E0306FE98481633790B08
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cofIPsicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 77B190BBCDA15E913082A7387063975C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://voluptateqrgts.cartyr.de/rd/u3981gPvDR1188952eeOT54548Eig2499nQCw988 Page URL
  2. http://voluptateqrgts.cartyr.de/track/u3981gPvDR1188952eeOT54548Eig2499nQCw988 HTTP 302
    https://www.fopiwino.com/HbHYo6iEPSK5N_GOn50kIAFxksiccJ3E35jqyE1J2Is1Zm2PrVx01GeKUz0fSligH68_w4S0iOzf... HTTP 302
    https://benefitsdepot.net/unsubscribe.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

102
Requests

99 %
HTTPS

40 %
IPv6

44
Domains

59
Subdomains

52
IPs

7
Countries

829 kB
Transfer

2250 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://voluptateqrgts.cartyr.de/rd/u3981gPvDR1188952eeOT54548Eig2499nQCw988 Page URL
  2. http://voluptateqrgts.cartyr.de/track/u3981gPvDR1188952eeOT54548Eig2499nQCw988 HTTP 302
    https://www.fopiwino.com/HbHYo6iEPSK5N_GOn50kIAFxksiccJ3E35jqyE1J2Is1Zm2PrVx01GeKUz0fSligH68_w4S0iOzfM5gwGWsNsw~~/ HTTP 302
    https://benefitsdepot.net/unsubscribe.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_2e29c431_e8ea294f_1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_2e29c431_e8ea294f_1&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-w3yferx1l2ZErav9Hjxgp2qVVfpghR.w
Request Chain 77
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 94
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1

102 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
u3981gPvDR1188952eeOT54548Eig2499nQCw988
voluptateqrgts.cartyr.de/rd/ 		231 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
http://voluptateqrgts.cartyr.de/rd/u3981gPvDR1188952eeOT54548Eig2499nQCw988
Protocol
HTTP/1.1
Server
78.47.101.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.101.47.78.clients.your-server.de
Software
/
Resource Hash
713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420

Request headers

Host
voluptateqrgts.cartyr.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Date
Mon, 25 Jan 2021 00:20:00 GMT
Content-Length
231
Primary Request unsubscribe.php
benefitsdepot.net/
Redirect Chain
  • http://voluptateqrgts.cartyr.de/track/u3981gPvDR1188952eeOT54548Eig2499nQCw988
  • https://www.fopiwino.com/HbHYo6iEPSK5N_GOn50kIAFxksiccJ3E35jqyE1J2Is1Zm2PrVx01GeKUz0fSligH68_w4S0iOzfM5gwGWsNsw~~/
  • https://benefitsdepot.net/unsubscribe.php
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefitsdepot.net/unsubscribe.php
Requested by
Host: voluptateqrgts.cartyr.de
URL: http://voluptateqrgts.cartyr.de/rd/u3981gPvDR1188952eeOT54548Eig2499nQCw988
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
1ca297fe6f6f7d45f34c83d936bda5ddd7b73f7e19d694abbe6dbf0365caa5b4

Request headers

Host
benefitsdepot.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://voluptateqrgts.cartyr.de/rd/u3981gPvDR1188952eeOT54548Eig2499nQCw988
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://voluptateqrgts.cartyr.de/rd/u3981gPvDR1188952eeOT54548Eig2499nQCw988

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=76534d25ba700ac67376440159e659fc; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
2741
content-type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 25 Jan 2021 00:20:00 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Server
Apache
Location
https://benefitsdepot.net/unsubscribe.php
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Feb 2019 16:40:50 GMT
etag
"1550076050"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23237
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 24 Jan 2021 18:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20179
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Jan 2022 18:43:42 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2578950
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
6646
cf-request-id
07d8827cf700004aa300b03000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5kN0hzJlNRMG9h2HXtw8HVL9qptm6xANa3HhU4q3wRpUQKPqbAmHx7vN3j8UsodeiS%2FeMB5OSREFWHPSlgHEVqYWe5Fn%2BjXRng6Gn6SLg%2BUoZx9%2BNFk48AUou0lbdxDWDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
616dd374ba0d4aa3-FRA
expires
Sat, 15 Jan 2022 00:20:01 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Feb 2019 16:40:57 GMT
etag
"1550076057"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15434
css
fonts.googleapis.com/ 		11 KB
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:200,300,400,500,600,700,800
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f9a3ff3d381edd73e8898ddb7d5c705a5adb948e867e5121e4b662729b44805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jan 2021 00:20:01 GMT
server
ESF
date
Mon, 25 Jan 2021 00:20:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jan 2021 00:20:01 GMT
styles.css
benefitsdepot.net/templates/benefitsdepot.net/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefitsdepot.net/templates/benefitsdepot.net/css/styles.css
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
b7b8981cb6f6936f083e3fa8007621bbf153e4c095f11881fa2014bd4a93b518

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
gzip
last-modified
Mon, 05 Oct 2020 17:43:48 GMT
server
Apache
etag
"4ebb-5b0f00655c233-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4335
validationEngine.jquery.css
benefitsdepot.net/templates/benefitsdepot.net/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefitsdepot.net/templates/benefitsdepot.net/css/validationEngine.jquery.css
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
6d2aa54ef6bb1e80e434d3f3e6deb04a463a35e651b9403f8a80445289281d98

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 16:16:24 GMT
server
Apache
etag
"c50-5aa7d3ec2540f-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
772
jquery.validationEngine-en.js
benefitsdepot.net/templates/benefitsdepot.net/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitsdepot.net/templates/benefitsdepot.net/js/jquery.validationEngine-en.js
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
1dea0bd907087e7d6b4ae0622fa75ee4e9ae8ff7cc7e77a163b172a0125b1775

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 16:16:27 GMT
server
Apache
etag
"2910-5aa7d3ef5212e-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2419
jquery.validationEngine.js
benefitsdepot.net/templates/benefitsdepot.net/js/ 		69 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitsdepot.net/templates/benefitsdepot.net/js/jquery.validationEngine.js
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
6d90c9d8fbe47d5b256ed4de4bc18965b9f817c7436f94cba20bf56fc41b754a

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 16:32:28 GMT
server
Apache
etag
"114cf-5aa7d783a4ef2-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
17387
tipped.js
benefitsdepot.net/templates/benefitsdepot.net/js/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitsdepot.net/templates/benefitsdepot.net/js/tipped.js
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
7b0fc94d83150b73dc566b933bc5c823621e210de6d45621d1101207202d0a15

