urlscan.io logo urlscan.io
SecurityTrails logo

oraclebenefitsgroup.com Open in urlscan Pro
2606:4700:30::681f:5c79  Public Scan

Go To Rescan Add Verdict Report
URL: http://oraclebenefitsgroup.com/
Submission: On May 27 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 7 countries across 31 domains to perform 166 HTTP transactions. The main IP is 2606:4700:30::681f:5c79, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is oraclebenefitsgroup.com.
This is the only time oraclebenefitsgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:30:... 13335 (CLOUDFLAR...)
4 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.8.9.176 20940 (AKAMAI-ASN1)
7 2a00:1450:400... 15169 (GOOGLE)
9 2.16.187.67 20940 (AKAMAI-ASN1)
2 2 2a03:2880:f21... 32934 (FACEBOOK)
1 3 2a03:2880:f21... 32934 (FACEBOOK)
2 23.92.74.18 54540 (INCERO-HVVC)
1 2600:9000:200... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
20 216.58.206.2 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2.16.187.66 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
17 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 35.240.50.85 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 5 216.58.208.38 15169 (GOOGLE)
1 54.72.236.147 16509 (AMAZON-02)
2 216.58.205.226 15169 (GOOGLE)
1 2 104.111.234.76 16625 (AKAMAI-AS)
1 82.199.68.73 15830 (TELECITY-LON)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 95.142.20.17 20645 (PUREPEAK-ASN)
1 2607:f8b0:400... 15169 (GOOGLE)
1 178.250.2.130 44788 (ASN-CRITE...)
1 178.250.2.152 44788 (ASN-CRITE...)
4 88.221.165.178 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 72.247.185.51 20940 (AKAMAI-ASN1)
6 2.18.232.7 16625 (AKAMAI-AS)
1 2a02:26f0:7b:... 20940 (AKAMAI-ASN1)
1 63.35.144.148 16509 (AMAZON-02)
34 2a02:26f0:7b:... 20940 (AKAMAI-ASN1)
2 2a02:26f0:7b:... 20940 (AKAMAI-ASN1)
166 41
4    2606:4700:30::681f:5c79 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
oraclebenefitsgroup.com
4    2606:4700:30::681f:5d79 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
oraclebenefitsgroup.com
2    2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    23.8.9.176 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-8-9-176.deploy.static.akamaitechnologies.com
tag.aticdn.net
7    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
9    2.16.187.67 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-187-67.deploy.static.akamaitechnologies.com
files.missbloom.gr
www.capital.gr
www.missbloom.gr
2    2a03:2880:f21c:80c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
platform.instagram.com
3    2a03:2880:f21c:80e5:face:b00c:0:4420 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.instagram.com
2    23.92.74.18 (Tampa, United States)

ASN54540 (INCERO-HVVC - HIVELOCITY, Inc., US)
PTR: srvn1.nemohq.gr
www.vidads.gr
1    2600:9000:200c:c000:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
js.agkn.com
4    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
3    2606:4700::6810:cea5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
onesignal.com
1    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
20    216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2.16.187.66 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-187-66.deploy.static.akamaitechnologies.com
www.missbloom.gr
5    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
17    2a02:26f0:6c00:287::3b8c (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
widget.yallarec.com
img9-api.yallarec.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    35.240.50.85 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 85.50.240.35.bc.googleusercontent.com
app.exitbee.com
7    2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
1    2606:4700:30::681f:4c17 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.madinad.com
2    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
5    216.58.208.38 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f6.1e100.net
ad.doubleclick.net
1    54.72.236.147 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-236-147.eu-west-1.compute.amazonaws.com
d.agkn.com
2    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
googleads.g.doubleclick.net
2    104.111.234.76 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-234-76.deploy.static.akamaitechnologies.com
logw312.ati-host.net
1    82.199.68.73 (Netherlands)

ASN15830 (TELECITY-LON, GB)
bs.serving-sys.com
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    95.142.20.17 (Israel)

ASN20645 (PUREPEAK-ASN, IL)
PTR: ip-95-142-20-17.purepeak.com
api.yallarec.com
1    2607:f8b0:4004:811::2003 (United States)

ASN15169 (GOOGLE - Google LLC, US)
csi.gstatic.com
1    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    88.221.165.178 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a88-221-165-178.deploy.static.akamaitechnologies.com
a.teads.tv
3    2a00:1450:4001:809::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
amp-error-reporting.appspot.com
2    72.247.185.51 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a72-247-185-51.deploy.static.akamaitechnologies.com
b.scorecardresearch.com
6    2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
t.teads.tv
sync.teads.tv
studio-t.teads.tv
1    2a02:26f0:7b:89d::2c92 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cmp.teads.mgr.consensu.org
1    63.35.144.148 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-35-144-148.eu-west-1.compute.amazonaws.com
be-ms.teads.tv
34    2a02:26f0:7b:997::36f1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
s8t.teads.tv
2    2a02:26f0:7b:984::36f1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
s8t.teads.tv
Apex Domain
Subdomains		 Transfer
47 teads.tv
a.teads.tv
t.teads.tv
sync.teads.tv
be-ms.teads.tv
s8t.teads.tv
studio-t.teads.tv
7 MB
27 doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
googleads.g.doubleclick.net
110 KB
18 yallarec.com
widget.yallarec.com
api.yallarec.com
img9-api.yallarec.com
241 KB
9 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
2 MB
9 missbloom.gr
files.missbloom.gr
www.missbloom.gr
76 KB
9 googletagservices.com
www.googletagservices.com
190 KB
8 oraclebenefitsgroup.com
oraclebenefitsgroup.com
261 KB
7 ampproject.org
cdn.ampproject.org
347 KB
5 instagram.com
platform.instagram.com
www.instagram.com
5 KB
3 appspot.com
amp-error-reporting.appspot.com
283 B
3 facebook.net
connect.facebook.net
71 KB
3 onesignal.com
cdn.onesignal.com
onesignal.com
59 KB
2 scorecardresearch.com
b.scorecardresearch.com
1 KB
2 facebook.com
www.facebook.com
246 B
2 ati-host.net
logw312.ati-host.net
790 B
2 exitbee.com
app.exitbee.com
10 KB
2 agkn.com
js.agkn.com
d.agkn.com
4 KB
2 vidads.gr
www.vidads.gr
76 KB
2 cloudflare.com
cdnjs.cloudflare.com
7 KB
1 consensu.org
cmp.teads.mgr.consensu.org
1 criteo.com
bidder.criteo.com
220 B
1 criteo.net
static.criteo.net
26 KB
1 gstatic.com
csi.gstatic.com
202 B
1 googleapis.com
ajax.googleapis.com
29 KB
1 serving-sys.com
bs.serving-sys.com
773 B
1 madinad.com
static.madinad.com
2 KB
1 google.de
adservice.google.de
178 B
1 google-analytics.com
www.google-analytics.com
17 KB
1 capital.gr
www.capital.gr
25 KB
1 aticdn.net
tag.aticdn.net
20 KB
0 qds.ninja Failed
t.qds.ninja Failed
166 31
Domain Requested by
36 s8t.teads.tv a.teads.tv
oraclebenefitsgroup.com
20 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
oraclebenefitsgroup.com
15 img9-api.yallarec.com oraclebenefitsgroup.com
9 www.googletagservices.com oraclebenefitsgroup.com
securepubads.g.doubleclick.net
www.googletagservices.com
8 oraclebenefitsgroup.com oraclebenefitsgroup.com
7 cdn.ampproject.org securepubads.g.doubleclick.net
7 files.missbloom.gr oraclebenefitsgroup.com
5 ad.doubleclick.net 2 redirects oraclebenefitsgroup.com
www.googletagservices.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
oraclebenefitsgroup.com
4 t.teads.tv oraclebenefitsgroup.com
4 a.teads.tv securepubads.g.doubleclick.net
a.teads.tv
4 pagead2.googlesyndication.com oraclebenefitsgroup.com
pagead2.googlesyndication.com
3 amp-error-reporting.appspot.com cdn.ampproject.org
3 connect.facebook.net oraclebenefitsgroup.com
connect.facebook.net
3 www.instagram.com 1 redirects oraclebenefitsgroup.com
www.instagram.com
2 b.scorecardresearch.com 1 redirects oraclebenefitsgroup.com
2 www.facebook.com oraclebenefitsgroup.com
connect.facebook.net
2 logw312.ati-host.net 1 redirects oraclebenefitsgroup.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 app.exitbee.com oraclebenefitsgroup.com
app.exitbee.com
2 widget.yallarec.com oraclebenefitsgroup.com
widget.yallarec.com
2 www.missbloom.gr 1 redirects oraclebenefitsgroup.com
2 cdn.onesignal.com oraclebenefitsgroup.com
cdn.onesignal.com
2 www.vidads.gr oraclebenefitsgroup.com
www.vidads.gr
2 platform.instagram.com 2 redirects
2 cdnjs.cloudflare.com oraclebenefitsgroup.com
1 studio-t.teads.tv oraclebenefitsgroup.com
1 be-ms.teads.tv a.teads.tv
1 sync.teads.tv a.teads.tv
1 cmp.teads.mgr.consensu.org a.teads.tv
1 bidder.criteo.com static.criteo.net
1 static.criteo.net widget.yallarec.com
1 csi.gstatic.com cdn.ampproject.org
1 api.yallarec.com widget.yallarec.com
1 onesignal.com cdn.onesignal.com
1 ajax.googleapis.com widget.yallarec.com
1 bs.serving-sys.com oraclebenefitsgroup.com
1 d.agkn.com js.agkn.com
1 static.madinad.com oraclebenefitsgroup.com
1 adservice.google.de www.googletagservices.com
1 www.google-analytics.com oraclebenefitsgroup.com
1 js.agkn.com oraclebenefitsgroup.com
1 www.capital.gr oraclebenefitsgroup.com
1 tag.aticdn.net oraclebenefitsgroup.com
0 t.qds.ninja Failed oraclebenefitsgroup.com
166 45
Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-02 -
2019-09-08		 6 months crt.sh
tag.aticdn.net
GeoTrust RSA CA 2018		 2019-01-25 -
2020-03-25		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
capital.gr
Let's Encrypt Authority X3		 2019-03-20 -
2019-06-18		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2019-04-12 -
2019-07-11		 3 months crt.sh
ssl.nemohq.gr
Let's Encrypt Authority X3		 2019-04-24 -
2019-07-23		 3 months crt.sh
ssl473492.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-22 -
2019-07-31		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
app.exitbee.com
SSL.com DV CA		 2018-07-06 -
2019-07-07		 a year crt.sh
misc-sni.google.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
sni225665.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-28 -
2019-11-04		 6 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
bs.serving-sys.com
Go Daddy Secure Certificate Authority - G2		 2018-03-08 -
2020-03-08		 2 years crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
*.appspot.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
teads.tv
Let's Encrypt Authority X3		 2019-04-17 -
2019-07-16		 3 months crt.sh
s8t.teads.tv
DigiCert ECC Secure Server CA		 2018-05-23 -
2019-11-21		 a year crt.sh

This page contains 19 frames:

Primary Page: http://oraclebenefitsgroup.com/
Frame ID: A1B3EB9C6013A40705925942888485DD
Requests: 89 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js
Frame ID: 0373FF9EA290063F195A62702F47956E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1EsSSvvM_s0QvVgVPJAhHSjWeDuHC3X-WA5W8DQqSqnqry5tZhj8GsYGg1SV9d3zuEsqbBuuzNa9aLvspmm0nvetVJ96LMylPOxWEb78t620PmqpjFhll6yRrdQqcaN9EHkuFPxl0C329T3RmQ3OkgU6kBWqPyn4wNh60ZlLGJi8y-LPh5gPYJJ64KjyluuVsBGiQ-gWTtaQewpdonGwC2W3jQwkYPs46gsmR6dcXv46wmmgKNFlj56iE8k4ANHssU8i_0picXZWJmrUFQIcRcRh1dcJu8Q&sai=AMfl-YQn_dQVTbgFcN5H7ddsKoYKWIDZ-ry5NPIU2iPoZkEFANvc2CrUX-g6LgqFsA1vKLt3xRa3yOcS5VYyqIhB178yyszl_R4wawYYm4sI&sig=Cg0ArKJSzFT2mLidhW3eEAE&urlfix=1&adurl=
Frame ID: 5FD5BAA67E4FB1765EB81E5BA609BEBC
Requests: 4 HTTP requests in this frame

Frame: https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Foraclebenefitsgroup.com&rp=%2F
Frame ID: 71F74149916C59442BA9ACFB631BD8EA
Requests: 1 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=46209260&gdpr=&gdpr_consent=&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Foraclebenefitsgroup.com%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: F0C1527857F9857B74BA2062D14B6AC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190522/r20190131/zrt_lookup.html
Frame ID: 90101C554F6076AAF03CCCA5CC612BE3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js
Frame ID: 9BE31887D8F2CF59D6951F62DB109EF7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1558940418869&bpp=23&bdt=769&fdt=184&idt=185&shv=r20190522&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2885831218825&frm=20&pv=2&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&ga_fc=0&iag=0&icsg=2815312587128867&dssz=60&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=11&uci=a!b&fsb=1&dtd=212
Frame ID: FE7025D22B908612CC64BB115E690D33
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js
Frame ID: 8A47FEA1FC30A64FB7B23CD91CB2A2B7
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg0HbXKUcMaOWnbhPjENmUWynEpHsUmA3EoJBWydhOAjUYUzmXG2Kem2ix0V4Cc7RMZ46tWH0yioNSoPGjUBvd0IIsOnfoLtzeS4Pd_EbJSDvAhKLPWrNAa67L4SegIohk0rhXkH54A0n50Txsx7re4IAC0evlfqjCbEuGs-Qn_PjrrzbZfU9GMOrTNwFyp2MZ7NZmNjVs-U0H9nnNiPz2anMMGFsM1xWYnYuL75KeiyaB1ZG4l4zQfBlKDwANHToJ6NUzGZqCrn0eiK0o&sai=AMfl-YQ1J36vgFPcnq26jFF-61psPiM-RzqaxB1LFwwBZIAEemhLMbjDHEe_CO0V5JaGsSBmqNK8xHqIGO2e0ZLA_6CktS5bcY8DwmXRvj98gLFvWeyMfeBfgMbZavM&sig=Cg0ArKJSzASQ7fsWWoF4EAE&urlfix=1&adurl=
Frame ID: 1D55FDB0570651606AA7769C02E77A7A
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N514413.563336MISSBLOOM.GR/B22705314.247598166;dc_ver=49.128;dc_eid=40004000;sz=300x250;osdl=1;u_sd=1;dc_adk=1224465404;ord=sl5opi;dc_rfl=1,http%3A%2F%2Foraclebenefitsgroup.com%2F$0;xdt=0;crlt=H(eCaJjDjh;osda=2;sttr=20;prcl=s
Frame ID: E77EE8FB2733FCB4D6D4F24BB30098A3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfP08cXCjbMEM1L00FnRpCdm_wxvPy0yYgcjMNGj8mOIjG3HWCGu7FFgYkDa1d2cvLqbWJNwG4tazZd5AGLara0fgiNMX0Hb-3cGJ5O2MQUF6DH3DqgQ_fvpAH1Tc-gT7FOSwKxIYWTaDkpP6cR-2MTXsyb_Y7tynuf67JlIqt_v4sroEx5zJrFgwuXtQaLbyP9gZ0mbpHJRcfF5iht32LBPjp7VUZjlEYcHPHvWZv-X8DPUD4GuoDRHtAd1GeUgj7SygtZFj36QKinFIDUrQ&sai=AMfl-YTZsXFaYhNPOIMBg9K57DKOHjS098oJNaI2-fZOaNXc8LeNeFBhfzs9V-LuCDgqsn_WURx1uaAfGThzKMIp7uisNNb1UpmKQitzJzI5JjOg8RI_qLh9O-C46n5_&sig=Cg0ArKJSzHGOcoO9YPDmEAE&urlfix=1&adurl=
Frame ID: 6C91825E9948D30D6CBACDA8EA8D53C1
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F815DAC7207C335B151C3699EC74210B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvUc-ub4j_ubI1xNd2b_JCwlDmun1CrByqnTLEjGPijNgxb7qeNH5rRxEzw6oZIYFonpRro3TjgF6ZNfbmeS31mjdE0pigGxlsmZWJiNqCzlMuPk_0uHqbyqeBHsmGaJjO35Ncwnd-VrlbbDXrnRYSIZY30XxLYEK2MFBngUKF7svwGpxQ1TjEnf69BnioB1mCHmksIC0-QTvLNOUPgTF7ddXAC5EsDt8nHLG3TR-ap7aTNZ3pzsc8EU61aViJljXIGXCZkSQLGOg&sai=AMfl-YSQKANph7Zgu5AXS0CYFRT-Lq3tRvjW1Gm9eMCr4mXseWgtYMg2PcOkQZSW2tpFHJIHhcMX_8JKR2GDDph41dQ59aFA1IXOlVnNqVRfjKMtF9CJyX1JrTY6VIrS&sig=Cg0ArKJSzPn6gY55RXUbEAE&urlfix=1&adurl=
Frame ID: D067420E795546DB2BC9F314FEF701E6
Requests: 4 HTTP requests in this frame

