www.benefitspro.com Open in urlscan Pro
2606:4700:4400::ac40:9199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://linkmktg.benefitspro.com/view/5ef5e325236d6455db266b8bgofdq.17u2/e4f275e1].
Effective URL:
https://www.benefitspro.com/?slreturn=20220516103212
Submission: On June 16 via api (June 16th 2022, 2:32:21 pm UTC) from US — Scanned from DE

Summary HTTP 330 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 72 IPs in 8 countries across 57 domains to perform 330 HTTP transactions. The main IP is 2606:4700:4400::ac40:9199, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.benefitspro.com. The Cisco Umbrella rank of the primary domain is 309984.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2022. Valid for: a year.

This is the only time www.benefitspro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.226.166.212 3.226.166.212	14618 (AMAZON-AES) (AMAZON-AES)
3 56	2606:4700:440... 2606:4700:4400::ac40:9199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	192.226.82.212 192.226.82.212	16524 (METTEL) (METTEL)
10	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	69.192.161.152 69.192.161.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:264e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
18	104.18.23.230 104.18.23.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:e600:d:df45:5680:93a1	16509 (AMAZON-02) (AMAZON-02)
6	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
10	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	143.204.89.4 143.204.89.4	16509 (AMAZON-02) (AMAZON-02)
1	18.200.133.16 18.200.133.16	16509 (AMAZON-02) (AMAZON-02)
1	192.226.85.63 192.226.85.63	16524 (METTEL) (METTEL)
1 3	52.49.126.217 52.49.126.217	16509 (AMAZON-02) (AMAZON-02)
2 22	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.87.151.192 3.87.151.192	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:6e00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
4 5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	18.185.194.205 18.185.194.205	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
4	185.239.174.234 185.239.174.234	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1	34.249.212.46 34.249.212.46	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.32.199 34.248.32.199	16509 (AMAZON-02) (AMAZON-02)
1	52.57.207.136 52.57.207.136	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:9c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.146.191.54 54.146.191.54	14618 (AMAZON-AES) (AMAZON-AES)
30	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
17	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	8.2.111.126 8.2.111.126	46636 (NATCOWEB) (NATCOWEB)
1	18.203.55.223 18.203.55.223	16509 (AMAZON-02) (AMAZON-02)
1	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
5	185.239.173.210 185.239.173.210	55081 (24SHELLS) (24SHELLS)
1	104.92.100.195 104.92.100.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
7	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	52.12.72.198 52.12.72.198	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
16	148.251.121.152 148.251.121.152	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	35.85.185.37 35.85.185.37	16509 (AMAZON-02) (AMAZON-02)
1	44.232.1.224 44.232.1.224	16509 (AMAZON-02) (AMAZON-02)
1 1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 7	35.83.6.89 35.83.6.89	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	54.229.131.207 54.229.131.207	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.50.27.121 52.50.27.121	16509 (AMAZON-02) (AMAZON-02)
1	44.238.81.176 44.238.81.176	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3 6	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 6	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	141.95.98.69 141.95.98.69	16276 (OVH) (OVH)
330	72

1 3.226.166.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com

linkmktg.benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2606:4700:4400::ac40:9199 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
store.benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.226.82.212 (Dorchester, United States) 1 redirects

ASN16524 (METTEL, US)

store.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.192.161.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-152.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:264e (United States)

ASN13335 (CLOUDFLARENET, US)

users.api.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

owlcarousel2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.18.23.230 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e600:d:df45:5680:93a1 (United States)

ASN16509 (AMAZON-02, US)

imageserver.amlaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.hbmp.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-4.fra50.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.133.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-133-16.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.226.85.63 (Lincoln, United States)

ASN16524 (METTEL, US)

geoip.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.126.217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-126-217.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.87.151.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-87-151-192.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6e00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.194.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-194-205.eu-central-1.compute.amazonaws.com

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.239.174.234 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.hbmp.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

p.medocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.212.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-46.eu-west-1.compute.amazonaws.com

alm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

b.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.32.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-32-199.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.207.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-207-136.eu-central-1.compute.amazonaws.com

visitor-service-eu-central-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.191.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-191-54.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.42 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.111.126 (United States)