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 16:16:27 GMT
server
Apache
etag
"12680-5aa7d3ef66442-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
19556
tipped.css
benefitsdepot.net/templates/benefitsdepot.net/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefitsdepot.net/templates/benefitsdepot.net/css/tipped.css
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
aa892a3e8ae2d858596e031c41aa9c5368d94d5da554a4dd4cf10ae942df4377

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 16:32:28 GMT
server
Apache
etag
"3508-5aa7d783daaa2-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2833
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-149686528-2
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4ba508d250f496d94821e970ca0d869e34c177f3946b15b1e69115391090aa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39651
x-xss-protection
0
last-modified
Mon, 25 Jan 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Jan 2021 00:20:01 GMT
sharethis.js
platform-api.sharethis.com/js/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:f800:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
df35edbdf585ab9f21871115b309fb4cde4be9d754c210dfd27ccec1e0ada438

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:19:51 GMT
content-encoding
gzip
age
15
etag
W/"191bd-bQk8hnBWEQ7QwKDv8KfmtTJHF7U"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Gs-lFlY1_iBz-j-3eFIFqo2UN56umIyXPcGRCbvynWw50vbRbEGiEA==
site-logo.svg
benefitsdepot.net/templates/benefitsdepot.net/images/svg/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefitsdepot.net/templates/benefitsdepot.net/images/svg/site-logo.svg
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
8a93db4b3a7d15238afd1eb9ead3c0240331aa89319992be45229491642043c8

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
last-modified
Wed, 15 Jul 2020 16:16:27 GMT
server
Apache
accept-ranges
bytes
etag
"1351-5aa7d3ef2a114"
content-length
4945
content-type
image/svg+xml
count.js
benefitsdepot-net.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitsdepot-net.disqus.com/count.js
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 00:20:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1132499
P3P
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 08 Jan 2021 01:56:33 GMT
Server
nginx
ETag
"5ff7bbd1-367"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW55-C3
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
O70auFTO4xj8Ki2t6Qc9G9ep4fHtfIpxtF9FeE5lVC5lVrLocvcYRQ==
5f5bf03e705e760013ae6eb6
api.pushnami.com/scripts/v1/pushnami-adv/ 		53 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-51.zrh50.r.cloudfront.net
Software
/
Resource Hash
f1dbffd2dc606444293988544c0d43edd5f2f538c89bc2b7484ea06e42af172c

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:14:03 GMT
via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
age
358
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
ZRH50-C1
content-encoding
gzip
x-amz-cf-id
57ophQualSpiSYzPKtP3JWRkR6uXIqyHqdmdf0uUYFB7mEMZy_YabA==
benefitsdepot.min.js
global.proper.io/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/benefitsdepot.min.js
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95fac9ed03caf2a7e9204389aacf59c252f499c19c025358f68c96dd4da74483

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Jan 2021 16:00:04 GMT
server
cloudflare
age
255141
etag
W/"5fff1904-3a83"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
616dd377ca744ac3-FRA
cf-request-id
07d8827edb00004ac307bb6000000001
expires
Mon, 25 Jan 2021 00:25:01 GMT
banner_bg1.jpg
benefitsdepot.net/templates/benefitsdepot.net/images/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefitsdepot.net/templates/benefitsdepot.net/images/banner_bg1.jpg
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/templates/benefitsdepot.net/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
b805694cd109a1a60f45b70d8afbaa5a38d4cacd290a6633175efa95559b1de4

Request headers

Referer
https://benefitsdepot.net/templates/benefitsdepot.net/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
last-modified
Wed, 15 Jul 2020 16:16:24 GMT
server
Apache
accept-ranges
bytes
etag
"1b3c4-5aa7d3ec80a3f"
content-length
111556
content-type
image/jpeg
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v18/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v18/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:200,300,400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://benefitsdepot.net
Referer
https://fonts.googleapis.com/css?family=Raleway:200,300,400,500,600,700,800
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 06:19:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2020 20:45:21 GMT
server
sffe
age
410426
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42444
x-xss-protection
0
expires
Thu, 20 Jan 2022 06:19:35 GMT
5d680a2b5fea9f001288d8cf.js
buttons-config.sharethis.com/js/ 		30 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5d680a2b5fea9f001288d8cf.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:03 GMT
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
etag
"e6e1643313740711175f51662a65b42f"
last-modified
Thu, 29 Aug 2019 17:23:57 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
30
x-amz-cf-id
uQUKGKKI1i--s23LBFr4TDkies7a1PpmYJ0RwUe8dddDhgSh7t_sNg==
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149686528-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3630
date
Sun, 24 Jan 2021 23:19:31 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 25 Jan 2021 01:19:31 GMT
latest.js
global.proper.io/payloads/ 		319 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/benefitsdepot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Jan 2021 15:33:24 GMT
server
cloudflare
age
978471
etag
W/"5fff12c4-4fbd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
616dd377faf64ac3-FRA
cf-request-id
07d8827eff00004ac31821e000000001
expires
Mon, 25 Jan 2021 00:25:01 GMT
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 1657 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a8:e000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
date
Sun, 24 Jan 2021 23:27:14 GMT
cache-control
max-age=3600, public
etag
W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 5da47734f496c05ba90c546c024fb779.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C2
x-amz-cf-id
zAUL-eUm4_vaULsI673GoW6me2rxS5AoOE5kTDGsB6BN4ZRWKu7-3A==
age
3167
collect
www.google-analytics.com/j/ 		1 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1379399740&t=pageview&_s=1&dl=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&dr=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988&ul=en-us&de=UTF-8&dt=BenefitsDepot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=583585550&gjid=525877727&cid=932578658.1611534002&tid=UA-149686528-2&_gid=2077591899.1611534002&_r=1&gtm=2ou1d0&z=1901488840
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://benefitsdepot.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
content-encoding
gzip
etag
"8q1rat7Mm9i+FVcOidF8/g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 01 Feb 2021 00:20:01 GMT
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://benefitsdepot.net/unsubscribe.php
key
5f5bf03e705e760013ae6eb6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 25 Jan 2021 00:20:02 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
content-length
2
access-control-expose-headers
WWW-Authenticate,Server-Authorization
track
trc.pushnami.com/api/push/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Server
52.71.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://benefitsdepot.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 25 Jan 2021 00:20:02 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age
86400
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:13:06 GMT
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 02:39:21 GMT
server
AmazonS3
age
419
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=3600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
49tvUuiY9t02La_4Yw_HavMCutcm-64Eza-V5Jzu3E5_0kWH6z1RJQ==
pview
l.sharethis.com/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=benefitsdepot.net&location=%2Funsubscribe.php&product=inline-share-buttons&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=BenefitsDepot&refQuery=rd&refDomain=voluptateqrgts.cartyr.de&cms=unknown&publisher=5d680a2b5fea9f001288d8cf&sop=true&bsamesite=true&consent_cookie_duration=107&consent_duration=107&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.48.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 00:20:02 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://benefitsdepot.net
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
log
l.sharethis.com/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/log?event=ibl&url=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988&fcmp=false&fcmpv2=false&has_segmentio=false&product=inline-share-buttons&publisher=5d680a2b5fea9f001288d8cf&source=sharethis.js&title=BenefitsDepot&ts=1611534002016&sop=true&consentDomain=.consensu.org&cms=unknown&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&description=
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.48.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 00:20:02 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
pixel;r=264882057;rf=0;uht=2;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php;ref=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988;fpan=1...
pixel.quantserve.com/ 		35 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=264882057;rf=0;uht=2;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php;ref=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988;fpan=1;fpa=P0-601547798-1611534002046;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;d=benefitsdepot.net;je=0;sr=1600x1200x24;dst=1;et=1611534002046;tzo=-60;ogl=
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_2e29c431_e8ea294f_1
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_2e29c431_e8ea294f_1&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-w3yferx1l2ZErav9Hjxgp2qVVfpghR.w
153 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-w3yferx1l2ZErav9Hjxgp2qVVfpghR.w
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.160.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
714a01a8d852f840a8eec70c1a4c24455fe3f1f907e2f2e4d20087be71d5ddb4