Frame: http://cmp.teads.mgr.consensu.org/index.html
Frame ID: C77887F5BF21252AB15424024FB008ED
Requests: 1 HTTP requests in this frame

Frame: http://sync.teads.tv/iframe?pid=95778&userId=b4d56112-11bc-4c24-9087-4abe4a8cd0bf&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&1558940420737
Frame ID: 8B2FB498E58492BDE6AB4149065ECAEB
Requests: 1 HTTP requests in this frame

Frame: http://a.teads.tv/media/format/v3/assets/default/player-sprite.svg
Frame ID: 6C8AF3DA877B53925F2DAD323A702621
Requests: 2 HTTP requests in this frame

Frame: http://s8t.teads.tv/vpaid/6753877076521797
Frame ID: 437B626A9C7A51EA4B5C386D0F196393
Requests: 3 HTTP requests in this frame

Frame: http://s8t.teads.tv/sdk/2.0.0
Frame ID: CE1A230C5F7138AF031297155054A5F5
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • env /^xtsite$/i
  • env /^ATInternet$/i
Overall confidence: 100%
Detected patterns
  • env /^Xt_/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • env /^criteo/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

166
Requests

67 %
HTTPS

57 %
IPv6

31
Domains

45
Subdomains

41
IPs

7
Countries

10091 kB
Transfer

14207 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Request Chain 27
  • http://www.missbloom.gr/xtcore.js HTTP 301
  • https://www.missbloom.gr/xtcore.js
Request Chain 55
  • https://ad.doubleclick.net/ddm/trackimp/N9178.563336MISSBLOOM.GR/B22672197.247428023;dc_trk_aid=444016177;dc_trk_cid=116200339;ord=1605704348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9178.563336MISSBLOOM.GR/B22672197.247428023;dc_pre=CISzks-Ru-ICFU084AodRzMGEg;dc_trk_aid=444016177;dc_trk_cid=116200339;ord=1605704348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 62
  • http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0700185095242&jv=0&re=1600x1200&vtag=4.5.7&hl=7x0x18&r=1600x1200x24x24&ref= HTTP 302
  • http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0700185095242&jv=0&re=1600x1200&vtag=4.5.7&hl=7x0x18&r=1600x1200x24x24&ref=&Rdt=On
Request Chain 113
  • https://ad.doubleclick.net/ddm/trackimp/N2520.3291990ATTICAMEDIA/B22588227.247084513;dc_trk_aid=443400489;dc_trk_cid=116313400;ord=425132534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N2520.3291990ATTICAMEDIA/B22588227.247084513;dc_pre=CK3xwM-Ru-ICFUahewodSTMO5w;dc_trk_aid=443400489;dc_trk_cid=116313400;ord=425132534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 126
  • http://b.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1558940420453&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=19882419&cs_ucfr=1 HTTP 302
  • http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1558940420453&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=19882419&cs_ucfr=1

166 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
oraclebenefitsgroup.com/ 		49 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:5c79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c

Request headers

Host
oraclebenefitsgroup.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d5b9865a858c5530a2db5019c2b4c91b61558940417; expires=Tue, 26-May-20 07:00:17 GMT; path=/; domain=.oraclebenefitsgroup.com; HttpOnly
Last-Modified
Sun, 10 Feb 2019 16:02:05 GMT
Server
cloudflare
CF-RAY
4dd61c6c1cf19ac8-FRA
Content-Encoding
gzip
579d0.single.include.4e2fc8.css
oraclebenefitsgroup.com/wp-content/cache/minify/ 		103 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://oraclebenefitsgroup.com/wp-content/cache/minify/579d0.single.include.4e2fc8.css
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:5d79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ada6344cb2a88a7fd0cf75630f88a24477c4f7ddca056ba9d7d0b33fa69b845

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:02 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4dd61c6d3b0cc2f9-FRA
Expires
Mon, 27 May 2019 11:00:18 GMT
579d0.default.include.3de91f.js
oraclebenefitsgroup.com/wp-content/cache/minify/ 		110 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://oraclebenefitsgroup.com/wp-content/cache/minify/579d0.default.include.3de91f.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:5d79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3681c54b41bbaba74dde376a6db966614cc49c08676c2dc86e852f655a8ead26

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:06 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4dd61c6d3d519ac2-FRA
Expires
Mon, 27 May 2019 11:00:18 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sat, 16 May 2020 07:00:18 GMT
cache-control
public, max-age=30672000
cf-ray
4dd61c6d29a0bee2-FRA
served-in-seconds
0.000
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 16 May 2020 07:00:18 GMT
cache-control
public, max-age=30672000
cf-ray
4dd61c6d29a2bee2-FRA
served-in-seconds
0.001
style.css
oraclebenefitsgroup.com/wp-content/themes/mb17s/css/ 		214 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://oraclebenefitsgroup.com/wp-content/themes/mb17s/css/style.css?v=20180727
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:5d79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2837d1b5ddf463d053b8b5ea86a6e0d8cc1ad7045684e9c43de8b4151c798256

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:03 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4dd61c6d3c15c26d-FRA
Expires
Mon, 27 May 2019 11:00:18 GMT
smarttag.js
tag.aticdn.net/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/smarttag.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.9.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-8-9-176.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
615988825a97e1b8d3e2d702258c83ad954c6a684bc54b2dd99aa216b67bc0df

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
om_zhK87rfwN44gAkMTtPMwhG17R_kID
Content-Encoding
gzip
Last-Modified
Wed, 20 Mar 2019 09:49:49 GMT
Server
AmazonS3
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=600
Date
Mon, 27 May 2019 07:00:18 GMT
Connection
keep-alive
Content-Length
19838
X-Amz-Cf-Id
hYoSwTI2dWgFI-yLf8wKASSpM-NwEa7F7eM8rZXhe3lOrwZH2ZAVeg==
gpt.js
www.googletagservices.com/tag/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ee651eb7354da97034f4ead08e42230effe21a2949af3c4d64ff5bd42f119278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"178 / 434 of 1000 / last-modified: 1558728639"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10602
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:18 GMT
main.js
oraclebenefitsgroup.com/wp-content/themes/mb17s/js/ 		119 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://oraclebenefitsgroup.com/wp-content/themes/mb17s/js/main.js?v=20180727
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:5d79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0dd54249132d61966dbdaf4c58f88c896eb0bf5f413e85c04dcc61d5716664e

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:05 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4dd61c6d38ead729-FRA
Expires
Mon, 27 May 2019 11:00:18 GMT
missbloom-logo-p.svg
oraclebenefitsgroup.com/wp-content/themes/mb17s/images/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oraclebenefitsgroup.com/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:5c79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:03 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4dd61c6d8a36d6c1-FRA
Expires
Mon, 27 May 2019 11:00:18 GMT
Screenshot_1-6.jpg
files.missbloom.gr/2016/09/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.missbloom.gr/2016/09/Screenshot_1-6.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.187.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
last-modified
Mon, 05 Sep 2016 10:31:56 GMT
server
nginx
etag
"57cd499c-10f17"
content-type
image/jpeg
status
200
cache-control
max-age=8640000
date
Mon, 27 May 2019 07:00:18 GMT
accept-ranges
bytes
content-length
69399
expires
Wed, 04 Sep 2019 07:00:18 GMT
47c7ec92d91e.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • http://platform.instagram.com/en_US/embeds.js
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 18:55:48 GMT
x-fb-trip-id
713225770
access-control-allow-origin
*
etag
"47c7ec92d91e"
vary
Accept-Encoding
content-type
text/javascript
status
200
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
4822

Redirect headers

status
302
date
Mon, 27 May 2019 07:00:18 GMT
x-fb-trip-id
713225770
cache-control
max-age=21600
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
content-type
text/html; charset=utf-8
4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
files.missbloom.gr/2016/09/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.missbloom.gr/2016/09/4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.187.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
gb-200x200.jpg
files.missbloom.gr/2016/09/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.missbloom.gr/2016/09/gb-200x200.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.187.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
va_content.vast.js
www.vidads.gr/scripts/ 		290 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vidads.gr/scripts/va_content.vast.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.92.74.18 Tampa, United States, ASN54540 (INCERO-HVVC - HIVELOCITY, Inc., US),
Reverse DNS
srvn1.nemohq.gr
Software
nginx/1.12.2 /
Resource Hash
34fde0f4461395a617be2117bae4b1c3e9d80a1126f198201b7337c10f7db71e

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 04:12:52 GMT
server
nginx/1.12.2
etag
"96401a3-4863f-5864d84319900-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3600
x-route
http3
accept-ranges
bytes
expires
Mon, 27 May 2019 08:00:17 GMT
64508-lily%20james-smile-200x200.jpg
files.missbloom.gr/pics/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.missbloom.gr/pics/64508-lily%20james-smile-200x200.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.187.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
67238-ABACA_521931_091-200x200.jpg
files.missbloom.gr/pics/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.missbloom.gr/pics/67238-ABACA_521931_091-200x200.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.187.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
25031-jon-hamm-default-200x200.jpg
files.missbloom.gr/pics/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.missbloom.gr/pics/25031-jon-hamm-default-200x200.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.187.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
IMG_9544-200x200.jpg
files.missbloom.gr/2016/05/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.missbloom.gr/2016/05/IMG_9544-200x200.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.187.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
preloadBar.gif
www.capital.gr/Content2017/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.gr/Content2017/images/preloadBar.gif
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.187.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
last-modified
Mon, 01 Oct 2018 13:43:27 GMT
server
Microsoft-IIS/8.5
etag
"6ae124bb8c59d41:0"
content-type
image/gif
status
200
cache-control
max-age=13215367
accept-ranges
bytes
content-length
25323
tag.js
js.agkn.com/prod/v0/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.agkn.com/prod/v0/tag.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2600:9000:200c:c000:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 26 May 2019 22:40:22 GMT
Via
1.1 ea71ce4ac4724c3ed76f4816ddddaa6c.cloudfront.net (CloudFront)
Last-Modified
Tue, 04 Dec 2018 22:35:38 GMT
Server
AmazonS3
Age
108210
ETag
"a5442c681a576408c25edbf365995343"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3167
X-Amz-Cf-Id
A5T1Ys8kIPSWAQWR3zyxNO_AtVbTXkIy9BYtf0Uk6RNTPPyhtTYhDA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7ab8c534d202a38787eac74e9e37f1b1b4d935265858da3450d484ea8339beb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
15717075286030958398
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
33124
X-XSS-Protection
0
Expires
Mon, 27 May 2019 07:00:18 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
etag
W/"a5067802576549b3e0627521f03ee508"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
4dd61c709ef7c286-FRA
expires
Mon, 27 May 2019 19:00:18 GMT
wp-embed.min.js
oraclebenefitsgroup.com/wp-includes/js/ 		184 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://oraclebenefitsgroup.com/wp-includes/js/wp-embed.min.js?ver=4.9.7
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:5c79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1940ea7376280457b47aa73f56ef229029c01c5dec322a57d05e98c77358d54f

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:03 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4dd61c6e48819ac8-FRA
Expires
Mon, 27 May 2019 11:00:18 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
5265
date
Mon, 27 May 2019 05:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Mon, 27 May 2019 07:32:33 GMT
pubads_impl_2019052001.js
securepubads.g.doubleclick.net/gpt/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
8411fa1184d1bcf8b006e7abdf7e5c287c14a24c4884322040165b488063af93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 May 2019 18:55:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55114
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:18 GMT
integrator.sync.js
adservice.google.de/adsid/ 		113 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=oraclebenefitsgroup.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
108
x-xss-protection
0
482
t.qds.ninja/t/ 		0
0
xtcore.js
www.missbloom.gr/
Redirect Chain
  • http://www.missbloom.gr/xtcore.js
  • https://www.missbloom.gr/xtcore.js
19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.missbloom.gr/xtcore.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.187.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Thu, 26 Nov 2015 09:49:24 GMT
server
nginx
etag
W/"5656d5a4-4ae0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=21721096
date
Mon, 27 May 2019 07:00:18 GMT
content-length
7522
expires
Sun, 02 Feb 2020 16:38:34 GMT

Redirect headers

Location
https://www.missbloom.gr/xtcore.js
Date
Mon, 27 May 2019 07:00:18 GMT
Cache-Control
max-age=0
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
Expires
Mon, 27 May 2019 07:00:18 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2Fmissbloom_skin&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418642&dlt=1558940418100&idt=516&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=470&adk=3307054402&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=21&icsg=49836&std=0&csl=63&vis=1&scr_x=0&scr_y=0&psz=1584x463&msz=1584x1&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
c9bc17c5b0c11ae24eada21c929a9ebd67410b70fc953c6d5ba0e695ebc44229
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
5337
x-xss-protection
0
google-lineitem-id
5071586096
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271135396
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019052001.js
securepubads.g.doubleclick.net/gpt/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
6de5517e1178ef3ae1605e9fb57f46808a167f2062111a91ff929558590c7e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 May 2019 18:55:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
25159
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:18 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2Fmissbloom_prest&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418654&dlt=1558940418100&idt=516&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=471&adk=1273862343&uci=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=23&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1584x464&msz=1x-1&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
9ecd89a9dabdfafc0daf716a0ecbaac758c86d498ab905fea3cc1edf5a891a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2279
x-xss-protection
0
google-lineitem-id
5069337274
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138270625430
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2Fmissbloom_728x90&sz=728x90%7C940x200%7C960x250%7C970x70%7C970x200%7C970x60%7C970x90%7C990x90%7C990x250%7C970x250%7C970x310%7C1000x250%7C1000x300&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418658&dlt=1558940418100&idt=516&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=472&adk=248121373&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=26&icsg=2146988&std=0&csl=70&vis=1&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
04e39bbf93416a8af04721b7a99481302367d5c21dbd2804d5b42b14740f2da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
5329
x-xss-protection
0
google-lineitem-id
5060799080
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138269685630
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		488 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2Fmissbloom_button&sz=300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418665&dlt=1558940418100&idt=516&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1128&adk=1522238017&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=28&icsg=2146988&std=0&csl=65&vis=1&scr_x=0&scr_y=0&psz=1569x150&msz=1569x150&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
df525290ace4d9dbaa805cd9b3f8761f53e753847d20a8927f20a584d707e82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
323
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2Fmissbloom_300*250A&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418669&dlt=1558940418100&idt=516&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1278&adk=1354387185&uci=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=29&icsg=2146988&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
fde7409e869af325b04e0a5e4fe49bf569351105c4381c9a5af52af353721cda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
5665
x-xss-protection
0
google-lineitem-id
5073146780
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271383967
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		500 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2FInRead_infeed_Missbloom_AdX&sz=192x256%7C256x192%7C144x256%7C320x50%7C256x256%7C300x250%7C320x180%7C300x100%7C320x250%7C256x144%7C640x480&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418687&dlt=1558940418100&idt=516&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1596&adk=2055048688&uci=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=30&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1569x308&msz=1569x256&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
4d830243454dbab9bd2814e1e259300ff5b68d9c32a655d8f567eaa78c959895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
326
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
_yalla_loader.js
widget.yallarec.com/ 		78 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widget.yallarec.com/_yalla_loader.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
14a9665ed298bd096a757a0967708c9bb8991cd92ccd61aab3535b8cd370045c