ASN46636 (NATCOWEB, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.55.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-55-223.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.239.173.210 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.100.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.12.72.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-72-198.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bcc781a88193ff3b593d54b5e2247a17.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 148.251.121.152 (Braunlage, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: egon

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.85.185.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-185-37.us-west-2.compute.amazonaws.com

id.halo.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.232.1.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-1-224.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.83.6.89 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-6-89.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.131.207 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-131-207.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.240 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.27.121 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-27-121.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.81.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-81-176.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.38 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.69 (France)

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	benefitspro.com 4 redirects linkmktg.benefitspro.com — Cisco Umbrella Rank: 155075 benefitspro.com — Cisco Umbrella Rank: 102992 www.benefitspro.com — Cisco Umbrella Rank: 309984 store.benefitspro.com — Cisco Umbrella Rank: 346952 images.benefitspro.com — Cisco Umbrella Rank: 253214	6 MB
30	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1032	2 KB
23	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 247 secure.adnxs.com — Cisco Umbrella Rank: 435	20 KB
22	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 cm.g.doubleclick.net — Cisco Umbrella Rank: 217 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 ad.doubleclick.net — Cisco Umbrella Rank: 203	194 KB
18	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 5087	62 KB
17	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 739 gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2507	18 KB
17	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6622	3 KB
16	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 8070	9 KB
12	googlesyndication.com bcc781a88193ff3b593d54b5e2247a17.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	96 KB
12	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 4754 id.halo.ad.gt — Cisco Umbrella Rank: 4957 p.ad.gt — Cisco Umbrella Rank: 5451 ids.ad.gt — Cisco Umbrella Rank: 4820 pixels.ad.gt — Cisco Umbrella Rank: 5797	54 KB
11	typekit.net use.typekit.net — Cisco Umbrella Rank: 637 p.typekit.net — Cisco Umbrella Rank: 782	222 KB
10	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 951	85 KB
8	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5839 ghb.adtelligent.com — Cisco Umbrella Rank: 6412 ghb1.adtelligent.com — Cisco Umbrella Rank: 8221	98 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 9	2 KB
7	mediafuse.com player.mediafuse.com — Cisco Umbrella Rank: 45160 player.hbmp.mediafuse.com — Cisco Umbrella Rank: 29396 ghb.hbmp.mediafuse.com — Cisco Umbrella Rank: 42421	148 KB
7	moatads.com z.moatads.com — Cisco Umbrella Rank: 413 mb.moatads.com — Cisco Umbrella Rank: 634 px.moatads.com — Cisco Umbrella Rank: 408	258 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 318	109 KB
5	law.com 1 redirects store.law.com — Cisco Umbrella Rank: 71672 b.law.com — Cisco Umbrella Rank: 110240	8 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 605 csm.fr.eu.criteo.net Failed	112 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 212 alm.demdex.net — Cisco Umbrella Rank: 118224	6 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 246	54 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 329 fonts.googleapis.com — Cisco Umbrella Rank: 67	9 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	22 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7295 www.google.de — Cisco Umbrella Rank: 5111	1 KB
3	tealiumiq.com datacloud.tealiumiq.com — Cisco Umbrella Rank: 6028 collect.tealiumiq.com — Cisco Umbrella Rank: 2569 visitor-service-eu-central-1.tealiumiq.com — Cisco Umbrella Rank: 42207	2 KB
3	gstatic.com fonts.gstatic.com	88 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 24014 a.dpmsrv.com — Cisco Umbrella Rank: 22071	28 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 531	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 651	687 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 864	175 B
2	ml314.com ml314.com — Cisco Umbrella Rank: 1588	32 KB
2	medocdn.com p.medocdn.com — Cisco Umbrella Rank: 33372	25 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1100 pixel.quantserve.com — Cisco Umbrella Rank: 461	10 KB
2	github.io owlcarousel2.github.io — Cisco Umbrella Rank: 113910	2 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 581	626 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 762	214 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 810	306 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 464	684 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 384	265 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 344	98 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	15 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1375	851 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 547	332 B
1	e-planning.net pbjs.e-planning.net — Cisco Umbrella Rank: 6931	161 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2299	651 B
1	colossusssp.com colossusssp.com — Cisco Umbrella Rank: 1840	246 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1259	446 B
1	pubmatic.com hbopenbid.pubmatic.com Failed image2.pubmatic.com — Cisco Umbrella Rank: 1024	225 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1127	201 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1065	1 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1015	517 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	43 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1253	15 KB
1	alm.com geoip.alm.com — Cisco Umbrella Rank: 117031	449 B
1	amlaw.com imageserver.amlaw.com — Cisco Umbrella Rank: 53855	118 KB
1	jeeng.com users.api.jeeng.com — Cisco Umbrella Rank: 21036	119 KB
0	googletagservices.com Failed www.googletagservices.com Failed
330	57