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jan 2021 00:20:02 GMT
server
nginx/1.18.0
content-length
153
content-type
text/javascript

Redirect headers

Date
Mon, 25 Jan 2021 00:20:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-w3yferx1l2ZErav9Hjxgp2qVVfpghR.w
Connection
keep-alive
Content-Length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
sffe /
Resource Hash
5fb8a456f52876edb64f93984fe24ef284cc592797998ba534581997bd74570e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"764 / 502 of 1000 / last-modified: 1611357242"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18840
x-xss-protection
0
expires
Mon, 25 Jan 2021 00:20:02 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.227.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 Jan 2021 00:20:02 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
bid
ap.lijit.com/rtb/ 		45 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5268e5ede4ca11c3d7e659e9a7dd351ec0aa17bc95abbace6d3704b79dfa90e

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 25 Jan 2021 00:20:02 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://benefitsdepot.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
65
cdb
bidder.criteo.com/ 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.26.0&cb=66936912871&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://benefitsdepot.net
date
Mon, 25 Jan 2021 00:20:01 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
trinity.json
apex.go.sonobi.com/ 		230 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22726e434278b6a37a271e%22%3A%22726e434278b6a37a271e%7C728x90%7C0.1%22%2C%227b3ebb944067407c4f8d%22%3A%227b3ebb944067407c4f8d%7C728x90%7C0.1%22%2C%2293c52263783760e6131b%22%3A%2293c52263783760e6131b%7C300x250%7C0.1%22%2C%22180a62a11e1e6fb33729%22%3A%22180a62a11e1e6fb33729%7C300x250%7C0.1%22%2C%22c64208992de69ffcbb43%22%3A%22c64208992de69ffcbb43%7C300x600%7C0.1%22%2C%2298c796eb0003223b5f23%22%3A%2298c796eb0003223b5f23%7C970x250%7C0.1%22%7D&ref=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&s=82f1bc62-f8ea-4f94-a314-35cfeca9fef5&pv=b68d3518-974d-4ec4-8f3a-22e3bf2e4da6&vp=desktop&lib_name=prebid&lib_v=3.26.0&us=1&ius=1&userid=8d198f31-399e-494d-bdd5-d66bf27a8702&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
6ab8be23361c5b5164e38bee6317bc254173255565b74dd7941da00bb559697c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Jan 2021 00:20:02 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://benefitsdepot.net
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
182
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
headertag
as-sec.casalemedia.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22528919209%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php%22%2C%22ref%22%3A%22http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-S1CS3%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-S1CS3%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-ST7mI%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-ST7mI%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-1-spDyX%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-spDyX%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-2-d5Sdn%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-d5Sdn%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-ZtWfe%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-ZtWfe%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-sSurI%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-sSurI%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&t=300&fn=window.proper_ba9b7af1_cbc57196_2
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4132a037aa26bbefdb575b04717b9a8f8676ccb3988aabc6d05ead42722b364a

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Jan 2021 00:20:02 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1463
Expires
Mon, 25 Jan 2021 00:20:02 GMT
hb
ssc.33across.com/api/v1/ 		87 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
f721d4021510ed61b74d19708362135044401052565f6c68f23baaf89e48f8f2

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Jan 2021 00:20:02 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://benefitsdepot.net
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
193f28c2c59e98575c90af9d75bb8d28dc32b9616edb0a85de79da58f50a3de2

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Jan 2021 00:20:02 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://benefitsdepot.net
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
9c41dfe397592be91bf06d983e31392f1a3dd9635f7203c58b6bf7d527ce9c69

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Jan 2021 00:20:02 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://benefitsdepot.net
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
d5289c66372886f9a32dbf25f6c7194dfe1e71ac21449ca8dc43bfb73d377619

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Jan 2021 00:20:02 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://benefitsdepot.net
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/85304/0/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/85304/0/mvo?z=1r&hbv=3.26,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://benefitsdepot.net
Pragma
no-cache
Date
Mon, 25 Jan 2021 00:20:02 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
ADTECH;v=2;cmd=bid;cors=yes;alias=5153920;misc=1611534002091;bidfloor=0.1
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153920/0/225/ 		46 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153920/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=5153920;misc=1611534002091;bidfloor=0.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
1d0c14e0bc8e4b13e120489ce16ac34dca2bef19245ebda6dd97276a54e7bf9b

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:02 GMT
server
Adtech Adserver
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json
access-control-allow-origin
https://benefitsdepot.net
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
46
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=5153925;misc=1611534002091;bidfloor=0.1
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153925/0/225/ 		48 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153925/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=5153925;misc=1611534002091;bidfloor=0.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
075baa6ed60d28e0b7f5d8bfe70f89a6ab972d610bb122fbaca35bb7985bf115