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 May 2019 12:02:07 GMT
Server
nginx
ETag
W/"5cea803f-137d0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Content-Length
20121
Expires
Mon, 03 Jun 2019 07:00:18 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy7&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2Fmissbloom_300*250B&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418727&dlt=1558940418100&idt=516&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3306&adk=3543098062&uci=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=37&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
1ba341e4a78e6d83218086fcb14a9576a94e7b578acadd5e3d58b60daf7cf3be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2256
x-xss-protection
0
google-lineitem-id
5069560715
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138270615588
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		491 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy8&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2Fmissbloom_300*250C&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418733&dlt=1558940418100&idt=516&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3556&adk=1034747580&uci=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=38&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
5968be11e994fe0fc45a7011248ec3c5b382bea62546b093ca911ff806bf41fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
320
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy9&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2Fmissbloom_textlink&sz=300x200%7C300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418736&dlt=1558940418100&idt=516&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3806&adk=926066986&uci=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=39&icsg=34351808&std=0&csl=68&vis=1&scr_x=0&scr_y=0&psz=1569x200&msz=1569x200&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
3b0db191fab802d70eaa0f565d36e1440b3e91304276596f8b9c5280288d84da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2617
x-xss-protection
0
google-lineitem-id
5072863914
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271404829
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		496 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy10&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2Fmissbloom_728x90_bottom&sz=728x90%7C970x200%7C990x250%7C970x250%7C1000x250%7C1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418759&dlt=1558940418100&idt=516&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=4874&adk=1019512580&uci=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=40&icsg=34351808&std=0&csl=77&vis=1&scr_x=0&scr_y=0&psz=1569x90&msz=1569x90&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
2b285cc52f3f9e39dd0f4e6704de54ec0019484f4615e5ab5cf9833ca896c4b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
332
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/gif
missbloom-logo-p.svg
oraclebenefitsgroup.com/wp-content/themes/mb17s/images/logo/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oraclebenefitsgroup.com/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:5c79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 10 Feb 2019 16:02:03 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4dd61c714bfe9ac8-FRA
Expires
Mon, 27 May 2019 11:00:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
1yMEyxk5gRTMjXVGgw73HxOEcUzSXsuL0QbHcyRtUGvrk7BACjUd1Ezls21XCeOXPXCzyflWbqv0KCQka0JLTw==
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 May 2019 07:00:18 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
15397
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1798217385996430&correlator=1678167802038233&output=json_html&callback=googletag.impl.pubads.callbackProxy11&impl=fif&adsid=NT&eid=21063861%2C21061865%2C21063506%2C21063817&vrg=2019052001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190527&iu=%2F3346429%2FMB_Inread_Video&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1558940418798&dlt=1558940418100&idt=516&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=5931&adk=343001862&uci=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&dssz=49&icsg=549628930&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1569x5923&msz=1x-1&blev=1&bisch=1&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
914967ab7fddbec5a51c14bec6ca6a3422cd1e232f9aeaa37cb251f7d27156e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2164
x-xss-protection
0
google-lineitem-id
4513156319
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219435056
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitbee.js
app.exitbee.com/c/366/ 		613 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.exitbee.com/c/366/exitbee.js
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.240.50.85 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
85.50.240.35.bc.googleusercontent.com
Software
nginx/1.15.3 / PHP/7.2.13
Resource Hash
418e939cd84c9cc0d048e19b5dd4305dfb3d0b2d5c4fae496039e66354cefae1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
gzip
server
nginx/1.15.3
x-powered-by
PHP/7.2.13
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache, private
strict-transport-security
max-age=15724800; includeSubDomains
content-length
406
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011905140117570/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905140117570/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
262d3765c5ef163d6f377281afcac103cfccadd2891701151a6857e3ea6e504a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
219578
status
200
date
Fri, 24 May 2019 18:00:40 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
7392
x-xss-protection
0
server
sffe
etag
"0708aa4cac9dea06"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sat, 23 May 2020 18:00:40 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011905140117570/ Frame 0373 		279 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dd177280f92ef3176df1bf97d348b453786fe02f2895ddf8c52e6e21ffbed819
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
308517
status
200
date
Thu, 23 May 2019 17:18:21 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
76430
x-xss-protection
0
server
sffe
etag
"42e386054cb44179"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 22 May 2020 17:18:21 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011905140117570/v0/ Frame 0373 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905140117570/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
536dbbd222f78b47b6e60a111b89e3319ead81fbc7d8cfd3b25bae435ad9bd00
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
219579
status
200
date
Fri, 24 May 2019 18:00:39 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
38899
x-xss-protection
0
server
sffe
etag
"874cf875aac3862f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sat, 23 May 2020 18:00:39 GMT
truncated
/ Frame 0373 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b44165bb1f30b73cb96461fde7e8be5aa37b07d46eca99e4f431fae97059fa6e

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5FD5 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1EsSSvvM_s0QvVgVPJAhHSjWeDuHC3X-WA5W8DQqSqnqry5tZhj8GsYGg1SV9d3zuEsqbBuuzNa9aLvspmm0nvetVJ96LMylPOxWEb78t620PmqpjFhll6yRrdQqcaN9EHkuFPxl0C329T3RmQ3OkgU6kBWqPyn4wNh60ZlLGJi8y-LPh5gPYJJ64KjyluuVsBGiQ-gWTtaQewpdonGwC2W3jQwkYPs46gsmR6dcXv46wmmgKNFlj56iE8k4ANHssU8i_0picXZWJmrUFQIcRcRh1dcJu8Q&sai=AMfl-YQn_dQVTbgFcN5H7ddsKoYKWIDZ-ry5NPIU2iPoZkEFANvc2CrUX-g6LgqFsA1vKLt3xRa3yOcS5VYyqIhB178yyszl_R4wawYYm4sI&sig=Cg0ArKJSzFT2mLidhW3eEAE&urlfix=1&adurl=
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 May 2019 07:00:18 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:18 GMT
madinad-sdk.min.js
static.madinad.com/static/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.madinad.com/static/madinad-sdk.min.js?adtag=29c714d3-b81b-49ab-ab26-8fb0730ebc3b&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4c17 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b77bea70e57eaae2f1d6c34b4d8a330f55959c607c7ed1a37ff402d37759deef

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
via
1.1 b7f7970e9c911e165d4cb9f70deac42a.cloudfront.net (CloudFront)
cf-cache-status
HIT
last-modified
Fri, 01 Mar 2019 09:31:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
content-encoding
br
cache-control
public,max-age=3600
cf-ray
4dd61c725d4bc29f-FRA
x-amz-cf-id
93avuV2Xkd3TftLZoeoET6CMQKLzMTXozTqDhFViVKvBpMNcADSH-Q==
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 5FD5 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fbff7ea65d203ff923035a3918bf22c1d0085b9ce680389e52fad30fa10924b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1558696467014160"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28585
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:18 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f7983c647539db99f560bc46d640bd7691d423155f4797fdb05651db41bc32bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1558696467014160"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
28516
X-XSS-Protection
0
Expires
Mon, 27 May 2019 07:00:18 GMT
4462843974891299976
tpc.googlesyndication.com/simgad/ Frame 0373 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4462843974891299976
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
582bebe3d2e81cf9d247c71d9cd687c2953cbf1dd58650374ab15a1b012d1354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 18:27:40 GMT
x-content-type-options
nosniff
age
217958
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
186535
x-xss-protection
0
last-modified
Wed, 22 May 2019 09:45:01 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 May 2020 18:27:40 GMT
B22672197.247428023;dc_pre=CISzks-Ru-ICFU084AodRzMGEg;dc_trk_aid=444016177;dc_trk_cid=116200339;ord=1605704348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9178.563336MISSBLOOM.GR/ Frame 0373
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9178.563336MISSBLOOM.GR/B22672197.247428023;dc_trk_aid=444016177;dc_trk_cid=116200339;ord=1605704348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N9178.563336MISSBLOOM.GR/B22672197.247428023;dc_pre=CISzks-Ru-ICFU084AodRzMGEg;dc_trk_aid=444016177;dc_trk_cid=116200339;ord=1605704348;dc_lat=;dc_rdid=;tag_...
42 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9178.563336MISSBLOOM.GR/B22672197.247428023;dc_pre=CISzks-Ru-ICFU084AodRzMGEg;dc_trk_aid=444016177;dc_trk_cid=116200339;ord=1605704348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 May 2019 07:00:18 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 May 2019 07:00:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N9178.563336MISSBLOOM.GR/B22672197.247428023;dc_pre=CISzks-Ru-ICFU084AodRzMGEg;dc_trk_aid=444016177;dc_trk_cid=116200339;ord=1605704348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0373 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto9IaHKc90R6WZ-3iN1qagoPdBHqc223dIx98eKRGdLbMsUcfeydJme3XvHOK33B1Il-Xsg-3oOS8q7y_Utifhlxcc6_AWIJrFXqZUbcVkPQ3T-xfypl4QrITWCBOe1HFwxOynF0XPJXHb05dFlhtAjFDgIuTIVqcrFS_sUwkYOi1-4Sli8g5bjO8v3CijfKbg7pAukDWVVzKYmaEXc2iX_yykQjGvGwkSRsd8uxp51xz29Y7MjYuJEt1DiB1MzUc6_YS5zTR0dw&sai=AMfl-YQxxw8pZEB7QF868H1g-3Mci4XwoXxJfxR7CB_7_wEtP8mahb-2MK_kq6yqOFHyPjBJQZSDi9BAgTLBrdKm0rq0G6hrawFpahIi0Q0k&sig=Cg0ArKJSzAv9SOXVdLr-EAE&adurl=
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:18 GMT
/
www.instagram.com/p/BJwAgHvAlt9/embed/captioned/ Frame 71F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Foraclebenefitsgroup.com&rp=%2F
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.instagram.com
:scheme
https
:path
/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Foraclebenefitsgroup.com&rp=%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://oraclebenefitsgroup.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/

Response headers

status
429
content-type
text/html; charset=utf-8
vary
Accept-Language, Cookie
content-language
en
date
Mon, 27 May 2019 07:00:18 GMT
content-length
21129
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-aed
1
x-fb-trip-id
713225770
Cookie set /
d.agkn.com/iframe/8613/ Frame F0C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://d.agkn.com/iframe/8613/?che=46209260&gdpr=&gdpr_consent=&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Foraclebenefitsgroup.com%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by
Host: js.agkn.com
URL: http://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Server
54.72.236.147 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-236-147.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://oraclebenefitsgroup.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/

Response headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html;charset=UTF-8
Date
Mon, 27 May 2019 07:00:18 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3AY4D6fUZHHztR2drAtdZNECRf6Qk52jzZ;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAkfkeCJH5HggAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length
479
Connection
keep-alive
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		212 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
etag
W/"c855e8eb5fbdafddfa15bc848b662c44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
4dd61c71eb41c286-FRA
expires
Thu, 30 May 2019 07:00:18 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190522/r20190131/ 		208 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190522/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e858861e7481544579ef30124bbffd299c102992dde617065b89685a615e74a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
9296017635219056550
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
79070
X-XSS-Protection
0
Expires
Mon, 27 May 2019 07:00:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190522/r20190131/ Frame 9010 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190522/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190522/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://oraclebenefitsgroup.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmUfWuh9i7LF8J6o-IrFsAdvnQGEU_OPwkp23GGIUMLr_HEMvrmVA9DU81s; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 22 May 2019 23:55:47 GMT
expires
Wed, 05 Jun 2019 23:55:47 GMT
content-type
text/html; charset=UTF-8
etag
13732316697317830675
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7014
x-xss-protection
0
cache-control
public, max-age=1209600
age
371071
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
hit.xiti
logw312.ati-host.net/
Redirect Chain
  • http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0700185095242&jv=0&re=1600x1200&vtag=4.5.7&hl=7x0x18&r=1600x1200x24x24&ref=
  • http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0700185095242&jv=0&re=1600x1200&vtag=4.5.7&hl=7x0x18&r=1600x1200x24x24&ref=&Rdt=On
43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0700185095242&jv=0&re=1600x1200&vtag=4.5.7&hl=7x0x18&r=1600x1200x24x24&ref=&Rdt=On
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
104.111.234.76 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-234-76.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Tue, 19 Oct 2004 10:41:07 GMT
Server
Microsoft-IIS/8.5
ETag
"ba362424c8b5c41:0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Location
http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0700185095242&jv=0&re=1600x1200&vtag=4.5.7&hl=7x0x18&r=1600x1200x24x24&ref=&Rdt=On
Date
Mon, 27 May 2019 07:00:18 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
P3P
policyref="/w3c/p3p.xml",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
1047335965285668
connect.facebook.net/signals/config/ 		207 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1047335965285668?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
99fe7527ada5bde08f5064266614fd01bc1a580121534ce6b3a3e1a0f2cf1b73
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
56216
x-xss-protection
0
pragma
public
x-fb-debug
0MPaPDNAHa4vGVyBv8mor00WjoETh3fY8tUNHtayCIQpnaXh2wH/6Lq3tBVRk7VBbkCrBj5/xFEpLbAFTO8fOg==
date
Mon, 27 May 2019 07:00:18 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011905140117570/ Frame 9BE3 		279 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dd177280f92ef3176df1bf97d348b453786fe02f2895ddf8c52e6e21ffbed819
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
219579
status
200
date
Fri, 24 May 2019 18:00:39 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
76430
x-xss-protection
0
server
sffe
etag
"42e386054cb44179"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sat, 23 May 2020 18:00:39 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011905140117570/v0/ Frame 9BE3 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905140117570/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
536dbbd222f78b47b6e60a111b89e3319ead81fbc7d8cfd3b25bae435ad9bd00
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
940302
status
200
date
Thu, 16 May 2019 09:48:36 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
38899
x-xss-protection
0
server
sffe
etag
"874cf875aac3862f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 15 May 2020 09:48:36 GMT
truncated
/ Frame 9BE3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df459ba36c34d3b933db5f377354f6602601d9156f80e5916dedceaf540178dd