	Domain	Requested by
31	www.benefitspro.com	1 redirects www.benefitspro.com cdnjs.cloudflare.com
30	c2shb.pubgw.yahoo.com	player.mediafuse.com
23	images.benefitspro.com	www.benefitspro.com
22	ib.adnxs.com	2 redirects player.mediafuse.com player.adtelligent.com
18	www.dianomi.com	www.benefitspro.com www.dianomi.com
17	prebid-eu.creativecdn.com	player.mediafuse.com player.adtelligent.com
16	rtb.adxpremium.services	player.adtelligent.com
10	securepubads.g.doubleclick.net	www.benefitspro.com securepubads.g.doubleclick.net
10	tags.tiqcdn.com	www.benefitspro.com tags.tiqcdn.com
10	use.typekit.net	www.benefitspro.com use.typekit.net
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.benefitspro.com
7	ids.ad.gt	1 redirects www.benefitspro.com
7	bidder.criteo.com	player.mediafuse.com player.adtelligent.com
6	ad.doubleclick.net	3 redirects www.benefitspro.com
6	gum.criteo.com	3 redirects static.criteo.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	www.benefitspro.com tpc.googlesyndication.com
5	cm.g.doubleclick.net	4 redirects www.benefitspro.com
4	mug.criteo.com
4	static.criteo.net	player.mediafuse.com static.criteo.net player.adtelligent.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ghb.adtelligent.com	player.mediafuse.com p.medocdn.com
4	ghb.hbmp.mediafuse.com	player.hbmp.mediafuse.com
4	cdnjs.cloudflare.com	www.benefitspro.com
3	px.moatads.com	www.benefitspro.com
3	www.google-analytics.com	p.ad.gt www.google-analytics.com
3	player.adtelligent.com	player.mediafuse.com p.medocdn.com player.adtelligent.com
3	fonts.gstatic.com	fonts.googleapis.com www.benefitspro.com
3	dpm.demdex.net	1 redirects www.benefitspro.com
3	fonts.googleapis.com	www.benefitspro.com ajax.googleapis.com securepubads.g.doubleclick.net
3	z.moatads.com	www.benefitspro.com securepubads.g.doubleclick.net
3	store.law.com	1 redirects www.benefitspro.com
2	match.prod.bidr.io	2 redirects
2	ad.360yield.com	2 redirects
2	a.ad.gt	player.hbmp.mediafuse.com p.ad.gt
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	targeting.unrulymedia.com	player.mediafuse.com
2	b.law.com	tags.tiqcdn.com www.benefitspro.com
2	ml314.com	tags.tiqcdn.com ml314.com
2	p.medocdn.com	player.mediafuse.com p.medocdn.com
2	a.dpmsrv.com	www.benefitspro.com
2	player.mediafuse.com	www.benefitspro.com
2	owlcarousel2.github.io	www.benefitspro.com
1	id5-sync.com	player.mediafuse.com
1	pixels.ad.gt	p.ad.gt
1	token.rubiconproject.com	www.benefitspro.com
1	u.openx.net	www.benefitspro.com
1	sync.mathtag.com	1 redirects
1	image2.pubmatic.com	www.benefitspro.com
1	match.adsrvr.org	www.benefitspro.com
1	secure.adnxs.com	1 redirects
1	p.ad.gt	a.ad.gt
1	id.halo.ad.gt	a.ad.gt
1	www.google.de	www.benefitspro.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	idsync.rlcdn.com	www.benefitspro.com
1	www.googleadservices.com	www.googletagmanager.com
1	pixel.quantserve.com	www.benefitspro.com
1	bcc781a88193ff3b593d54b5e2247a17.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	prebid.media.net	player.mediafuse.com
1	htlb.casalemedia.com	player.mediafuse.com
1	ghb1.adtelligent.com	player.mediafuse.com
1	pbjs.e-planning.net	player.mediafuse.com
1	ads.servenobid.com	player.mediafuse.com
1	colossusssp.com	player.mediafuse.com
1	prebid.a-mo.net	player.mediafuse.com
1	ping.chartbeat.net	www.benefitspro.com
1	rules.quantcount.com	secure.quantserve.com
1	visitor-service-eu-central-1.tealiumiq.com	tags.tiqcdn.com
1	cm.everesttech.net	1 redirects
1	alm.demdex.net	tags.tiqcdn.com
1	www.googletagmanager.com	tags.tiqcdn.com
1	collect.tealiumiq.com	tags.tiqcdn.com
1	secure.quantserve.com	tags.tiqcdn.com
1	datacloud.tealiumiq.com	www.benefitspro.com
1	static.chartbeat.com	tags.tiqcdn.com
1	player.hbmp.mediafuse.com	player.mediafuse.com
1	geoip.alm.com	cdnjs.cloudflare.com
1	mb.moatads.com	z.moatads.com
1	s.dpmsrv.com	www.benefitspro.com
1	imageserver.amlaw.com	www.benefitspro.com
1	p.typekit.net	use.typekit.net
1	users.api.jeeng.com	www.benefitspro.com
1	ajax.googleapis.com	www.benefitspro.com
1	store.benefitspro.com	1 redirects
1	benefitspro.com	1 redirects
1	linkmktg.benefitspro.com	1 redirects
0	www.googletagservices.com Failed	securepubads.g.doubleclick.net
0	csm.fr.eu.criteo.net Failed	gum.criteo.com
0	hbopenbid.pubmatic.com Failed	player.mediafuse.com
330	91