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:02 GMT
server
Adtech Adserver
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json
access-control-allow-origin
https://benefitsdepot.net
cache-control
no-store, no-cache
access-control-allow-credentials
true
x-adtech-meta
{"Debug": {"IP": "0.0.0.0", "Selector": "pri-select023c.us-east-1.prod.adtech.aolcloud.net", "UserId": "600E0A006E651744EE96014EE0000000"}}
content-length
48
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=5153924;misc=1611534002092;bidfloor=0.1
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153924/0/170/ 		46 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153924/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=5153924;misc=1611534002092;bidfloor=0.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
a5ba5acbbda6ef93b5658dd157ecbc30f04ea9742f85007044f049ef0ea41dbd

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:02 GMT
server
Adtech Adserver
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json
access-control-allow-origin
https://benefitsdepot.net
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
46
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=5153917;misc=1611534002092;bidfloor=0.1
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153917/0/170/ 		48 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153917/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=5153917;misc=1611534002092;bidfloor=0.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
1a5aad46ac16a1797ad3316a47dafe05f18725f97495515936f739bab2f08787

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:02 GMT
server
Adtech Adserver
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json
access-control-allow-origin
https://benefitsdepot.net
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
48
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=5153921;misc=1611534002092;bidfloor=0.1
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153921/0/529/ 		47 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153921/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=5153921;misc=1611534002092;bidfloor=0.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
34c5385793b6b819855d17e6d93e70e55d656d03b37e3575d796223263028cef

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:02 GMT
server
Adtech Adserver
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json
access-control-allow-origin
https://benefitsdepot.net
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
47
expires
Mon, 15 Jun 1998 00:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		408 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
c8b42eab3e6626bf6b8047e441ee746cfa9826e768d39c4c7e25b72f72d70f92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Jan 2021 00:20:01 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
41
vary
Accept-Encoding
content-length
408
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://benefitsdepot.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
xhr
pre.ads.justpremium.com/v/2.0/t/ 		44 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1611534002093
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.181.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7dd21c18f82de7955332f0beb0c74ef70d40dfbbc42e52e79a89d8cca13915e

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://benefitsdepot.net
date
Mon, 25 Jan 2021 00:20:02 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 25 Jan 2021 00:20:02 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid
ea5eb767-829d-4f34-b79b-3401b425eedd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://benefitsdepot.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		116 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:09:57 GMT
content-encoding
gzip
server
Server
age
605
etag
089c185b065ebe3e9c21625b16dea242
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
_tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id
UVUPVuFpClq831djVOMGvt-scx1Jp6e-Gu6nOp7sbgOIaiEGjET5yw==
pubads_impl_2021011204.js
securepubads.g.doubleclick.net/gpt/ 		275 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
sffe /
Resource Hash
45ef498c74715600b91f8fb9fd9d61156d477fe55dc494757cfdfbce15d6d198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 15:45:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99191
x-xss-protection
0
expires
Mon, 25 Jan 2021 00:20:02 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:03 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Wed, 23 Dec 2020 21:52:09 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
inZowSKigu1Ya6hIS1YyS1pRl_XYkzsgh_9pbOnTOdMGoNBwK4RmSA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&pr=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988&pid=HmGXgL7qhG0Rw&cb=0&ws=1600x1200&v=7.58.01&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%5D&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:02 GMT
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://benefitsdepot.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
QQVcXunvl-kZB1a_RWOmkOdPXz4_6kBgpw6FrNSTD1WWum-zq4CwiA==
s2s
eb.proper.io/ 		303 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s?proper_uid=8d198f31-399e-494d-bdd5-d66bf27a8702
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1a8c096c95e35cc2a28f8869a420497bba66f751bc62d79f0d27d6d148a1f0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:02 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://benefitsdepot.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
616dd37d5b474ac3-FRA
cf-request-id
07d882825b00004ac32d9d9000000001
expires
-1
hub
api.pushnami.com/scripts/v1/ Frame 15A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-51.zrh50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

:method
GET
:authority
api.pushnami.com
:scheme
https
:path
/scripts/v1/hub
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

content-type
text/html; charset=utf-8
date
Sun, 24 Jan 2021 23:56:12 GMT
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-headers
X-Requested-With
content-security-policy
default-src 'unsafe-inline' *
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
cache-control
no-cache
content-encoding
gzip
vary
accept-encoding
x-cache
Hit from cloudfront
via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
grhaSAj2E0ZiigG70taJO0CgCdEyo1CYaF32_x96pBfza9jT6pF5Iw==
age
1430
psp
psp.pushnami.com/api/ 		2 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.165.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://benefitsdepot.net/unsubscribe.php
key
5f5bf03e705e760013ae6eb6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://benefitsdepot.net
date
Mon, 25 Jan 2021 00:20:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Server
18.211.165.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://benefitsdepot.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 25 Jan 2021 00:20:03 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://benefitsdepot.net
access-control-allow-credentials
true
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
access-control-allow-headers
key
access-control-allow-methods
POST
cache-control
no-cache
vary
accept-encoding
content-encoding
gzip
integrator.js
adservice.google.nl/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=benefitsdepot.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Jan 2021 00:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=benefitsdepot.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Jan 2021 00:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2436926293366761&correlator=3060602909183178&output=ldjh&impl=fifs&eid=21068773%2C21069142%2C21069878&vrg=2021011204&ptt=17&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210125&iu_parts=5376056%2Cbenefitsdepot_sticky_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D3884%26proper_site%3Dbenefitsdepot%26proper_slot%3D4%26tags%3D%2522%2522%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%252214%2522_desktop%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%252214%2522%26proper_sticky%3Dtrue%26proper_floor_320x50%3D0.75%26proper_floor_728x90%3D1.00%26proper_floor_320x100%3D0.75%26proper_floor_sticky_horizontal%3D1.00%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1611534003&dt=1611534003311&dlt=1611534001385&idt=934&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=452&adks=2697425716&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&ref=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1x-1&ga_vid=932578658.1611534002&ga_sid=1611534003&ga_hid=1379399740&fws=512&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
f3f1bf87b116146bdf3553e8a95240c7695d558f65ff0eda4ed14956015212e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10570
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://benefitsdepot.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
47816f839ddc8a86cc85fb643c61aeee.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://47816f839ddc8a86cc85fb643c61aeee.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012010270040000/ Frame ED03 		180 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
226910
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51478
x-xss-protection
0
server
sffe
date
Fri, 22 Jan 2021 09:18:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0305d7d21a7fe4a1"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Jan 2022 09:18:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame ED03 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150578
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Sat, 23 Jan 2021 06:30:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"77bd676d834aaa8d"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jan 2022 06:30:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame ED03 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
226910
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Fri, 22 Jan 2021 09:18:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1304c1c0caf7ca3c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Jan 2022 09:18:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame ED03 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
227218
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Fri, 22 Jan 2021 09:13:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"12c034eb739190af"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Jan 2022 09:13:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame ED03 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
226910
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Fri, 22 Jan 2021 09:18:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e8a1dae72af56cd"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Jan 2022 09:18:13 GMT
truncated
/ Frame ED03 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67731b21d1cbdad9663afdd5c0d6b69c6f22b5169a40a505d66b4689c4dc1c56