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
360023803062388336
tpc.googlesyndication.com/simgad/ Frame 9BE3 		643 KB
644 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/360023803062388336
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
deae6e65d4aac34f107841bfe7eaf51db9736317ab5bd9f483c08fb0543b3f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 May 2019 09:41:47 GMT
x-content-type-options
nosniff
age
1545511
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
658716
x-xss-protection
0
last-modified
Thu, 09 May 2019 09:26:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 May 2020 09:41:47 GMT
adServer.bs
bs.serving-sys.com/serving/ Frame 9BE3 		42 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/serving/adServer.bs?cn=display&c=19&mc=imp&pli=28310721&PluID=0&ord=1855702842&rtu=-1
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 07:00:18 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Type
image/gif
Content-Length
42
Expires
Sun, 05-Jun-2005 22:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9BE3 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFY-uJbQJN68mTpi7Fw2Ii9mtnudrz1rdQH2VXyrpYnGOgLK_8W4iDaICe9q8KwmNaDuusbqyOVtt5xbAsKgT6GUG8VTg6TBcypo4j5TUQ5BJFl-DKdwoUw310TtxUTLLb5nz54EO8IIltJsIuE3GzxN_WPAaKvzxSi1wnmIHIkSyVUUzWSTet7IHMNzDnV_6ALkAvcmqAPj93uKClroKZweGk1GPVOxDkBdOiS2HpvVKxxwCffLDzDj5MEwplRe3RdhLYZOwh&sai=AMfl-YSdX3YTuod_QsI9-FbhdDxn0NHxwOji0kSWbu3B1udT9DLQhTsZgxtIBTsF0rrAhKSFSiJIl4uTRMXxDIdyq4lxflRUmpaw99Nu8r5n&sig=Cg0ArKJSzDGu0Gm0o5XLEAE&adurl=
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:18 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:18 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 02:10:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
6843006
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
29671
X-XSS-Protection
1; mode=block
Expires
Sun, 08 Mar 2020 02:10:12 GMT
truncated
/ Frame 5FD5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1da6e48963033e5cf668a532551c463480b2658a59b465fb1bfb35b8057a848

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
web
onesignal.com/api/v1/sync/a0fa4e13-4582-43b8-b298-6d4cc7d6e9ed/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/a0fa4e13-4582-43b8-b298-6d4cc7d6e9ed/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.2
Resource Hash
25efe772f98eb998995f890296dea5a76552d9cdb0ff2dc4ef7a9f346f033cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Phusion Passenger 5.3.2
status
200, 200 OK
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
f9c4dcd9-0019-421c-8a90-6485e51a43a6
x-runtime
0.061185
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-polished
origSize=2869
cf-ray
4dd61c731ed1c286-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 27 May 2019 07:05:19 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FE70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1558940418869&bpp=23&bdt=769&fdt=184&idt=185&shv=r20190522&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2885831218825&frm=20&pv=2&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&ga_fc=0&iag=0&icsg=2815312587128867&dssz=60&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=11&uci=a!b&fsb=1&dtd=212
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190522/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1558940418869&bpp=23&bdt=769&fdt=184&idt=185&shv=r20190522&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2885831218825&frm=20&pv=2&ga_vid=1256975038.1558940419&ga_sid=1558940419&ga_hid=1786849976&ga_fc=0&iag=0&icsg=2815312587128867&dssz=60&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=11&uci=a!b&fsb=1&dtd=212
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://oraclebenefitsgroup.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmUfWuh9i7LF8J6o-IrFsAdvnQGEU_OPwkp23GGIUMLr_HEMvrmVA9DU81s; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/

Response headers

status
400
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 27 May 2019 07:00:19 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
8eFaTGBb0vG2J8MNu1v4yysdjLWdR1FSebuWTSVSSyfJVpy+Urovpka1cSAOqO46HwHFXdWtcKp42hEYaFyKhw==
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 May 2019 07:00:19 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
772
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011905140117570/ Frame 8A47 		279 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dd177280f92ef3176df1bf97d348b453786fe02f2895ddf8c52e6e21ffbed819
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
219580
status
200
date
Fri, 24 May 2019 18:00:39 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
76430
x-xss-protection
0
server
sffe
etag
"42e386054cb44179"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sat, 23 May 2020 18:00:39 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011905140117570/v0/ Frame 8A47 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011905140117570/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
536dbbd222f78b47b6e60a111b89e3319ead81fbc7d8cfd3b25bae435ad9bd00
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
940303
status
200
date
Thu, 16 May 2019 09:48:36 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
38899
x-xss-protection
0
server
sffe
etag
"874cf875aac3862f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 15 May 2020 09:48:36 GMT
truncated
/ Frame 8A47 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
247ee0e21630fce179294f9560e3b0f78adf6e4b9b3891149169f5d1ba2406af

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
8948911285549873422
tpc.googlesyndication.com/simgad/ Frame 8A47 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8948911285549873422
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
257f39b16d3a9b368f72cdfd8f12004c1584cc2d54646f1f83d93532bf7b6326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 18:15:11 GMT
x-content-type-options
nosniff
age
218708
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
144593
x-xss-protection
0
last-modified
Fri, 24 May 2019 08:18:36 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 May 2020 18:15:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8A47 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvV1U0fzNqbfv6eZbZGT-BeVKkQ0CGkxn9jbPveGLsoVJlAq9j8vbGt11cbqqOB9Xh5XOPl-go5z8NcwwCCoZz8ZVLs3LVtoVwt7sHf52xc6l0pXKP_gysn4u9gzOVO9eLE6_V54GGy1vXkuK3EcF32Kg3TRIhETcertJdXuZFIlx905plC6TgLwat3ktT6TltZrxqs7ObUJ6I8Otb7e0BTIhR2mj-4ZPt2uqi_7-QpwyaP3FnX5BEGF3dL8Wt_Jhb35xQiYmx4XeFRVfGw&sai=AMfl-YRCQhQArWtf9iBxjhRpm5OdNjxWmAhNuo_ZQvWpJb07KxYe4PlCrZAg1J90WQDfs7hcBr-0PKjesstpzdMQBE7xIliiZd-vfe0sRNUqcQ&sig=Cg0ArKJSzF2coqegcYaoEAE&adurl=
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1047335965285668&ev=PageView&dl=http%3A%2F%2Foraclebenefitsgroup.com%2F&rl=&if=false&ts=1558940419270&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1558940419269.806358110&it=1558940418916&coo=false&rqm=GET
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 27 May 2019 07:00:19 GMT
getrecs.json
api.yallarec.com/rec-api/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.yallarec.com/rec-api/getrecs.json?cb=yallarec_cb_9010613340715446&pubid=185585&webid=175457&wid=117200&recsnum=15&url=http%3A%2F%2Foraclebenefitsgroup.com%2F&cs=UTF-8&subid=&title=%CE%9D%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD%20%CE%BD%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD&kwrds=&sessionid=fb7fac35-d906-3ae6-a656-75a3ccc2af93&rndid=9010613340715446
Requested by
Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol
HTTP/1.1
Server
95.142.20.17 , Israel, ASN20645 (PUREPEAK-ASN, IL),
Reverse DNS
ip-95-142-20-17.purepeak.com
Software
nginx /
Resource Hash
85cb1c787c3715ea70f44e60acf725c0a31fb70429741620853e63b898bab67c

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 07:00:19 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-cache, no-store, max-age=0
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
exitbee.js
app.exitbee.com/assets/js/campaign-scripts/common/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.exitbee.com/assets/js/campaign-scripts/common/exitbee.js
Requested by
Host: app.exitbee.com
URL: https://app.exitbee.com/c/366/exitbee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.240.50.85 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
85.50.240.35.bc.googleusercontent.com
Software
nginx/1.15.3 /
Resource Hash
443929031cd05ba84b410c81427580e0f8b19468a2b92c8009fca236ecaabbff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-original-content-length
52576
server
nginx/1.15.3
etag
W/"PSA-aj-qIJqU8yPHh-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=262
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
8870
expires
Mon, 27 May 2019 07:04:42 GMT
csi
csi.gstatic.com/ Frame 8A47 		0
202 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1558940419324&qqid=CKXbiM-Ru-ICFeyM7QoduUkPWQ&rt=a4a.link.3.b.3.8.0.0.1n20.1mz2~aa.script.3.8.2.6.0.0.u30.u0j~simg.img.5.a.2.8.0.0.33ps.33kh~vu.img.5.12.0.11.0.0.1c.0&met.a4a=dcl.0~ol.170~nvs.1558940419147~ini.1558940419324
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905140117570/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:811::2003 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 27 May 2019 07:00:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1D55 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg0HbXKUcMaOWnbhPjENmUWynEpHsUmA3EoJBWydhOAjUYUzmXG2Kem2ix0V4Cc7RMZ46tWH0yioNSoPGjUBvd0IIsOnfoLtzeS4Pd_EbJSDvAhKLPWrNAa67L4SegIohk0rhXkH54A0n50Txsx7re4IAC0evlfqjCbEuGs-Qn_PjrrzbZfU9GMOrTNwFyp2MZ7NZmNjVs-U0H9nnNiPz2anMMGFsM1xWYnYuL75KeiyaB1ZG4l4zQfBlKDwANHToJ6NUzGZqCrn0eiK0o&sai=AMfl-YQ1J36vgFPcnq26jFF-61psPiM-RzqaxB1LFwwBZIAEemhLMbjDHEe_CO0V5JaGsSBmqNK8xHqIGO2e0ZLA_6CktS5bcY8DwmXRvj98gLFvWeyMfeBfgMbZavM&sig=Cg0ArKJSzASQ7fsWWoF4EAE&urlfix=1&adurl=
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 May 2019 07:00:19 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame 1D55 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bd50d760c9c8030c8ca1a512d0f196b12576a60693d4082037a42975b1399a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 06:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 May 2019 14:11:04 GMT
server
sffe
age
3536
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2020
x-xss-protection
0
expires
Mon, 27 May 2019 07:01:23 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 1D55 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fbff7ea65d203ff923035a3918bf22c1d0085b9ce680389e52fad30fa10924b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1558696467014160"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28585
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:19 GMT
impl_v49.js
www.googletagservices.com/dcm/ Frame 1D55 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v49.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0cb4cf1da856a8864bd54129b4818a7fcae47f928a974ce7af3fe5f71fb63fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 13:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 May 2019 15:04:29 GMT
server
sffe
age
61876
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8760
x-xss-protection
0
expires
Mon, 25 May 2020 13:49:03 GMT
636
www.vidads.gr/get/video/vast3/ 		97 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Foraclebenefitsgroup.com%2F
Requested by
Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.92.74.18 Tampa, United States, ASN54540 (INCERO-HVVC - HIVELOCITY, Inc., US),
Reverse DNS
srvn1.nemohq.gr
Software
nginx/1.12.2 / PHP/5.4.45
Resource Hash
abe6af6a23f989b0623689a5d2a8df531c4f84c1e9785db0bad82155e9ef7f92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
PHP/5.4.45
status
200
content-length
101
pragma
no-cache
x-route
http2
last-modified
Mon, 27 May 2019 07:00:18 GMT
server
nginx/1.12.2
vary
Accept-Encoding
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://oraclebenefitsgroup.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
B22705314.247598166;dc_ver=49.128;dc_eid=40004000;sz=300x250;osdl=1;u_sd=1;dc_adk=1224465404;ord=sl5opi;dc_rfl=1,http%3A%2F%2Foraclebenefitsgroup.com%2F$0;xdt=0;crlt=H(eCaJjDjh;osda=2;sttr=20;prcl=s
ad.doubleclick.net/ddm/adi/N514413.563336MISSBLOOM.GR/ Frame E77E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N514413.563336MISSBLOOM.GR/B22705314.247598166;dc_ver=49.128;dc_eid=40004000;sz=300x250;osdl=1;u_sd=1;dc_adk=1224465404;ord=sl5opi;dc_rfl=1,http%3A%2F%2Foraclebenefitsgroup.com%2F$0;xdt=0;crlt=H(eCaJjDjh;osda=2;sttr=20;prcl=s?
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v49.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ad.doubleclick.net
:scheme
https
:path
/ddm/adi/N514413.563336MISSBLOOM.GR/B22705314.247598166;dc_ver=49.128;dc_eid=40004000;sz=300x250;osdl=1;u_sd=1;dc_adk=1224465404;ord=sl5opi;dc_rfl=1,http%3A%2F%2Foraclebenefitsgroup.com%2F$0;xdt=0;crlt=H(eCaJjDjh;osda=2;sttr=20;prcl=s?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://oraclebenefitsgroup.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlHToLTqDB3-I2shfTUxiae84e7VVlHHAuHr19IfVA7y3bTeKRMvY80ccbo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 27 May 2019 07:00:19 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
8942
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 1D55 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v49.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f7983c647539db99f560bc46d640bd7691d423155f4797fdb05651db41bc32bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1558696467014160"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
28516
X-XSS-Protection
0
Expires
Mon, 27 May 2019 07:00:19 GMT
yalla_crt_loader.js
widget.yallarec.com/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widget.yallarec.com/yalla_crt_loader.js
Requested by
Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 May 2019 12:02:08 GMT
Server
nginx
ETag
W/"5cea8040-342f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Content-Length
3239
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2_160682_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/dd/11/bb/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/dd/11/bb/files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2_160682_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06586aba61325410d3ba66a1596bca839b474fe8d9507a87085d57b496a80050

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Fri, 24 May 2019 07:42:04 GMT
Server
AmazonS3
x-amz-request-id
6F92432F2374DF4F
ETag
"6a54abef30074e24cc0e24783606886f"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15620
x-amz-id-2
nDWDNGLEMVzjGPDqbiodSgHPlzBdJY535f4GSe6EFVoLq2DOG6TicBKrFrGh/pxOi3LrDrFn8Jg=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.iStock_2D513482654_2_100023_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/10/2e/f5/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/10/2e/f5/files.missbloom.gr.iStock_2D513482654_2_100023_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d674d57b911b44c9c8e56b08f60ca1b6c20102be7543d31591efff9aa799537

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Thu, 16 May 2019 13:10:17 GMT
Server
AmazonS3
x-amz-request-id
7BE9469268B0D8DC
ETag
"619a34db2dc264e5dadd44449be61409"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12864
x-amz-id-2
I/wViBsQAiAiPmFaiikRzTjf2og/6S9gd7T5Dw6UXi6XakcRTKuvTKfVmZrswNrjaL+rdw/kvXc=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
yupiii.gr.13ddd385d2e7f2fd37c7f884a279a5ea_2_168373_2.jpg
img9-api.yallarec.com/98/c6/website_175458/c3/31/7c/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/98/c6/website_175458/c3/31/7c/yupiii.gr.13ddd385d2e7f2fd37c7f884a279a5ea_2_168373_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
457e49796841a3b66d5938c1928eaa34afd7e87414f0e30fa6a45f9227ad9cbe

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Sun, 26 May 2019 22:10:20 GMT
Server
AmazonS3
x-amz-request-id
AD78122C2464313E
ETag
"520e9f29e095fac7d6589ebfc925b8ef"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12642
x-amz-id-2
kTkLtWGJctLrnqCBXVrKIpO9LIt8IlDLOA3bM4t8ZcyxgqROtl9TzQVvmXGiru2pQphkKIMs4/8=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.Screenshot_5F8_2_158543_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/4e/93/0b/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/4e/93/0b/files.missbloom.gr.Screenshot_5F8_2_158543_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13b212760cb621af244a95cd7b41d9555ed29c2d4cf8093f941126b7a2d713d1