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-22` - `2023-05-22`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
jeeng.com Cloudflare Inc ECC CA-3	`2021-09-13` - `2022-09-12`	a year	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
store.law.com Go Daddy Secure Certificate Authority - G2	`2020-07-07` - `2022-09-05`	2 years	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.amlaw.com Amazon	`2021-09-07` - `2022-10-06`	a year	crt.sh
player.mediafuse.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.dpmsrv.com Amazon	`2022-04-17` - `2023-05-16`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.alm.com Go Daddy Secure Certificate Authority - G2	`2021-12-23` - `2023-01-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
player.hbmp.mediafuse.com R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.tealiumiq.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
player.adtelligent.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
ghb.hbmp.mediafuse.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
p.medocdn.com R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.ml314.com GoGetSSL RSA DV CA	`2022-03-29` - `2023-03-29`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
b.law.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-08` - `2022-10-09`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.a-mo.net R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2021-11-07` - `2022-11-07`	a year	crt.sh
ads.servenobid.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
*.e-planning.net R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-09` - `2022-09-07`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2021-08-05` - `2022-09-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
halo.ad.gt Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.benefitspro.com/?slreturn=20220516103212
Frame ID: 7FF8EA8AA7B39BC601E38F280584ECEC
Requests: 224 HTTP requests in this frame

Frame: https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
Frame ID: 3423C5647C704ADF6C50F003BB9BB628
Requests: 4 HTTP requests in this frame

Frame: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
Frame ID: 7966277F463885C767438FAD883B2AF9
Requests: 14 HTTP requests in this frame

Frame: https://p.medocdn.com/prebidlink/19159/j.html?i=11596
Frame ID: 48C10383C5C0C06BA52631770BD55EF8
Requests: 63 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: B9DB012C74B8012F9A5631553BE1E6C5
Requests: 1 HTTP requests in this frame

Frame: https://bcc781a88193ff3b593d54b5e2247a17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9B63756CB490665F6DA549C66E08A285
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.benefitspro.com
Frame ID: 2166DF09385DFE67837EAEE53B0E7F97
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 41EFA988A460ECA439D166C190DDBFDC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5B3E8005CD456879AFF335E89BEBFD84
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.benefitspro.com
Frame ID: 7457E3D3195FF75B62D91D1D86D80643
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://linkmktg.benefitspro.com/view/5ef5e325236d6455db266b8bgofdq.17u2/e4f275e1]. HTTP 302
https://benefitspro.com/ HTTP 301
https://www.benefitspro.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.benefitspro.com&source=h... HTTP 302
http://store.benefitspro.com/Registration/Login.aspx?mode=token&ucid=ab56754f-68c2-4697-a9ce-8bc22cfbce11... HTTP 302
https://www.benefitspro.com/?slreturn=20220516103212 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