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
11508912577542616282
tpc.googlesyndication.com/simgad/ Frame ED03 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11508912577542616282?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmfuWFmrlXuiu1tyWCh9cF-4ORM5A
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f303b8516fdfc37514ae8ecdd0c2e19e1bfba701e20fd77ddd38f0a963023d1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 08:40:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Dec 2020 08:13:07 GMT
server
sffe
age
142765
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30318
x-xss-protection
0
expires
Sun, 23 Jan 2022 08:40:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame ED03 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jan 2021 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
47465
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 25 Jan 2021 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame ED03 		295 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jan 2021 15:39:50 GMT
x-content-type-options
nosniff
server
cafe
age
31213
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 25 Jan 2021 15:39:50 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame ED03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc2wHsw4OYJHSFZPN7_UPqO6TsAKwgOW2YInF3pftDKrwh5fKHhABINjqtiBgkYSThfwXoAH5xaPtA8gBAqkCvgasDeJrtD7gAgCoAwHIAwiqBPsBT9BUpJG4qoJ7yfAbZwNyB2ck0_Z4XANyDG6EtnVIGf4qWElDpUQxJ02v1aapLr1-s3hb-Ogai6e-8d_tdHx5nC_a8W2Oy4MowHsA9JC8GO_dwibhrCr6ChVeQ9cdgBzDUGOYXJk076IahJ5CcPtxLS2H9X57seDeeAEX5ItAFhTFMBOFxMtl-giydzdF9etGSv1SnxbTphFatpqGK9rAcdi6Kt213ET8Hxf-Knkuh3ZzbXBvCeUGqoXKq4SHnlBLJF7LT7XwkyPVVPdIQKhAyNyrp12THyFKSKTM02K6eMr_8RqqNCNSL14W24roUZTYFDDI4YOOHzsdFGHABPHjgbezA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfvudwSqAfVyRuoB_DZG6gH8tkbqAeUmLECqAel3xuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQgrxB0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi01MDUxOTQ2OTg5ODQ4MzgygAoDyAsB2BMNshcaChgIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzM&sigh=Z3Gt-fpRl5Q&tpd=AGWhJmsyh2ki3vRzvETJbNjSVQdPC2EqSlwObRnxO_iozHloXA
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021011204&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
204b385a6e44079ffc0bc8b3d3defb897e705370628fb85b055b928d1a018997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Jan 2021 00:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6739
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js?21069878
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 00:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Mon, 25 Jan 2021 00:20:03 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame ED03
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Mon, 25 Jan 2021 00:20:03 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 630A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Sun, 24 Jan 2021 11:43:43 GMT
expires
Mon, 24 Jan 2022 11:43:43 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
45380
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
11508912577542616282
tpc.googlesyndication.com/simgad/ Frame ED03 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11508912577542616282?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmfuWFmrlXuiu1tyWCh9cF-4ORM5A
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f303b8516fdfc37514ae8ecdd0c2e19e1bfba701e20fd77ddd38f0a963023d1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 08:40:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Dec 2020 08:13:07 GMT
server
sffe
age
142765
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30318
x-xss-protection
0
expires
Sun, 23 Jan 2022 08:40:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame ED03 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jan 2021 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
47465
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 25 Jan 2021 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame ED03 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jan 2021 15:39:50 GMT
x-content-type-options
nosniff
server
cafe
age
31213
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 25 Jan 2021 15:39:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021011204&jk=2436926293366761&bg=!ycqlyonNAAVwd1e1cDsAKQB2-DxaAqB4TVJtK5f7PZ9XjVMVoNyIS87oHhCi7y7RN04OuTpFeFR3AgAAAERSAAAACmgBBwoBTWuXMvOHXjvVfQVQ2AXBQeDS9tJ53vvrOR4Wus2PDKu7xTZ9oNC9KrtEU8vLKGL6Blg3S5PzEVSMfP6W1Z_xigk6UrThMLDT75kKtmK842eXUXEB6Tv-s59MjcAfKIYptUsW2bli-504ahU7hbR5rQMQvYmwAwfl0j-UgYEaTZdvFWerSItNWBzF_kvHcQjwleUFvHSC9uw7a5Atms0Nxyd5_Ubb8U8jt9l-cW_NJ89qiBCNrNf6bph0nIt33O3H0-ccigKwBrrzw8pM9rTnUTvtUGeJAqWDNerc3FvwlAJh8ohSCUwrJKd5zZFQiS2F_tKPtgpvIKpemrXYRLo6mptoM5ABc5oAZhHs22TNaXOkvz6itWi5F7QUaJBHrXg1_TTMiwXvJcMiJuJaWa0j-l8hQWQZDR9MivMqIOIe-zOB_P6U6qQTXPo29htJ7ZkB01KFUE4p3Hph_tZQ75N5VbF9bAuDPF2OfyCDhM57vOYzi4FTESUor3mWF0NZroiPZSjqxdvFlLKWmX47algO4MuPJOftZWm0dF5hOX6tfzY34VqgFkRskGR1bv3sZbY07bCaINGSSsA8F6zFrqddR1npjYsZ6tD1262LMQZL-qJ-wZjF9fsA_ee1SlKXQG7LaDjznkwzKNG2W3KB5hhvE9XMVXpVJrxhiHgNfkKF5EyJRtH4XyE9ZejaMFJ8HNhpMobvwQvK73tUQVX7v4ODBPY3f7uPUI-8qpO7FdfuQcVB_ZzbHU1omJo0XrsR9q9nrAAvztxeWQ_0AVFCxTMZKwjzmtgI93bEa3KcoFeJRoNKlfouqpwBW40WFX2MtwkTEwZL9V49Yfj_K9Aj5sKscn2xo2i5DOOGm8lzjco96Lon3dPsyiHa9_Fy_KGkcQJkOLItHT-gcjAYaGSQQ537c7tjqhqPDJJN8FyjXGKoA4l2X9dIe58JZZ-UgltpYQnjStXZ8aLfiki0Evhl0fVNIxt2xsPOQfPy9k_w_BYEFB5vsT4dopPNY7zhks6uOO1nnpaFL7Gk3tdgm7F_2FhR_FgamMUb-qIYdqYXAdvEQ_A58-Mp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.227.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benefitsdepot.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 Jan 2021 00:20:03 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
activeview
pagead2.googlesyndication.com/pcs/ Frame ED03 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYLkQMyUKk3lqDSDCK0AKam7hvH26fJSK7jveMEIbsrtIRpUpEGNNX62kjpb-1TsLXUUMBzZME4D1aeHQ0vs0H1s6USunWEc1h2ypvBaMdVjOYPPJphriQpL0cPw&sai=AMfl-YQUV5hdccHV6twyZLgKqvSG7QUPqXol707sOrLX2Z5atZdHDr9ZsSmKgmHLuGtlS_tNtgmmPlqeLujqzs5akGYQ4HAQa87iP3YCCdISIdnzp-gF6vDWpyl97Ev_q7ae&sig=Cg0ArKJSzKqXkxwOXifMEAE&cid=CAASPeRobbHsj72GPvY6j2Pxk8U3rBFaRXVGLX8jhnJhHem8FlFaMDcCWNpYD2zaNsAIpMcUMkZiO15eeyQUYJM&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=111&tls=1112&g=100&h=100&tt=1112&r=v&avms=ampa&adk=2697425716
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benefitsdepot.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jan 2021 00:20:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2E5A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://benefitsdepot.net/unsubscribe.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 25 Jan 2022 00:20:06 GMT
Date
Mon, 25 Jan 2021 00:20:06 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 0F98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://benefitsdepot.net/unsubscribe.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