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Mon, 27 May 2019 06:54:26 GMT
Server
AmazonS3
x-amz-request-id
8C077E06B1C468A6
ETag
"7756487a583e4405facbc92a6445ffef"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14085
x-amz-id-2
KfqG3DYugzZkKDB3EEbtE05L9H3LIX3DYQCwx6yFpsVwqgGhVwHO8180Ap+cUwVHcv5QosuJEu4=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
i1.wp.com.iStock_2D1060785632_2Ejpg_3Ffit_3D700_252C700_26ssl_160754_2.jpg
img9-api.yallarec.com/dc/64/website_175460/a7/f9/5d/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/dc/64/website_175460/a7/f9/5d/i1.wp.com.iStock_2D1060785632_2Ejpg_3Ffit_3D700_252C700_26ssl_160754_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6f0ff331b2a3828e42873583007e3be640500472157487918c795681c7d51e1

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Wed, 15 May 2019 11:06:33 GMT
Server
AmazonS3
x-amz-request-id
18E586E26A128E3B
ETag
"bd8ade811b0f9adeeaa3821e0d96e015"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11014
x-amz-id-2
mGX6oaXq4rKTdZ4LpXB+WDPL5JpbrkXBUlzCLKKmb9CQlzOaq1EzlLog4Fa74G3QHPB6lLyW6GY=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.2942_5FKERASIA_5FKOYI_5FLEFTHERIS_5FELFTHERIOY_5FLAKIS_5FLAZOPOYLOS_5FMARIA_5FLEKAKI_5F112016_2_179022_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/46/1d/eb/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/46/1d/eb/files.missbloom.gr.2942_5FKERASIA_5FKOYI_5FLEFTHERIS_5FELFTHERIOY_5FLAKIS_5FLAZOPOYLOS_5FMARIA_5FLEKAKI_5F112016_2_179022_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96932e985856f3952d02f07c927c0610e2d2219c596f1d292eb842192ca41ff8

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Tue, 14 May 2019 11:51:09 GMT
Server
AmazonS3
x-amz-request-id
331C39DAE72BE87A
ETag
"21f76c83751e72eb4f0c58c69d761ee9"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15097
x-amz-id-2
nI/ZEGoiU7P7i5r378zhXdRr2Wmu/qcm24Qvfn6lcC1wJoWWBS1SIy12PLRTVbb2yMLKCO92qg0=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.BeFunky_2DCollage_2D17_2_128183_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/25/74/0a/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/25/74/0a/files.missbloom.gr.BeFunky_2DCollage_2D17_2_128183_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4841c16cf30ce86a4f6e02e2943890987f6a4d753376b17dd4abab10e8af20e7

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Fri, 24 May 2019 15:35:34 GMT
Server
AmazonS3
x-amz-request-id
119989ABF7091586
ETag
"f934c8b625559cae1f708f5efc92a8b7"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13467
x-amz-id-2
05we0Syl8H2DP9bGb8+NXbd54/NdOwnfwUvYvbT7QJDdLEKjQiMYTBzNje3ZXMmhrltmbE2ZEyk=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.ceae530fad6144d8aeb9fcec7975a5d4_2_152328_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/5d/0d/7c/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/5d/0d/7c/files.missbloom.gr.ceae530fad6144d8aeb9fcec7975a5d4_2_152328_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35618b4e5f192b6bf2a70a510d0dd2dd5955d9ff20496461b2c77192ee86450b

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Sun, 26 May 2019 06:48:08 GMT
Server
AmazonS3
x-amz-request-id
AA5EFF239C28F727
ETag
"002ef90c86fdfdfc83b925d2c240747a"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16640
x-amz-id-2
IbHu0I6twWz1pZkEiO3EEoPpzm7ux4cReFhAyblrlqjPQ8zUbHBHQooL9babRBMiEjUBntmQbBw=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
madamefigaro.gr.113329_2D10tipsforstylishwomen_5F3_2Ejpg_3Fwidth_3D1601_26height_3D674_26mode_3Dpad_26scale_3D_180351_2.jpg
img9-api.yallarec.com/c3/28/website_175461/57/8e/4b/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/c3/28/website_175461/57/8e/4b/madamefigaro.gr.113329_2D10tipsforstylishwomen_5F3_2Ejpg_3Fwidth_3D1601_26height_3D674_26mode_3Dpad_26scale_3D_180351_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60e11ee4d0c28c92994a91e0301a4b8d876b0cc9da009b6557c315c2de1faa78

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Tue, 21 May 2019 08:50:42 GMT
Server
AmazonS3
x-amz-request-id
F48A19F803863A16
ETag
"2d453a54cbb53a6a2d89db485481b797"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17688
x-amz-id-2
c1xEMtitpCETNpaMsc90Kj0Il4EoR4UTH4E8l3uOl+P3etutZZwijvIh+lVLMqrhhHcKmnY+dw4=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.renesi_2De1558593302261_2_131817_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/24/16/d3/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/24/16/d3/files.missbloom.gr.renesi_2De1558593302261_2_131817_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60e4d9c0475ece458e634a68545a51336a621fe7c742b4191cb3cdaef4504da

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Thu, 23 May 2019 06:50:03 GMT
Server
AmazonS3
x-amz-request-id
6F8320F29AE4B282
ETag
"21bc7b16bbc2f3a5878a7eff0026df7a"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13446
x-amz-id-2
YAyKyM88i2bHhAnwRAZRfRdBCJg/4w9B8wrl3KgaScUyUV70XZiigdwhLd0DNZINOcbqCMBPrms=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.2651991_2_101334_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/66/09/11/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/66/09/11/files.missbloom.gr.2651991_2_101334_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
637f04e6ec0a73904402375e46fb88fd1772da943d60f661033a4ca6b5392a60

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Sun, 05 May 2019 07:20:27 GMT
Server
AmazonS3
x-amz-request-id
A5FF06A9F1C0FC89
ETag
"b6df702a2593b01248bbf584fa017b32"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12430
x-amz-id-2
UEjjYIZHenc+AAlA4G01ew6dr/JLphDLOhBD/JqYHBbSMzE2MCD2HqFZKRxmy0APrdmB/HRW3oo=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.Untitled_2D41_2_127643_2.png
img9-api.yallarec.com/e4/6d/website_175457/91/95/b7/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/91/95/b7/files.missbloom.gr.Untitled_2D41_2_127643_2.png
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ea390ef97ab3392f04e9ccd35d1ea56f4bdecd140ad348df52a505b19e93fc2

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Wed, 22 May 2019 07:59:50 GMT
Server
AmazonS3
x-amz-request-id
EFAB03DA49ECF463
ETag
"0b748581f91aeb1079909acccb7da965"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11346
x-amz-id-2
OEWQeexyxg90Y3IWmTu6Moa1p0eOYklgEOLI0SC2G/3SeRAgQ2Gz0qE0Ut984OxPIyglWAtsEBI=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.icemax_5F700_5F9b1a4d1fe220aea0e446a02a1e56751f_2_152875_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/80/f6/31/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/80/f6/31/files.missbloom.gr.icemax_5F700_5F9b1a4d1fe220aea0e446a02a1e56751f_2_152875_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
670b0e01802926a5716533c047ef67a3535f5b884eaf3c9de29c26537b1cddae

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Mon, 27 May 2019 06:20:37 GMT
Server
AmazonS3
x-amz-request-id
47FA5242C7685810
ETag
"5230fa64415bfd609feda8a0378edd79"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11529
x-amz-id-2
eStLOm2oFtSG0TRjW/sB+1NQGPnOQv2oB86gFf6NZhq912vIIDHPI0HL0Gf+7U5GGoHQPtsv0AU=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.9187dbcb364570555812274c7e8e77d0_2_159964_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/2f/b0/57/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/2f/b0/57/files.missbloom.gr.9187dbcb364570555812274c7e8e77d0_2_159964_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a62625b469eb71b257f75c419b82781e83352914d6ac6b3d900a5ec8e1b5c43

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Fri, 03 May 2019 17:28:42 GMT
Server
AmazonS3
x-amz-request-id
BFCD272EE93305F8
ETag
"306069abdc50f2f90498079f50e20898"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13078
x-amz-id-2
zZMLQbN1FEU9Mc70lrvFM1jGdvV2g6Kuo0MR0mbMcNY7B9YLGlJfgq8t9DBr80JxTZMGsIXs3bw=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
files.missbloom.gr.2W4A0659_2_116427_2.jpg
img9-api.yallarec.com/dc/64/website_175460/50/ae/6f/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img9-api.yallarec.com/dc/64/website_175460/50/ae/6f/files.missbloom.gr.2W4A0659_2_116427_2.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41ffa6c8ce65e60910c5645e569ede8287174ca836f9f496e4f81bd85f177754

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Last-Modified
Fri, 10 May 2019 02:04:24 GMT
Server
AmazonS3
x-amz-request-id
04B45A21DDDEE0BE
ETag
"1d6c185d30cd9cc4c90fd4af23187c07"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16252
x-amz-id-2
5FW/dUhE4YdVACbge6KItUIMwHdSFbsE74L0l0qImWMyPmYDM6cnT8q++jIN06Pewv9yr131+/M=
Expires
Mon, 03 Jun 2019 07:00:19 GMT
publishertag.js
static.criteo.net/js/ld/ 		84 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: widget.yallarec.com
URL: http://widget.yallarec.com/yalla_crt_loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0f9f85d89348083494eb4bb5ccb55609295ef967182565e32bf762eebaedcfed

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 May 2019 13:50:24 GMT
Server
nginx
ETag
W/"5cdac7a0-1505e"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Timing-Allow-Origin
*
Expires
Tue, 28 May 2019 07:00:19 GMT
truncated
/ Frame 1D55 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37fffd221945fe2e54875e96d28af53a43b2a0aa39c166e830e87896c07b823d

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
cdb
bidder.criteo.com/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://bidder.criteo.com/cdb?ptv=66&profileId=184&cb=68193842663
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
http://oraclebenefitsgroup.com
Date
Mon, 27 May 2019 07:00:19 GMT
Access-Control-Allow-Credentials
true
Server
Finatra
Timing-Allow-Origin
*
Vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 6C91 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfP08cXCjbMEM1L00FnRpCdm_wxvPy0yYgcjMNGj8mOIjG3HWCGu7FFgYkDa1d2cvLqbWJNwG4tazZd5AGLara0fgiNMX0Hb-3cGJ5O2MQUF6DH3DqgQ_fvpAH1Tc-gT7FOSwKxIYWTaDkpP6cR-2MTXsyb_Y7tynuf67JlIqt_v4sroEx5zJrFgwuXtQaLbyP9gZ0mbpHJRcfF5iht32LBPjp7VUZjlEYcHPHvWZv-X8DPUD4GuoDRHtAd1GeUgj7SygtZFj36QKinFIDUrQ&sai=AMfl-YTZsXFaYhNPOIMBg9K57DKOHjS098oJNaI2-fZOaNXc8LeNeFBhfzs9V-LuCDgqsn_WURx1uaAfGThzKMIp7uisNNb1UpmKQitzJzI5JjOg8RI_qLh9O-C46n5_&sig=Cg0ArKJSzHGOcoO9YPDmEAE&urlfix=1&adurl=
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 May 2019 07:00:19 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 6C91 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fbff7ea65d203ff923035a3918bf22c1d0085b9ce680389e52fad30fa10924b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1558696467014160"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28585
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:19 GMT
imgad
tpc.googlesyndication.com/pagead/ Frame 6C91 		507 KB
508 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDHmO6dJRABGAEyCHhyBpZOSIle
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
bd401af99e99c9c4d063fed920d9b600fa801235eb6b6a4a6bd95d7f20b8dec6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 May 2019 11:43:08 GMT
x-content-type-options
nosniff
server
cafe
age
242231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
519652
x-xss-protection
0
expires
Fri, 31 May 2019 11:43:08 GMT
B22588227.247084513;dc_pre=CK3xwM-Ru-ICFUahewodSTMO5w;dc_trk_aid=443400489;dc_trk_cid=116313400;ord=425132534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N2520.3291990ATTICAMEDIA/ Frame 6C91
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N2520.3291990ATTICAMEDIA/B22588227.247084513;dc_trk_aid=443400489;dc_trk_cid=116313400;ord=425132534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N2520.3291990ATTICAMEDIA/B22588227.247084513;dc_pre=CK3xwM-Ru-ICFUahewodSTMO5w;dc_trk_aid=443400489;dc_trk_cid=116313400;ord=425132534;dc_lat=;dc_rdid=;tag_f...
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N2520.3291990ATTICAMEDIA/B22588227.247084513;dc_pre=CK3xwM-Ru-ICFUahewodSTMO5w;dc_trk_aid=443400489;dc_trk_cid=116313400;ord=425132534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 May 2019 07:00:19 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 May 2019 07:00:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N2520.3291990ATTICAMEDIA/B22588227.247084513;dc_pre=CK3xwM-Ru-ICFUahewodSTMO5w;dc_trk_aid=443400489;dc_trk_cid=116313400;ord=425132534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6C91 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e80e413ce7ab07c0882dfb8031b3f1db7e548f45687592c33aa5e919605c1d17

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ Frame F815 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3618
pragma
no-cache
cache-control
no-cache
origin
http://oraclebenefitsgroup.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://oraclebenefitsgroup.com/
accept-encoding
gzip, deflate, br
Origin
http://oraclebenefitsgroup.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
http://oraclebenefitsgroup.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Mon, 27 May 2019 07:00:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D067 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvUc-ub4j_ubI1xNd2b_JCwlDmun1CrByqnTLEjGPijNgxb7qeNH5rRxEzw6oZIYFonpRro3TjgF6ZNfbmeS31mjdE0pigGxlsmZWJiNqCzlMuPk_0uHqbyqeBHsmGaJjO35Ncwnd-VrlbbDXrnRYSIZY30XxLYEK2MFBngUKF7svwGpxQ1TjEnf69BnioB1mCHmksIC0-QTvLNOUPgTF7ddXAC5EsDt8nHLG3TR-ap7aTNZ3pzsc8EU61aViJljXIGXCZkSQLGOg&sai=AMfl-YSQKANph7Zgu5AXS0CYFRT-Lq3tRvjW1Gm9eMCr4mXseWgtYMg2PcOkQZSW2tpFHJIHhcMX_8JKR2GDDph41dQ59aFA1IXOlVnNqVRfjKMtF9CJyX1JrTY6VIrS&sig=Cg0ArKJSzPn6gY55RXUbEAE&urlfix=1&adurl=
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 May 2019 07:00:19 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
tag
a.teads.tv/page/77691/ Frame D067 		679 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
http://a.teads.tv/page/77691/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
HTTP/1.1
Server
88.221.165.178 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a88-221-165-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
40bf5d3b5c6d75c1cd50049b9b77b8378696472d06ba32296eafc96f574903d4

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, must-revalidate, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
433
Expires
Mon, 27 May 2019 08:00:20 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame D067 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019052001.js?21063861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fbff7ea65d203ff923035a3918bf22c1d0085b9ce680389e52fad30fa10924b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1558696467014160"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28585
x-xss-protection
0
expires
Mon, 27 May 2019 07:00:19 GMT
truncated
/ Frame D067 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2632ab9a3e281fb1debb1f9866ea8ac9b5c88ba9ad9df0d3cb687993b7c6561

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
r
amp-error-reporting.appspot.com/ Frame 9BE3 		2 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 May 2019 07:00:20 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
r
amp-error-reporting.appspot.com/ Frame 8A47 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 May 2019 07:00:20 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
r
amp-error-reporting.appspot.com/ Frame 0373 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 May 2019 07:00:20 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
teads-format.min.js
a.teads.tv/media/format/v3/ 		697 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: http://a.teads.tv/page/77691/tag
Protocol
HTTP/1.1
Server
88.221.165.178 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a88-221-165-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce00caa24b871ea4c52ca6f06d4b41dcee3b45b124b73fdde5d156fad28e188f