330
Requests

93 %
HTTPS

31 %
IPv6

57
Domains

91
Subdomains

72
IPs

8
Countries

7939 kB
Transfer

11683 kB
Size

79
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C-cdN8T6rYujnBcW83gOk47zoBtm2rs1qgcmkltgM2tkeEAEgm_Tta2CVgoCAsAegAZTW7tUDyAEJ4AIAqAMByAMKqgSTAk_QxZANejpusf_DfXKazU1nRvdVf3qWbitzgRQjOPn7ktO-Lw4zCmEjXt9avVhD5J5u5RcX-MkLQMVgBAOl0mXcIydlPoPwIzSeOGLy99gxTq9jjJlfAHIRKqNavwRthkjkMZjYrbJ7q-skP-7DjEVbup6bbhChekPXQzckcsprAvNBhnckoau8e73sMuldLq0fjREg9jbAkA4hHUIMek21wa2TLZKggDstkoq-_M_ddYi2xlq6IDmkvZDHDGx-7UMEp_Ebd-hSnGgtNSyzIBWqyvZA84VWL3Pk_c48lsfxyFGPrMGtZJCkOEL_GTcRbGHuRLZcIr7FZx9TK-Fs1RtJ9H69q6knU7-Zv611CjwnnsJBwASEnOC7ugPgBAGgBi6AB9SpkSqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAcBABGB0yAusCOgKAQLEJn6-cqX4lPrqACgOYCwHICwGADAG4DAGiE1QKNwgDQAFSCAoGEgQIARABaJ7-z8gwciESHyACKAE4AkDQ3Ki6K1gBaP7__________wGAAQGYAQMaGQoXY2EtcHViLTEyNjE5OTI0NDQ4MDM4NzW4E4gn2BMMiBQC0BUBmBYB-BYBgBcB&ae=1&num=1&cid=CAASUORoJ70Iub3X40aW5oiio4V0E90bfSExoI2Bzn1Ij5U9p-lkadaPy9ZKH_SM1TbpP495nMuHBlHWoh-_xJWCgGXzBCNYhG2ywXFA-N2Gt2MG&sig=AOD64_0pXL9YgG1Da0EHVHS4taeXsmESug&client=ca-pub-1261992444803875&nb=9&adurl=https://explore.velocityglobal.com/ebook-ugge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dultimate-guide-to-global-expansion-ebook%26%26%26%26utm_term%3D%26utm_matchtype%3D:dev%3Dc%26gclid%3DEAIaIQobChMIqKSpiZiy-AIVRZ53Ch2kMQ9tEAEYASAAEgLTEPD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C-cdN8T6rYujnBcW83gOk47zoBtm2rs1qgcmkltgM2tkeEAEgm_Tta2CVgoCAsAegAZTW7tUDyAEJ4AIAqAMByAMKqgSTAk_QxZANejpusf_DfXKazU1nRvdVf3qWbitzgRQjOPn7ktO-Lw4zCmEjXt9avVhD5J5u5RcX-MkLQMVgBAOl0mXcIydlPoPwIzSeOGLy99gxTq9jjJlfAHIRKqNavwRthkjkMZjYrbJ7q-skP-7DjEVbup6bbhChekPXQzckcsprAvNBhnckoau8e73sMuldLq0fjREg9jbAkA4hHUIMek21wa2TLZKggDstkoq-_M_ddYi2xlq6IDmkvZDHDGx-7UMEp_Ebd-hSnGgtNSyzIBWqyvZA84VWL3Pk_c48lsfxyFGPrMGtZJCkOEL_GTcRbGHuRLZcIr7FZx9TK-Fs1RtJ9H69q6knU7-Zv611CjwnnsJBwASEnOC7ugPgBAGgBi6AB9SpkSqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAcBABGB0yAusCOgKAQLEJn6-cqX4lPrqACgOYCwHICwGADAG4DAGiE1QKNwgDQAFSCAoGEgQIARABaJ7-z8gwciESHyACKAE4AkDQ3Ki6K1gBaP7__________wGAAQGYAQMaGQoXY2EtcHViLTEyNjE5OTI0NDQ4MDM4NzW4E4gn2BMMiBQC0BUBmBYB-BYBgBcB&ae=1&num=1&cid=CAASUORoJ70Iub3X40aW5oiio4V0E90bfSExoI2Bzn1Ij5U9p-lkadaPy9ZKH_SM1TbpP495nMuHBlHWoh-_xJWCgGXzBCNYhG2ywXFA-N2Gt2MG&sig=AOD64_0pXL9YgG1Da0EHVHS4taeXsmESug&client=ca-pub-1261992444803875&nb=0&adurl=https://explore.velocityglobal.com/ebook-ugge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dultimate-guide-to-global-expansion-ebook%26%26%26%26utm_term%3D%26utm_matchtype%3D:dev%3Dc%26gclid%3DEAIaIQobChMIqKSpiZiy-AIVRZ53Ch2kMQ9tEAEYASAAEgLTEPD_BwE
Title: Guide toInternational PEO