Server
Apache
Last-Modified
Tue, 06 Oct 2020 14:04:48 GMT
ETag
"e20015-8f4-5b10114f2003a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1136
Date
Mon, 25 Jan 2021 00:20:06 GMT
Connection
keep-alive
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 5556 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?referrer=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988&tz=-60&buster=1611534001984&secure=true&version=9&mobile=false&title=BenefitsDepot&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?referrer=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981gPvDR1188952eeOT54548Eig2499nQCw988&tz=-60&buster=1611534001984&secure=true&version=9&mobile=false&title=BenefitsDepot&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

date
Mon, 25 Jan 2021 00:20:06 GMT
content-type
text/html; charset=utf-8
content-length
312
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"138-CB3XuUKt5LniJPnMm/Tz+RQiIu0"
index.html
cdn.districtm.io/ids/ Frame A029 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

date
Mon, 25 Jan 2021 00:20:06 GMT
set-cookie
__cfduid=dc9703fd93c11dd5a5125903d7cf92f591611534006; expires=Wed, 24-Feb-21 00:20:06 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
07d88291a500004c4fe435a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
616dd395de1e4c4f-AMS
Cookie set check.html
biddr.brealtime.com/ Frame 3DBB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://benefitsdepot.net/unsubscribe.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

Date
Mon, 25 Jan 2021 00:20:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=df6ca25f07929e6d02574ab8a531a935d1611534006; expires=Wed, 24-Feb-21 00:20:06 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
UWPVvGwdhnETpW4mxEpx92XhIjfJegXLkN9ppYVonq8NlajViSaojmvSI78gSJxu+Hj73vbHFv8=
x-amz-request-id
5B1693653254EADE
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
5406
Expires
Mon, 25 Jan 2021 00:21:06 GMT
Cache-Control
public, max-age=60
cf-request-id
07d88291b4000072c34ba11000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
616dd395ea2572c3-AMS
Content-Encoding
gzip
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 5EFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=aw0g1jd1611534002077
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.181.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
pre.ads.justpremium.com
:scheme
https
:path
/v/1.0/t/sync?_c=aw0g1jd1611534002077
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

date
Mon, 25 Jan 2021 00:20:08 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7A06 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://benefitsdepot.net/unsubscribe.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=29914
Expires
Mon, 25 Jan 2021 08:38:42 GMT
Date
Mon, 25 Jan 2021 00:20:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 471B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://benefitsdepot.net/unsubscribe.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Jan 2021 00:20:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
sync.teads.tv/ Frame E737 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.9 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?gdprIab=%7B%22status%22%3A12%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

content-type
text/html; charset=UTF-8
server
akka-http/10.1.9
content-length
153
expires
Mon, 25 Jan 2021 00:20:08 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 25 Jan 2021 00:20:08 GMT
set-cookie
tt_bluekai=; Expires=Sat, 23 Jan 2021 23:20:08 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Sat, 23 Jan 2021 23:20:08 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Sat, 23 Jan 2021 23:20:08 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Sat, 23 Jan 2021 23:20:08 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Sat, 23 Jan 2021 23:20:08 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Sat, 23 Jan 2021 23:20:08 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Sat, 23 Jan 2021 23:20:08 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Sat, 23 Jan 2021 23:20:08 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Sat, 23 Jan 2021 23:20:08 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None
sync
eb2.3lift.com/ Frame F489
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.82.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=8547731420525395064
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

date
Mon, 25 Jan 2021 00:20:08 GMT
content-type
text/html; charset=utf-8
content-length
478
set-cookie
sync=CgoIgQIQroCmt_MuCgoIkQIQroCmt_MuCgoI4gEQroCmt_MuCgoIkgIQroCmt_MuCgoI5gEQroCmt_MuCgoIhwIQroCmt_MuCgkIOhCugKa38y4KCQgLEK6AprfzLgoJCF8QroCmt_MuCgkIHxCugKa38y4=; Max-Age=7776000; Expires=Sun, 25 Apr 2021 00:20:08 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=8547731420525395064; Max-Age=7776000; Expires=Sun, 25 Apr 2021 00:20:08 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Mon, 25 Jan 2021 00:20:08 GMT
content-length
0
set-cookie
tluid=8547731420525395064; Max-Age=7776000; Expires=Sun, 25 Apr 2021 00:20:08 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync.html
cdn.undertone.com/js/ Frame 4525 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c800:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

content-type
text/html
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
server
AmazonS3
content-encoding
gzip
date
Sun, 24 Jan 2021 16:12:52 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
KDDWkODOtbSPiu3TnhMHooHpOHTNUE5QCCpD6g0ybQcKasjlCHznTw==
age
29238
sync_iframe
sync.bfmio.com/ Frame F4FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.183.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://benefitsdepot.net/unsubscribe.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