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 May 2019 11:59:36 GMT
x-amz-request-id
6C7D880CC339B14E
ETag
"176eadc4154528b9e756b80ea4ad5293"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Cache-Control
private, must-revalidate, max-age=600
X-BUCKET
8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
185897
x-amz-id-2
vST4b356zsxJzPuAP0aQgP574Jk0Xzd+lrwy2dVoDZY1s8ievz0uKeTDr2L4hAfR8ruRCA+BFSc=
Expires
Mon, 27 May 2019 07:10:20 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5FD5 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1BrCf2Jl2lBEvJ2ZSkYZdsLovpv2AQvklkxzX-xUn4IcXazuZmEQyc3514lBdflDgio6Ip1R8QFCkRZNA1IpqgRfYrU1kEFuYsZhEZFE&sig=Cg0ArKJSzHlyN04rHrSGEAE&adk=1273862343&tt=-1&bs=1585%2C1200&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&p=1148,8,1149,9&mcvt=1062&rs=3&ht=0&tfs=187&tls=1249&mc=1&lte=1&bas=0&bac=0&avms=geo&md=2&rst=1558940418826&rpt=194&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C8542&ss=1600%2C1200&pt=-1&deb=1-1-5-10-12-23-56-11&tvt=1233&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190524
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 May 2019 07:00:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0373 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhtQHYCO1T2mPNz8l-LFVHq-BCo3Ls0Ts-_jOY2XnnBJB9Zup9Cxb8hypFyXKRiWP9kFt6V0vximQP37bzl4ReaDCcO1pPbllrcWY8xHE&sig=Cg0ArKJSzCNkiX9_irqWEAE&id=ampim&o=8,470&d=1512,661&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=179&tls=1179&g=100&h=100&pt=405&tt=1179&rpt=405&rst=1558940418811&r=v&adk=3307054402&avms=ampa
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 May 2019 07:00:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1558940420453&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_...
  • http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1558940420453&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1558940420453&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=19882419&cs_ucfr=1
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
72.247.185.51 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a72-247-185-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 07:00:20 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1558940420453&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=19882419&cs_ucfr=1
Pragma
no-cache
Date
Mon, 27 May 2019 07:00:20 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.teads.tv/track?action=placementCall&ts=1558940420450&pageId=77691&pid=95778&gid=[insertionId]&env=js-web&pfid=[pfid]&f=1&fv=2.21.92
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 07:00:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
23
Expires
Mon, 27 May 2019 07:00:20 GMT
track
t.teads.tv/ 		23 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.teads.tv/track?action=slotAvailable&ts=1558940420450&pageId=77691&pid=95778&gid=[insertionId]&env=js-web&pfid=[pfid]&f=1&slot=native&fv=2.21.92
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 07:00:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
23
Expires
Mon, 27 May 2019 07:00:20 GMT
index.html
cmp.teads.mgr.consensu.org/ Frame C778 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://cmp.teads.mgr.consensu.org/index.html
Requested by
Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
HTTP/1.1
Server
2a02:26f0:7b:89d::2c92 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Host
cmp.teads.mgr.consensu.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://oraclebenefitsgroup.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/

Response headers

x-amz-id-2
tdD59eew35YUKi2KcFSB/6DWq2WBQYwj9p5Opg6H1uSNVXvImT4P/bKFdUi5HPFJL8JbWg5POA4=
x-amz-request-id
CDE8F7D337F7EB75
Last-Modified
Fri, 14 Sep 2018 07:42:32 GMT
ETag
"e7d6c2974a38b7ff77a560e83789f66a"
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Content-Encoding
gzip
Content-Length
354
Cache-Control
max-age=300
Expires
Mon, 27 May 2019 07:05:20 GMT
Date
Mon, 27 May 2019 07:00:20 GMT
Connection
keep-alive
Vary
Accept-Encoding
ad
a.teads.tv/page/77691/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.teads.tv/page/77691/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=http%3A%2F%2Foraclebenefitsgroup.com%2F&page=%7B%22id%22%3A77691%2C%22placements%22%3A%5B%7B%22id%22%3A95778%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1569%2C%22height%22%3A883%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22reason%22%3A220%7D%7D&userId=b4d56112-11bc-4c24-9087-4abe4a8cd0bf&formatVersion=2.21.92&env=js-web&netBw=10&ttfb=165
Requested by
Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
HTTP/1.1
Server
88.221.165.178 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a88-221-165-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2e47863935baa76593c47488a74853437be6426eab9b7856587060453309d0b4

Request headers

Accept
application/json; charset=UTF-8
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 07:00:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
http://oraclebenefitsgroup.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1391
Expires
Mon, 27 May 2019 07:00:20 GMT
Cookie set iframe
sync.teads.tv/ Frame 8B2F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://sync.teads.tv/iframe?pid=95778&userId=b4d56112-11bc-4c24-9087-4abe4a8cd0bf&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&1558940420737
Requested by
Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
HTTP/1.1
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

Host
sync.teads.tv
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://oraclebenefitsgroup.com/
Accept-Encoding
gzip, deflate
Cookie
tt_viewer=85344218-24c8-4c4f-a56a-5e97f605d6d9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/

Response headers

Content-Type
text/html; charset=UTF-8
Server
akka-http/10.1.5
Content-Length
1368
Expires
Mon, 27 May 2019 07:00:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 27 May 2019 07:00:20 GMT
Connection
keep-alive
Set-Cookie
tt_exelate=; Expires=Tue, 28 May 2019 07:00:20 GMT; Domain=.teads.tv tt_bluekai=; Expires=Tue, 28 May 2019 07:00:20 GMT; Domain=.teads.tv tt_emetriq=; Expires=Tue, 28 May 2019 07:00:20 GMT; Domain=.teads.tv tt_liveramp=; Expires=Tue, 28 May 2019 07:00:20 GMT; Domain=.teads.tv tt_neustar=; Expires=Tue, 28 May 2019 07:00:20 GMT; Domain=.teads.tv
nurl
be-ms.teads.tv/ 		34 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://be-ms.teads.tv/nurl?payload=GKLsBSDSmBMojMsUMk0JouXiwo-hWj8hAAAAAAAA4D8ov-gMMhoqGAoUCMgBEgNFVVIaCmltcHJlc3Npb24QADjyA0EpmB25NFj3P1AAWAdgAGkzMzMzMzPDPzgBQgNFVVJIAVAAWAByBmpzLXdlYngAgAEWigEGaW5yZWFkkgFKCAUQlAIY7lEgsA0qBTYwMzI2MKPsEDoFd2lyZWRCGWxlYXNld2ViIGRldXRzY2hsYW5kIGdtYmhKAT9SDWV1cm9wZS9iZXJsaW6aAR9odHRwOi8vb3JhY2xlYmVuZWZpdHNncm91cC5jb20voAECqAEDsAEAuAGFOuABAPoBGwoXChUIzZupk_PZuck1EOGc2Yjb2bGGtQEYAIACyJTcwK8tigIFbWFjT1OSAgUxMC4xM5gCAaACBLICGAoWCM-YoaaCw5CahQEQ2a2XsP_Sl7WlAQ==&psid=175670&auction_currency=USD&pscid=16472&scid=7653&sid=174677&auction_price=ILfLbFrkHJwsHHx5CNrLTZPh
Requested by
Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
HTTP/1.1
Server
63.35.144.148 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-35-144-148.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.8 /
Resource Hash
cbd892f5fbf937ea32fe774f2bc3cc39c57baa70cd12410bafcc0b1774810195

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

Date
Mon, 27 May 2019 07:00:20 GMT
Server
akka-http/10.1.8
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
http://oraclebenefitsgroup.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
Content-Length
34334
track
t.teads.tv/ 		23 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.teads.tv/track?action=adReceived&ts=1558940420450&pageId=77691&pid=95778&gid=[insertionId]&env=js-web&pfid=[pfid]&f=1&slot=native&fv=2.21.92
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 07:00:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
23
Expires
Mon, 27 May 2019 07:00:20 GMT
6753877076521797
s8t.teads.tv/vast/ 		881 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://s8t.teads.tv/vast/6753877076521797
Requested by
Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
HTTP/1.1
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/ Express
Resource Hash
55fd0931db68b7e2b3e456b69174f783ad07302137de2b674055f8b8ef227d22

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://oraclebenefitsgroup.com/
Origin
http://oraclebenefitsgroup.com

Response headers

Date
Mon, 27 May 2019 07:00:20 GMT
Content-Encoding
gzip
ETag
W/"371-8SG6GNsAawjJbtf2no3NRm7DeKg"
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/xml; charset=utf-8
Access-Control-Allow-Origin
http://oraclebenefitsgroup.com
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
474
truncated
/ 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
player-sprite.svg
a.teads.tv/media/format/v3/assets/default/ Frame 6C8A 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a.teads.tv/media/format/v3/assets/default/player-sprite.svg
Requested by
Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
HTTP/1.1
Server
88.221.165.178 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a88-221-165-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ba7f40e2b4080979389e9b81e6d0ed155e9b7f74b3310bc1289ee70cba2035d

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Apr 2019 13:56:17 GMT
x-amz-request-id
F271489D5A986E25
ETag
"6a80cb691946e09ba579b0f8456aae28"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
private, must-revalidate, max-age=16070400
X-BUCKET
8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3379
x-amz-id-2
kVljZpYmctKDo8kt7l2BqXDfW5mHdg00OgSp5Jp+UgoIeV/PHMN1V65mQXmQ9rZTVXZOrrdetmI=
Expires
Fri, 29 Nov 2019 07:00:21 GMT
truncated
/ Frame 6C8A 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
6753877076521797
s8t.teads.tv/vpaid/ Frame 437B 		143 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s8t.teads.tv/vpaid/6753877076521797
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/ Express
Resource Hash
84a9cb5a914ae26df69c805929296d40f54cbe2ab0336aab357864d160a1cf24

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:20 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
W/"23c3f-LcqcUnh7pQZsascsfpSEMPyl6aE"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
25369
truncated
/ Frame 437B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 437B 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
2.0.0
s8t.teads.tv/sdk/ Frame CE1A 		469 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s8t.teads.tv/sdk/2.0.0
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/ Express
Resource Hash
5ce809f90c12173c335aa7852666010847b4b83d432ae23c01fc1fc5ad87e955

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:21 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
W/"755f1-PQXv+ozmhT5GmjVGJ3/6i76arOE"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
71666
track
t.teads.tv/ 		23 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.teads.tv/track?action=adAvailable-success&ts=1558940420451&pageId=77691&pid=95778&gid=[insertionId]&env=js-web&pfid=[pfid]&f=1&slot=native&fv=2.21.92
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 07:00:21 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
23
Expires
Mon, 27 May 2019 07:00:21 GMT
track
studio-t.teads.tv/ Frame CE1A 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://studio-t.teads.tv/track?action=studio_load&studio_cid=6753877076521797&referer=http%3A%2F%2Foraclebenefitsgroup.com%2F&ts=1558940421081&sid=174677&gid=337292&cid=314450&pid=95778&env=js-web&slot=native
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Mon, 27 May 2019 07:00:21 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Mon, 27 May 2019 07:00:21 GMT
copy_de-1557763201747.png
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s8t.teads.tv//creative-6753877076521797/copy_de-1557763201747.png
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
561c2c2127d6cc269c3cd789b528c880240ecee85b970d5dd07ee49436dd1934

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:21 GMT
Last-Modified
Mon, 13 May 2019 16:00:02 GMT
Server
AmazonS3
x-amz-request-id
A4D95D46F4E62D0C
ETag
"37e970eb87346196adbfcdf0b32f760e"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
2315
x-amz-id-2
UfMnxKUJZsKbp68GoluNdDvBA7YBbE7Wy4x9uPF6JuyAx1t2h6pWMp34qiAIsDL/QBCdDF4vt5k=
cta_de-1557763192462.gif
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s8t.teads.tv//creative-6753877076521797/cta_de-1557763192462.gif
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:7b:984::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3495a7b53317a03d26ac0d9c56ec7d9718c0060929a6bcd3649f477fa480cda7

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:21 GMT
Last-Modified
Mon, 13 May 2019 15:59:53 GMT
Server
AmazonS3
x-amz-request-id
4F149E3586C3EA13
ETag
"a42b135d2d0f194d74d1aaddbff2ac33"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
5727
x-amz-id-2
9idx9ra+K/R8gEumXfoMPO9wbO2nwy40UoQdlR6z3JTR5hiFM0xTSBgMIMqLOKcWX8G72/LB6XY=
i0-1557926393471.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s8t.teads.tv//creative-6753877076521797/i0-1557926393471.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
HTTP/1.1
Server
2a02:26f0:7b:984::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5199da5d029a9fe1120340d2865d4d8ddcd89af2f885212561c2faebffeb045c

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 07:00:21 GMT
Last-Modified
Wed, 15 May 2019 13:19:56 GMT
Server
AmazonS3
x-amz-request-id
37D8B146169553EF
ETag
"379f17564c4659a4bb3de75b39c4e380"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
216643
x-amz-id-2
XEI5O+dhEMRi7nU8sY1uo/yQjIEsl23tUr6K0+A8aM01reVjZ2zqwI8QWRN79cDbLVS8DUsXMPU=
i0-1557926393471.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i0-1557926393471.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5199da5d029a9fe1120340d2865d4d8ddcd89af2f885212561c2faebffeb045c

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
497768759B6D6819
etag
"379f17564c4659a4bb3de75b39c4e380"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216643
x-amz-id-2
KQF14VA6hjY5dnGEsJthnfK6F49EmIhG9uNoWPAIJ/8kQBW4MKDf9ffwBE16ta3fJ+aHItpDqZ8=
access-control-allow-origin
*
i3-1557926393481.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i3-1557926393481.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cb4dee3615ac528cd0ae634da87933f765c57ce3995642ff09a7fedd1fd855b

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:57 GMT
server
AmazonS3
x-amz-request-id
615DDC0FE4D619B5
etag
"5e240f1c6af29f7915b3758b9a9768fb"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
219767
x-amz-id-2
y9xvl/m/+CB97BVeK+rVlcfIqQ3Hdoz+A6qbvqpjd1vUg6PlW8wmy1iIjU7WfOCmF/99jHWDIVA=
access-control-allow-origin
*
i6-1557926393441.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i6-1557926393441.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d4183e45b4fdf45eb235b2d1835a28cfa03e31543ea44ee686ef8c3015e54aa

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
FB2C91C719967825
etag
"58c48afb2e2edeb2ee3478094016f5fe"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
217271
x-amz-id-2
2ob/b5TNZ64KSZKwyrN4ShiuJt8QqWhfpxNhRzcB0jM2ryTNTA6TYRGonz51PwiCrz+dtV+uJkM=
access-control-allow-origin
*
i9-1557926393445.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i9-1557926393445.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c8a6510bc8a4419a35fc371435ec40b70874b3a3c71a05ce9d43555909c16dd

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:57 GMT
server
AmazonS3
x-amz-request-id
080D95AFDA5BE027
etag
"00163b0285d00298d3b5f8b9a4d1b8fd"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216356
x-amz-id-2
NeQZiZxTzP7HgAii+mLhjMelkMTwBejEZmMA73q9TZT38CJtPNsDSNzG71hlP2ND2Gv5nCa/228=
access-control-allow-origin
*
i12-1557926393455.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		215 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i12-1557926393455.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85503d8c7d166bb72c86a79e24c87fca7988c8e5244728de9e4896467d1bc2a6