Date
Mon, 25 Jan 2021 00:20:09 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1802 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://benefitsdepot.net/unsubscribe.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=109126:2; KADUSERCOOKIE=665B9D54-9284-48AB-8C59-4FB459DFD9D8; chkChromeAb67Sec=1; DPSync3=1612742400%3A219_201_226_221; SyncRTB3=1612742400%3A71_220_54_56_3_8_21_13_161_7_223%7C1612828800%3A35; KRTBCOOKIE_153=19420-gCFWhIZ0BNabIVeC13JL2YQgB4ebd1KChiBDqZ4Q&KRTB&22979-gCFWhIZ0BNabIVeC13JL2YQgB4ebd1KChiBDqZ4Q; PugT=1611534008; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEKGu4epH4JCZb0jv6cJeI9E&KRTB&22987-CAESEKGu4epH4JCZb0jv6cJeI9E&KRTB&23025-CAESEKGu4epH4JCZb0jv6cJeI9E; KRTBCOOKIE_377=6810-051416eb-8ef6-4937-9b7e-bcc80bf2f4bc&KRTB&22918-051416eb-8ef6-4937-9b7e-bcc80bf2f4bc&KRTB&23031-051416eb-8ef6-4937-9b7e-bcc80bf2f4bc; KRTBCOOKIE_27=16735-uid:dcdf600e-0eb6-4000-a81d-04eb9e507d38&KRTB&16736-uid:dcdf600e-0eb6-4000-a81d-04eb9e507d38&KRTB&23019-uid:dcdf600e-0eb6-4000-a81d-04eb9e507d38&KRTB&23114-uid:dcdf600e-0eb6-4000-a81d-04eb9e507d38; KRTBCOOKIE_391=22924-1733195178029159495; KRTBCOOKIE_336=5844-2721727047726593019; SPugT=1611534008
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=29913
Expires
Mon, 25 Jan 2021 08:38:42 GMT
Date
Mon, 25 Jan 2021 00:20:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
v2
de.tynt.com/deb/ Frame E6FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cyKUv-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=cyKUv-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

cache-control
max-age=86400
expires
Tue, 26 Jan 2021 00:20:09 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 25 Jan 2021 00:20:09 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 556C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=chtZg-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=chtZg-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

cache-control
max-age=86400
expires
Tue, 26 Jan 2021 00:20:09 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 25 Jan 2021 00:20:09 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 8E66 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=crfUxYicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=crfUxYicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

cache-control
max-age=86400
expires
Tue, 26 Jan 2021 00:20:11 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 25 Jan 2021 00:20:11 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 77B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cofIPsicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=cofIPsicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://benefitsdepot.net/unsubscribe.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://benefitsdepot.net/unsubscribe.php

Response headers

cache-control
max-age=86400
expires
Tue, 26 Jan 2021 00:20:12 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 25 Jan 2021 00:20:11 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap object| Tipped function| getUrlVars function| openOffer function| gtag object| dataLayer object| properSpecialOps object| propertag object| google_tag_manager object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| payload_loaded object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| gaplugins object| gaGlobal object| gaData object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| googletag object| _qevents function| proper_log function| proper_debug_console function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant object| TraceKit function| UAParser object| device string| SYNC_ENDPOINT string| NON_MEASURABLE string| ENDPOINT_TEST number| accountId object| pushWrap function| showFbChkOptIn boolean| isOSXSafari undefined| safariScript undefined| o object| Pushnami function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| requestType number| timeout boolean| edge string| bidder boolean| withCredentials function| proper_2e29c431_e8ea294f_1 string| proper_ad_page_uuid string| proper_ad_session_uuid string| x function| proper_ba9b7af1_cbc57196_2 object| apstag object| ggeac object| google_js_reporting_queue object| response boolean| apstagLOADED function| splitIndexSlots function| isSameSlot function| clearTargeting function| cygnus_index_judge function| cygnus_index_parse_res function| cygnus_index_set_targets function| cygnus_log function| index_render function| cygnus_copy function| getSlotInfo number| cygnus_tid object| index_slot_to_size object| index_slots_render object| index_slots_add function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| CrossStorageClient object| pushnamiStorage function| uuid object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.benefitsdepot.net/ Name: verizon_media_s2s_cookie
Value: y-w3yferx1l2ZErav9Hjxgp2qVVfpghR.w
.benefitsdepot.net/ Name: properSessionData
Value: eyJ1dWlkIjoiMTIxYTliNWItOTRlNi00ZmFhLTgyN2QtMzRkMWE1ZTVkZDYxIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiaHR0cDovL3ZvbHVwdGF0ZXFyZ3RzLmNhcnR5ci5kZS9yZC91Mzk4MWdQdkRSMTE4ODk1MmVlT1Q1NDU0OEVpZzI0OTluUUN3OTg4IiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MH0=
.benefitsdepot.net/ Name: _gat_gtag_UA_149686528_2
Value: 1
.benefitsdepot.net/ Name: _gid
Value: GA1.2.2077591899.1611534002
.benefitsdepot.net/ Name: __qca
Value: P0-601547798-1611534002046
.benefitsdepot.net/ Name: _ga
Value: GA1.2.932578658.1611534002
.benefitsdepot.net/ Name: proper_tracker_cookie
Value: eyJwaWQiOiIiLCJiaWRkZXJzIjp7InZlcml6b25fbWVkaWFfczJzIjoxfSwicHJvcGVyX3VpZCI6IjhkMTk4ZjMxLTM5OWUtNDk0ZC1iZGQ1LWQ2NmJmMjdhODcwMiJ9
benefitsdepot.net/ Name: _pubcid
Value: 8d198f31-399e-494d-bdd5-d66bf27a8702
benefitsdepot.net/ Name: PHPSESSID
Value: 76534d25ba700ac67376440159e659fc