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
94C9532AD4682214
etag
"86a63d3113a482bc21c48cf69ed754b1"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
219901
x-amz-id-2
oMVXxtQv3/BFlEa77T+YNLEHaPV7gfVkb4RNWehEOkrMB4SbE1iANV64WwLSLermEWM8H1gjAq0=
access-control-allow-origin
*
i15-1557926393453.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i15-1557926393453.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f507cdd8b996f36de2c59e990362a6369653c7e44246ed10f4cee6d8fab25f2b

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
3663BB44B662285A
etag
"ae320fb845ac84359e96279ffcc24811"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216651
x-amz-id-2
abOkvyD20G9uAaDctGoyq+YSkJS4HFZzqmkEBX5TYZFsURrPlI1YZKhC7mUzOVzdg0LML6pRWDY=
access-control-allow-origin
*
i18-1557926393461.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i18-1557926393461.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3a68ea8008038c7d009eb4c10feeedae198e087e83563692b736deb2273323e

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
F148C44D0AD81C87
etag
"099e9ec475680eea7d960f388cabb97c"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216994
x-amz-id-2
eFgpoOGgu9cEHoriCYUF3JW/fw+vhQq1Du4ka0sW+5COE19Db/uFG46Ds9q9PE/UCaBEpCo1cUY=
access-control-allow-origin
*
i21-1557926393463.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i21-1557926393463.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59d01b5cdc15767d6daf408b0172c53ec4571291cc36056b1aa6824dd90471d5

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
EFF01BD0813A4AB3
etag
"c3b07da458acb4841cee60eb68b0c7b9"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
213910
x-amz-id-2
3M5+hN8EA5EgOqCHIXDumzLOtycV5nDTJUrU23myMPN/Ctan5/g9MIzC2/ZSReNbVDxb4RwPdjU=
access-control-allow-origin
*
i24-1557926393466.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i24-1557926393466.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53e229ae98ee6869379d645fab4af27d6bc697b910207cc035f7bb7ee4c1ee16

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
4D6F953FB62376E8
etag
"7a5743d037f0b14a98bab0e0437345bd"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216947
x-amz-id-2
yZ2WhLcD+hEr1it3BVHJ8lEiIrkn2ZEvxQVFrqXcXYg26NEdVeGPo1eU+ZHNZQS7nwNQu8ugRyM=
access-control-allow-origin
*
i27-1557926393463.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i27-1557926393463.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44ff47a88467ecb3084f684ad21de577609b9fe5cf2b9a1fe4ecadb1a6611d44

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
FB03A9F69BFB75F8
etag
"9cf4954c250a98f4217fdb94a082581d"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
218695
x-amz-id-2
/jjGaYH33IssoJog9z6z/vwMo9yyLF2x6M2AvIO7wAcuApIxKTee3ZpTY28Xay+XkzcBJ41Fawo=
access-control-allow-origin
*
i29-1557926393465.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i29-1557926393465.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
251defec9c666ea5a8efbb5078b4670740f6f6af2515fa9f61c2074dd2cab095

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
E58CD3C06C194285
etag
"e4df211ee6aa440f467bfbdb4cb3e480"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216321
x-amz-id-2
+cS1Oxiq+igqUwSUd+LH7wUbrZYBJ1qYySynB7zG7wogQmQOJ/wNmiwKrNHLFiMDZSGHkHxPoIY=
access-control-allow-origin
*
i1-1557926393454.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i1-1557926393454.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a8d84836b137a0eaa1ce91fb00d12ed99d315fceec8c877ca6ad7a9fae84466

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
31AB8BB3463AAD00
etag
"61e7cdadcb7cb1b0b8a818e63ea990ca"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
218760
x-amz-id-2
9sHqRKIoYLkmkMyTjg+urZZs7hsoDYh4vowjS3ZBYUmmZlonpMbHEWj9ZedOW7Ax3aQVCn1TexA=
access-control-allow-origin
*
i2-1557926393467.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i2-1557926393467.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd35943e76e1a184674d7dbf717e5f8d309c1a406f9da357b4acdd95269404d0

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:57 GMT
server
AmazonS3
x-amz-request-id
CF1F6AEF46D412E1
etag
"d17c9fa1620843b9ceccbcee3cd53042"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
219734
x-amz-id-2
FGoGaodgV5vCLJbuEkwzGHOv9+PxqtexfJRoHOTJfHBHXynZlSICTD09344ArkCmlvyXu+oFTeU=
access-control-allow-origin
*
i4-1557926393436.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i4-1557926393436.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce22a3337b3f625b671f346318306599ce982158bcb0759c880ad796881fbcf7

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
0C861F837F49B456
etag
"e230271719d6cf1baad5efccfdbfef8d"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
218844
x-amz-id-2
Nedx6FK01xurrQYH9YSqJE3cM8OsPccsxP98XjG43PPbLVnwBIBtwqHzrJtV3npT9Ts8IU+GLnc=
access-control-allow-origin
*
i5-1557926393431.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i5-1557926393431.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
329a09dbdcea0a0140adde40d5fcd5cc18dd661458afa700acd4eac91759e905

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
F427EC8E91216E7A
etag
"771cad1f6404cadbda85dbfcbaf3ebd8"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
217823
x-amz-id-2
y8G3kBe4nI2Gw/gvSyt9q0B5kW8mKvlZJo3jVeOyz+BT337hQ9aA3mFkSYCNaRT6Vw7WR5KOsiM=
access-control-allow-origin
*
i7-1557926393421.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i7-1557926393421.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed5466ea2d5d328012abc4a294fdaa6f7c1dfed09d086c3a3b85e6ce051460cc

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
D7F3832C836EE5E9
etag
"f03c3b142e4c0e26b2e953f49129309e"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216059
x-amz-id-2
OvvvD2qvZwqmVtzkvhBMmXCfSioR320uQvUo1qkhZB4+vmeCyXvj/4iI11khu524y61vIrTqgeg=
access-control-allow-origin
*
i8-1557926393426.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		210 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i8-1557926393426.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0646bc82ffc9152b83a06195f87cd863fb31a2fa55cbff717d529da9a8fc94b

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
7DA72B8A745AF3DA
etag
"7d60570828bc77c71e56d35992ba48d7"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
215492
x-amz-id-2
+pyr/cXNyfLifh3zenFHgKGnxFlKUWv3V9l/HpSh+xqJWFCihkSO/8GH8boOgimLq28kJ01sAJA=
access-control-allow-origin
*
i10-1557926393428.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i10-1557926393428.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19f73c3fcacec1243db9eaf1c06097927ea7820817b893923df66b35ec64c977

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
46B52F89E9689D6A
etag
"4dc4fdf0e65eb594d82519a37f20f3dd"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
219502
x-amz-id-2
ADJlEwz7ujeBtnWcsW/wKEiz0+nJaToYRmrdoflErCX0Yncqaecva6BAgb8av4oPOu6gYNYPpK0=
access-control-allow-origin
*
i11-1557926393448.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i11-1557926393448.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70c299cd78b266d178c92cbe05fe93de434501784a7c995b18a827507eaae3e3

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:57 GMT
server
AmazonS3
x-amz-request-id
9F509263B7FA5E39
etag
"cd375035515dcdfe27f5413b8e4f7d7b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
220674
x-amz-id-2
t7ZXTTA1v6/DMSsMT+9bPJ2mfX8hKHr4idP6FzYILd0w3kkqfj1Idgp8E9QFQV9S3XL3GrP7Np4=
access-control-allow-origin
*
i13-1557926393458.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		215 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i13-1557926393458.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60f8c28c5c5a383c78b72cda485fe630259cac18f98b340d71e57ca7fdb4098

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
6B0B3C1F8123C760
etag
"21ef3461f45fc3c8baf07f4fb73541e7"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
219841
x-amz-id-2
ACGxDgG/faHxcaSLkA3t0JUPCPp2iYQD452VQs0Ti8p9WosTUG5TUrKmHwonNAOuxBBLJevnCD4=
access-control-allow-origin
*
i14-1557926393451.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i14-1557926393451.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a9218a13df6beb154f4a2d98fc06e00d698e48f536c7c98fa97e927790625b7

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
690412E0522B7B2E
etag
"ec4a161ea27fd5a608e53c56c6d4e2cd"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
218694
x-amz-id-2
rmCRog23tY2KvXiTUhOQNhtVssnIV4fRmghDavqJyPSiev3pPEr5UhWWAAxYqjPBTZ+6j51nywQ=
access-control-allow-origin
*
i16-1557926393459.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i16-1557926393459.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7160f98215d577ede029229968d79ffa5dad72549bd65426e5382f556e63b1d

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
1FE7C8818FF2C149
etag
"ddb02d15c31632ad93093b4bf840d1a1"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
214586
x-amz-id-2
N4/wKw5/fJmVfxoe9ms8CpbMJc0t4rO5YutXovY+zdivHArKc8t9v+ZZJko3ctcr0yr3qvDvK+M=
access-control-allow-origin
*
i17-1557926393455.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i17-1557926393455.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f38646f110cbaa265eec26a14d97eeb8bb2f948235c367af458e69bd269bd3f6

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
8F713C7BC2AD6605
etag
"f66056888ada3c65995ac997c58ebacd"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216622
x-amz-id-2
bWcZ5YjXdGRAiswwQFOLj6RKxdfSqNhIswlNNHEHPgR+gDeFX965xwsl9Q+CBG037RhYSXug5vE=
access-control-allow-origin
*
i19-1557926393457.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i19-1557926393457.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3dc182853fb0e30eb22a980d1008b67923e8b8a69bae2caadcabc689ee0fa5fe

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
E77CC3CAFB60443B
etag
"ce6580f3b371e02d0d695635364f803d"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
217231
x-amz-id-2
nKLMnHbCg79Sp99tcfK45Cc/+5HTNozmCp2EZe9KJJmlIuuRCz7dPjxwHdfM+88DcIK5Y1Bn6v8=
access-control-allow-origin
*
i20-1557926393464.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		210 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i20-1557926393464.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51c57d6cab7c3933e48698eb547613b02639044d4c2e2855867713f2e3bf7d8b

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
AC4DBFD588A799AE
etag
"bfc36f2efabe7d9219301c65f146fd1c"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
214929
x-amz-id-2
Hcd7BRCsTRE0I4r88DXWPLQS6Nwg492y5mlTl7RiAgVoFq8CxBUyWHwf9ppjk0784eVvJlc3K0M=
access-control-allow-origin
*
i22-1557926393472.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		206 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i22-1557926393472.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4650a6c9e2b69ffb8c53d248bf26b5b7a18bc6fb666fea992fae8ac98e3c90da

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:57 GMT
server
AmazonS3
x-amz-request-id
D3937D6EA8B04FA9
etag
"20ad76905fc1f3217830351e552f6e53"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
210530
x-amz-id-2
hoVlemITsB2z1SbxEu7Kvl2A6O953RUYH0fkN+ZATrsPOK7d0CePMHpd7okGEQVlRGeRAKDIyw4=
access-control-allow-origin
*
i23-1557926393476.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i23-1557926393476.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e1d307cdd6d6e99e4a80fd0e36088dd902047766dad66d3489c8d095a7fea23

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:57 GMT
server
AmazonS3
x-amz-request-id
C5F76079A9BC80B0
etag
"a753434e770712825e6e191bbd3822f7"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
214158
x-amz-id-2
/u3oEQQbCqXT772k/nmkx2ijiyqLmgLVZnVrVpMWd1FLTJhzchuGVo8yZQm3sAFNlKo7ccHk33k=
access-control-allow-origin
*
i25-1557926393460.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i25-1557926393460.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b84cc0bb8ff4fa07fc8be3e59a3941fad8d1fcad2e27b42f2c00b3d3e0cd8b95

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
FD9F9B22FB163A05
etag
"ebef1ac844a030799bdbe828b83a4d7e"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
219458
x-amz-id-2
TICD1NXUHM1RzDwynP8WbU8RZnYO/4Gv7TM5dAAEZatzmHh1deFE+oQ/V4aFeWVzzkAkFbdea1c=
access-control-allow-origin
*
i26-1557926393468.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i26-1557926393468.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d64e0bb6c5a014fedfaac02583440270ef59e7233548e43fe25a9e9e29a510ba

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:57 GMT
server
AmazonS3
x-amz-request-id
BB0CA28EC9F6E0CE
etag
"4a4ca57bf9fcc0e3e6f3ceec656c5c58"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
218428
x-amz-id-2
+rJ0EEwlqMVJBgDzWqvpoXfI8KC/ncp7muoucVlRWkX2qOvGPy9zniWwr3K6gFs1pBaUAewypNU=
access-control-allow-origin
*
i28-1557926393452.jpg
s8t.teads.tv//creative-6753877076521797/ Frame CE1A 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv//creative-6753877076521797/i28-1557926393452.jpg
Requested by
Host: oraclebenefitsgroup.com
URL: http://oraclebenefitsgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7b:997::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46a4f6e47a9178272ecffa3e46a8639aa1b611cf46e0fbe220965b440805781b

Request headers

Referer
http://oraclebenefitsgroup.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 May 2019 07:00:21 GMT
last-modified
Wed, 15 May 2019 13:19:56 GMT
server
AmazonS3
x-amz-request-id
03BDC9924478F026
etag
"9f6c94105997baa886168e339ea80459"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
status
200
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
214286
x-amz-id-2
tCbh0y8f1yZgIwvjopmDEhZWBp/uCGHTsZlXSpY1rB1Uf4uMk5jkSfdUCz4RinLNpRZlLjPXEjE=
access-control-allow-origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.qds.ninja
URL
https://t.qds.ninja/t/482

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| cookieconsent function| DOMReady string| GoogleAnalyticsObject function| ga object| ATInternet function| ATCustomEvent number| site__has__skin number| site__has__728a object| googletag object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleTokenSync boolean| google_measure_js_timing string| targetCriteria string| pageType string| accountID object| slot23 object| slot24 object| slot11 object| slot12 object| slot13 object| slot1 object| slot2 object| slot3 object| slot4 object| slot21 object| slot22 object| slot31 object| slot32 boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id object| _qds object| xtnv string| xtdmc string| xtsite string| xt_xtcpath number| google_unique_id object| google_reactive_ads_global_state object| gaGlobal object| google_tag_data object| gaplugins function| VAContent_loaded string| RecsWidgetObject function| __recsWidget object| __s object| instgrm function| LoadSectionsFlowBoxes function| setUpAgknTag object| adsbygoogle function| fbq function| _fbq function| documentInitOneSignal function| OneSignal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet object| google_ad_modifications object| ggeac function| processGoogleToken object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars object| Xtconf function| Xtcore string| xtLogDom number| xttredir object| xw object| xd string| xtv string| xt1 string| xt7 string| xt8 string| xt9 string| xt8b string| xtp string| xt44 object| xt21 function| xtf1 function| xt_addchain function| wck function| xtf3 function| xt_mvt function| xt_med boolean| xtfirst function| xt_ad function| xt_adi function| xt_adc function| xt_click function| xt_form function| xt_rm string| xtidpg string| xt16 function| xt_addProduct function| xt_rd function| xt_addProduct_v2 function| xt_addProduct_load function| xt_ParseUrl function| xt_ParseUrl3 object| AT_click object| AT_hit string| xtvid object| xt29 string| Xt_id object| attag object| _RECS_WIDGETS boolean| _ENG_is_google_tag_ran boolean| _ENG_is_sr_started_loading object| _ENG_OPTOUT_MODAL_ELM function| _RECS_WIDGET function| _RECS_WIDGET_VIDEO function| _eng_do_async_click function| _eng_fire_async_pixels function| _RECS_MULTI_WIDGETS object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP function| madinadInit function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 function| google_sa_impl object| google_jobrunner object| google_logging_queue object| google_persistent_state_async number| google_global_correlator object| google_prev_clients object| google_iframe_oncopy object| __core-js_shared__ function| $ function| jQuery function| yallarec_cb_9010613340715446 string| cookiePrefix string| exitBeeHost string| country_code string| country_name string| city_name string| city_id object| site number| visitDuration object| campaignsJson object| xtb object| context number| vdata1558940419389 object| vttjs function| WebVTT function| VAVideoJS object| ProgressBar object| VAProgressBar function| VidAdsScenery function| VidAdsContent function| VidAdsVertigo string| widgetCss string| __eng__ppids_brnd function| _Events function| ajaxEb function| _EbHelper object| exitBeeModal function| _Action function| _ExitBeeModal object| _ENG_CRT_OBJS function| parseCriteoBids function| ENG_CRT function| _eng_open_link object| _eng_crt object| Criteo object| crt_q function| _engcrtCB object| criteo_pubtag object| BidsQueuedEvents object| teadsscript object| teads