10 Console Messages

Source Level URL
Text
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USPAPI workflow exceeded timeout threshold.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6(Line 276)
Message:
{}
console-api log URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6(Line 179)
Message:
Tracking OK [object Response]
console-api info URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 https://benefitsdepot.net/unsubscribe.php

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

47816f839ddc8a86cc85fb643c61aeee.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.pushnami.com
as-sec.casalemedia.com
benefitsdepot-net.disqus.com
benefitsdepot.net
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
buttons-config.sharethis.com
c.amazon-adsystem.com
c.sharethis.mgr.consensu.org
cdn.ampproject.org
cdn.districtm.io
cdn.undertone.com
cdnjs.cloudflare.com
de.tynt.com
eb.proper.io
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
ib.3lift.com
ib.adnxs.com
js-sec.indexww.com
l.sharethis.com
mantodea.mantisadnetwork.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pixel.quantserve.com
platform-api.sharethis.com
pre.ads.justpremium.com
psp.pushnami.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
sync.bfmio.com
sync.teads.tv
tag.1rx.io
tpc.googlesyndication.com
trc.pushnami.com
ups.analytics.yahoo.com
usync.proper.io
voluptateqrgts.cartyr.de
www.fopiwino.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.111.242.245
104.16.190.66
104.17.120.107
13.224.102.11
13.224.102.51
13.224.103.105
172.217.18.2
178.162.133.150
178.250.0.165
18.184.181.235
18.185.82.201
18.211.165.214
185.255.84.151
185.33.221.91
199.232.196.134
2.18.232.130
2.18.233.180
2.18.234.21
2001:4de0:ac19::1:b:2b
208.100.17.181
209.212.148.3
213.19.147.210
216.52.2.48
23.37.42.132
2600:9000:2190:3000:c:abe:f440:93a1
2600:9000:2190:3e00:6:44e3:f8c0:93a1
2600:9000:2190:c800:1f:2473:9080:93a1
2600:9000:2190:f800:1c:8a07:5e80:93a1
2600:9000:21a8:e000:c:a9b7:ddc0:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700::6810:125e
2606:4700::6811:4e22
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81b::2003
2a00:1450:4001:81e::2001
2a00:1450:4001:820::2001
2a00:1450:4001:820::200a
2a00:1450:4001:821::2002
2a00:1450:4001:824::200a
3.124.48.224
3.126.56.137
3.229.183.84
44.239.227.210
45.148.9.118
52.22.61.253
52.36.160.118
52.4.152.106
52.71.17.67
78.47.101.54
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
075baa6ed60d28e0b7f5d8bfe70f89a6ab972d610bb122fbaca35bb7985bf115
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
193f28c2c59e98575c90af9d75bb8d28dc32b9616edb0a85de79da58f50a3de2
1a5aad46ac16a1797ad3316a47dafe05f18725f97495515936f739bab2f08787
1ca297fe6f6f7d45f34c83d936bda5ddd7b73f7e19d694abbe6dbf0365caa5b4
1d0c14e0bc8e4b13e120489ce16ac34dca2bef19245ebda6dd97276a54e7bf9b
1dea0bd907087e7d6b4ae0622fa75ee4e9ae8ff7cc7e77a163b172a0125b1775
204b385a6e44079ffc0bc8b3d3defb897e705370628fb85b055b928d1a018997
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2f9a3ff3d381edd73e8898ddb7d5c705a5adb948e867e5121e4b662729b44805
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34c5385793b6b819855d17e6d93e70e55d656d03b37e3575d796223263028cef
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
4132a037aa26bbefdb575b04717b9a8f8676ccb3988aabc6d05ead42722b364a
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
45ef498c74715600b91f8fb9fd9d61156d477fe55dc494757cfdfbce15d6d198
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fb8a456f52876edb64f93984fe24ef284cc592797998ba534581997bd74570e
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
67731b21d1cbdad9663afdd5c0d6b69c6f22b5169a40a505d66b4689c4dc1c56
6ab8be23361c5b5164e38bee6317bc254173255565b74dd7941da00bb559697c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2aa54ef6bb1e80e434d3f3e6deb04a463a35e651b9403f8a80445289281d98
6d90c9d8fbe47d5b256ed4de4bc18965b9f817c7436f94cba20bf56fc41b754a
713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420
714a01a8d852f840a8eec70c1a4c24455fe3f1f907e2f2e4d20087be71d5ddb4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7b0fc94d83150b73dc566b933bc5c823621e210de6d45621d1101207202d0a15
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8a93db4b3a7d15238afd1eb9ead3c0240331aa89319992be45229491642043c8
95fac9ed03caf2a7e9204389aacf59c252f499c19c025358f68c96dd4da74483
9c41dfe397592be91bf06d983e31392f1a3dd9635f7203c58b6bf7d527ce9c69
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5ba5acbbda6ef93b5658dd157ecbc30f04ea9742f85007044f049ef0ea41dbd
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
aa892a3e8ae2d858596e031c41aa9c5368d94d5da554a4dd4cf10ae942df4377
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b7b8981cb6f6936f083e3fa8007621bbf153e4c095f11881fa2014bd4a93b518
b805694cd109a1a60f45b70d8afbaa5a38d4cacd290a6633175efa95559b1de4
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
c8b42eab3e6626bf6b8047e441ee746cfa9826e768d39c4c7e25b72f72d70f92
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d5289c66372886f9a32dbf25f6c7194dfe1e71ac21449ca8dc43bfb73d377619
d7dd21c18f82de7955332f0beb0c74ef70d40dfbbc42e52e79a89d8cca13915e
da1a8c096c95e35cc2a28f8869a420497bba66f751bc62d79f0d27d6d148a1f0
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
df35edbdf585ab9f21871115b309fb4cde4be9d754c210dfd27ccec1e0ada438
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dbffd2dc606444293988544c0d43edd5f2f538c89bc2b7484ea06e42af172c
f303b8516fdfc37514ae8ecdd0c2e19e1bfba701e20fd77ddd38f0a963023d1f
f3f1bf87b116146bdf3553e8a95240c7695d558f65ff0eda4ed14956015212e6
f4ba508d250f496d94821e970ca0d869e34c177f3946b15b1e69115391090aa0
f5268e5ede4ca11c3d7e659e9a7dd351ec0aa17bc95abbace6d3704b79dfa90e
f721d4021510ed61b74d19708362135044401052565f6c68f23baaf89e48f8f2