0 Cookies

23 Console Messages

Source Level URL
Text
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api log URL: http://oraclebenefitsgroup.com/(Line 53)
Message:
has skin
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api log URL: https://static.madinad.com/static/madinad-sdk.min.js?adtag=29c714d3-b81b-49ab-ab26-8fb0730ebc3b&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8(Line 1)
Message:
incomplete
console-api info URL: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js(Line 579)
Message:
Powered by AMP ⚡ HTML – Version 1905140117570
console-api error URL: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js(Line 159)
Message:
localStorage not supported.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api info URL: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js(Line 579)
Message:
Powered by AMP ⚡ HTML – Version 1905140117570
console-api error URL: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js(Line 159)
Message:
localStorage not supported.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api info URL: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js(Line 579)
Message:
Powered by AMP ⚡ HTML – Version 1905140117570
console-api error URL: https://cdn.ampproject.org/rtv/011905140117570/amp4ads-v0.js(Line 159)
Message:
localStorage not supported.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api log URL: http://oraclebenefitsgroup.com/(Line 78)
Message:
[object Object]
console-api info URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48)
Message:
VidAds
console-api info URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48)
Message:
VidAds
console-api info URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48)
Message:
VidAds
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019052001.js?21063861(Line 1)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.doubleclick.net
adservice.google.de
ajax.googleapis.com
amp-error-reporting.appspot.com
api.yallarec.com
app.exitbee.com
b.scorecardresearch.com
be-ms.teads.tv
bidder.criteo.com
bs.serving-sys.com
cdn.ampproject.org
cdn.onesignal.com
cdnjs.cloudflare.com
cmp.teads.mgr.consensu.org
connect.facebook.net
csi.gstatic.com
d.agkn.com
files.missbloom.gr
googleads.g.doubleclick.net
img9-api.yallarec.com
js.agkn.com
logw312.ati-host.net
onesignal.com
oraclebenefitsgroup.com
pagead2.googlesyndication.com
platform.instagram.com
s8t.teads.tv
securepubads.g.doubleclick.net
static.criteo.net
static.madinad.com
studio-t.teads.tv
sync.teads.tv
t.qds.ninja
t.teads.tv
tag.aticdn.net
tpc.googlesyndication.com
widget.yallarec.com
www.capital.gr
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.instagram.com
www.missbloom.gr
www.vidads.gr
t.qds.ninja
104.111.234.76
178.250.2.130
178.250.2.152
2.16.187.66
2.16.187.67
2.18.232.7
216.58.205.226
216.58.206.2
216.58.208.38
23.8.9.176
23.92.74.18
2600:9000:200c:c000:15:efbc:e300:93a1
2606:4700:30::681f:4c17
2606:4700:30::681f:5c79
2606:4700:30::681f:5d79
2606:4700::6810:cea5
2606:4700::6813:c797
2607:f8b0:4004:811::2003
2a00:1450:4001:809::2014
2a00:1450:4001:814::200e
2a00:1450:4001:818::200a
2a00:1450:4001:81a::2001
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2002
2a00:1450:4001:821::2001
2a00:1450:4001:825::2002
2a02:26f0:6c00:287::3b8c
2a02:26f0:7b:89d::2c92
2a02:26f0:7b:984::36f1
2a02:26f0:7b:997::36f1
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f21c:80e5:face:b00c:0:4420
35.240.50.85
54.72.236.147
63.35.144.148
72.247.185.51
82.199.68.73
88.221.165.178
95.142.20.17
04e39bbf93416a8af04721b7a99481302367d5c21dbd2804d5b42b14740f2da1
05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5
06586aba61325410d3ba66a1596bca839b474fe8d9507a87085d57b496a80050
0a62625b469eb71b257f75c419b82781e83352914d6ac6b3d900a5ec8e1b5c43
0a8d84836b137a0eaa1ce91fb00d12ed99d315fceec8c877ca6ad7a9fae84466
0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24
0cb4cf1da856a8864bd54129b4818a7fcae47f928a974ce7af3fe5f71fb63fb5
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b
0ea390ef97ab3392f04e9ccd35d1ea56f4bdecd140ad348df52a505b19e93fc2
0f9f85d89348083494eb4bb5ccb55609295ef967182565e32bf762eebaedcfed
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c
13b212760cb621af244a95cd7b41d9555ed29c2d4cf8093f941126b7a2d713d1
14a9665ed298bd096a757a0967708c9bb8991cd92ccd61aab3535b8cd370045c
186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c
1940ea7376280457b47aa73f56ef229029c01c5dec322a57d05e98c77358d54f
19f73c3fcacec1243db9eaf1c06097927ea7820817b893923df66b35ec64c977
1a9218a13df6beb154f4a2d98fc06e00d698e48f536c7c98fa97e927790625b7
1ba341e4a78e6d83218086fcb14a9576a94e7b578acadd5e3d58b60daf7cf3be
247ee0e21630fce179294f9560e3b0f78adf6e4b9b3891149169f5d1ba2406af
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
251defec9c666ea5a8efbb5078b4670740f6f6af2515fa9f61c2074dd2cab095
257f39b16d3a9b368f72cdfd8f12004c1584cc2d54646f1f83d93532bf7b6326
25efe772f98eb998995f890296dea5a76552d9cdb0ff2dc4ef7a9f346f033cf6
262d3765c5ef163d6f377281afcac103cfccadd2891701151a6857e3ea6e504a
2837d1b5ddf463d053b8b5ea86a6e0d8cc1ad7045684e9c43de8b4151c798256
2b285cc52f3f9e39dd0f4e6704de54ec0019484f4615e5ab5cf9833ca896c4b1
2cb4dee3615ac528cd0ae634da87933f765c57ce3995642ff09a7fedd1fd855b
2d4183e45b4fdf45eb235b2d1835a28cfa03e31543ea44ee686ef8c3015e54aa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e47863935baa76593c47488a74853437be6426eab9b7856587060453309d0b4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329a09dbdcea0a0140adde40d5fcd5cc18dd661458afa700acd4eac91759e905
3495a7b53317a03d26ac0d9c56ec7d9718c0060929a6bcd3649f477fa480cda7
34fde0f4461395a617be2117bae4b1c3e9d80a1126f198201b7337c10f7db71e
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
35618b4e5f192b6bf2a70a510d0dd2dd5955d9ff20496461b2c77192ee86450b
3681c54b41bbaba74dde376a6db966614cc49c08676c2dc86e852f655a8ead26
37fffd221945fe2e54875e96d28af53a43b2a0aa39c166e830e87896c07b823d
3b0db191fab802d70eaa0f565d36e1440b3e91304276596f8b9c5280288d84da
3ba7f40e2b4080979389e9b81e6d0ed155e9b7f74b3310bc1289ee70cba2035d
3dc182853fb0e30eb22a980d1008b67923e8b8a69bae2caadcabc689ee0fa5fe
40bf5d3b5c6d75c1cd50049b9b77b8378696472d06ba32296eafc96f574903d4
418e939cd84c9cc0d048e19b5dd4305dfb3d0b2d5c4fae496039e66354cefae1
41ffa6c8ce65e60910c5645e569ede8287174ca836f9f496e4f81bd85f177754
443929031cd05ba84b410c81427580e0f8b19468a2b92c8009fca236ecaabbff
44ff47a88467ecb3084f684ad21de577609b9fe5cf2b9a1fe4ecadb1a6611d44
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
457e49796841a3b66d5938c1928eaa34afd7e87414f0e30fa6a45f9227ad9cbe
4650a6c9e2b69ffb8c53d248bf26b5b7a18bc6fb666fea992fae8ac98e3c90da
46a4f6e47a9178272ecffa3e46a8639aa1b611cf46e0fbe220965b440805781b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4841c16cf30ce86a4f6e02e2943890987f6a4d753376b17dd4abab10e8af20e7
4d830243454dbab9bd2814e1e259300ff5b68d9c32a655d8f567eaa78c959895
5199da5d029a9fe1120340d2865d4d8ddcd89af2f885212561c2faebffeb045c
51c57d6cab7c3933e48698eb547613b02639044d4c2e2855867713f2e3bf7d8b
536dbbd222f78b47b6e60a111b89e3319ead81fbc7d8cfd3b25bae435ad9bd00
53e229ae98ee6869379d645fab4af27d6bc697b910207cc035f7bb7ee4c1ee16
55fd0931db68b7e2b3e456b69174f783ad07302137de2b674055f8b8ef227d22
561c2c2127d6cc269c3cd789b528c880240ecee85b970d5dd07ee49436dd1934
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
582bebe3d2e81cf9d247c71d9cd687c2953cbf1dd58650374ab15a1b012d1354
5968be11e994fe0fc45a7011248ec3c5b382bea62546b093ca911ff806bf41fa
59d01b5cdc15767d6daf408b0172c53ec4571291cc36056b1aa6824dd90471d5
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5c8a6510bc8a4419a35fc371435ec40b70874b3a3c71a05ce9d43555909c16dd
5ce809f90c12173c335aa7852666010847b4b83d432ae23c01fc1fc5ad87e955
5d674d57b911b44c9c8e56b08f60ca1b6c20102be7543d31591efff9aa799537
60e11ee4d0c28c92994a91e0301a4b8d876b0cc9da009b6557c315c2de1faa78
615988825a97e1b8d3e2d702258c83ad954c6a684bc54b2dd99aa216b67bc0df
637f04e6ec0a73904402375e46fb88fd1772da943d60f661033a4ca6b5392a60
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50
670b0e01802926a5716533c047ef67a3535f5b884eaf3c9de29c26537b1cddae
6ada6344cb2a88a7fd0cf75630f88a24477c4f7ddca056ba9d7d0b33fa69b845
6de5517e1178ef3ae1605e9fb57f46808a167f2062111a91ff929558590c7e29
70c299cd78b266d178c92cbe05fe93de434501784a7c995b18a827507eaae3e3
7ab8c534d202a38787eac74e9e37f1b1b4d935265858da3450d484ea8339beb3
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
8411fa1184d1bcf8b006e7abdf7e5c287c14a24c4884322040165b488063af93
84a9cb5a914ae26df69c805929296d40f54cbe2ab0336aab357864d160a1cf24
85503d8c7d166bb72c86a79e24c87fca7988c8e5244728de9e4896467d1bc2a6
85cb1c787c3715ea70f44e60acf725c0a31fb70429741620853e63b898bab67c
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33
914967ab7fddbec5a51c14bec6ca6a3422cd1e232f9aeaa37cb251f7d27156e8
96932e985856f3952d02f07c927c0610e2d2219c596f1d292eb842192ca41ff8
99fe7527ada5bde08f5064266614fd01bc1a580121534ce6b3a3e1a0f2cf1b73
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9e1d307cdd6d6e99e4a80fd0e36088dd902047766dad66d3489c8d095a7fea23
9ecd89a9dabdfafc0daf716a0ecbaac758c86d498ab905fea3cc1edf5a891a00
a3a68ea8008038c7d009eb4c10feeedae198e087e83563692b736deb2273323e
abe6af6a23f989b0623689a5d2a8df531c4f84c1e9785db0bad82155e9ef7f92
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b44165bb1f30b73cb96461fde7e8be5aa37b07d46eca99e4f431fae97059fa6e
b60e4d9c0475ece458e634a68545a51336a621fe7c742b4191cb3cdaef4504da
b60f8c28c5c5a383c78b72cda485fe630259cac18f98b340d71e57ca7fdb4098
b77bea70e57eaae2f1d6c34b4d8a330f55959c607c7ed1a37ff402d37759deef
b84cc0bb8ff4fa07fc8be3e59a3941fad8d1fcad2e27b42f2c00b3d3e0cd8b95
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
bd35943e76e1a184674d7dbf717e5f8d309c1a406f9da357b4acdd95269404d0
bd401af99e99c9c4d063fed920d9b600fa801235eb6b6a4a6bd95d7f20b8dec6
bd50d760c9c8030c8ca1a512d0f196b12576a60693d4082037a42975b1399a47
c0646bc82ffc9152b83a06195f87cd863fb31a2fa55cbff717d529da9a8fc94b
c0dd54249132d61966dbdaf4c58f88c896eb0bf5f413e85c04dcc61d5716664e
c1da6e48963033e5cf668a532551c463480b2658a59b465fb1bfb35b8057a848
c9bc17c5b0c11ae24eada21c929a9ebd67410b70fc953c6d5ba0e695ebc44229
cbd892f5fbf937ea32fe774f2bc3cc39c57baa70cd12410bafcc0b1774810195
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce00caa24b871ea4c52ca6f06d4b41dcee3b45b124b73fdde5d156fad28e188f
ce22a3337b3f625b671f346318306599ce982158bcb0759c880ad796881fbcf7
cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86
d64e0bb6c5a014fedfaac02583440270ef59e7233548e43fe25a9e9e29a510ba
d6f0ff331b2a3828e42873583007e3be640500472157487918c795681c7d51e1
dd177280f92ef3176df1bf97d348b453786fe02f2895ddf8c52e6e21ffbed819
deae6e65d4aac34f107841bfe7eaf51db9736317ab5bd9f483c08fb0543b3f8c
df459ba36c34d3b933db5f377354f6602601d9156f80e5916dedceaf540178dd
df525290ace4d9dbaa805cd9b3f8761f53e753847d20a8927f20a584d707e82e
e2632ab9a3e281fb1debb1f9866ea8ac9b5c88ba9ad9df0d3cb687993b7c6561
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7160f98215d577ede029229968d79ffa5dad72549bd65426e5382f556e63b1d
e80e413ce7ab07c0882dfb8031b3f1db7e548f45687592c33aa5e919605c1d17
e858861e7481544579ef30124bbffd299c102992dde617065b89685a615e74a6
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ed5466ea2d5d328012abc4a294fdaa6f7c1dfed09d086c3a3b85e6ce051460cc
ee651eb7354da97034f4ead08e42230effe21a2949af3c4d64ff5bd42f119278
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38646f110cbaa265eec26a14d97eeb8bb2f948235c367af458e69bd269bd3f6
f507cdd8b996f36de2c59e990362a6369653c7e44246ed10f4cee6d8fab25f2b
f7983c647539db99f560bc46d640bd7691d423155f4797fdb05651db41bc32bb
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fbff7ea65d203ff923035a3918bf22c1d0085b9ce680389e52fad30fa10924b7
fde7409e869af325b04e0a5e4fe49bf569351105c4381c9a5af52af353721cda