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C-cdN8T6rYujnBcW83gOk47zoBtm2rs1qgcmkltgM2tkeEAEgm_Tta2CVgoCAsAegAZTW7tUDyAEJ4AIAqAMByAMKqgSTAk_QxZANejpusf_DfXKazU1nRvdVf3qWbitzgRQjOPn7ktO-Lw4zCmEjXt9avVhD5J5u5RcX-MkLQMVgBAOl0mXcIydlPoPwIzSeOGLy99gxTq9jjJlfAHIRKqNavwRthkjkMZjYrbJ7q-skP-7DjEVbup6bbhChekPXQzckcsprAvNBhnckoau8e73sMuldLq0fjREg9jbAkA4hHUIMek21wa2TLZKggDstkoq-_M_ddYi2xlq6IDmkvZDHDGx-7UMEp_Ebd-hSnGgtNSyzIBWqyvZA84VWL3Pk_c48lsfxyFGPrMGtZJCkOEL_GTcRbGHuRLZcIr7FZx9TK-Fs1RtJ9H69q6knU7-Zv611CjwnnsJBwASEnOC7ugPgBAGgBi6AB9SpkSqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAcBABGB0yAusCOgKAQLEJn6-cqX4lPrqACgOYCwHICwGADAG4DAGiE1QKNwgDQAFSCAoGEgQIARABaJ7-z8gwciESHyACKAE4AkDQ3Ki6K1gBaP7__________wGAAQGYAQMaGQoXY2EtcHViLTEyNjE5OTI0NDQ4MDM4NzW4E4gn2BMMiBQC0BUBmBYB-BYBgBcB&ae=1&num=1&cid=CAASUORoJ70Iub3X40aW5oiio4V0E90bfSExoI2Bzn1Ij5U9p-lkadaPy9ZKH_SM1TbpP495nMuHBlHWoh-_xJWCgGXzBCNYhG2ywXFA-N2Gt2MG&sig=AOD64_0pXL9YgG1Da0EHVHS4taeXsmESug&client=ca-pub-1261992444803875&nb=7&adurl=https://explore.velocityglobal.com/ebook-ugge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dultimate-guide-to-global-expansion-ebook%26%26%26%26utm_term%3D%26utm_matchtype%3D:dev%3Dc%26gclid%3DEAIaIQobChMIqKSpiZiy-AIVRZ53Ch2kMQ9tEAEYASAAEgLTEPD_BwE
Title: Expand into newmarkets quickly,compliantly, andefficiently withInternational PEO.

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C-cdN8T6rYujnBcW83gOk47zoBtm2rs1qgcmkltgM2tkeEAEgm_Tta2CVgoCAsAegAZTW7tUDyAEJ4AIAqAMByAMKqgSTAk_QxZANejpusf_DfXKazU1nRvdVf3qWbitzgRQjOPn7ktO-Lw4zCmEjXt9avVhD5J5u5RcX-MkLQMVgBAOl0mXcIydlPoPwIzSeOGLy99gxTq9jjJlfAHIRKqNavwRthkjkMZjYrbJ7q-skP-7DjEVbup6bbhChekPXQzckcsprAvNBhnckoau8e73sMuldLq0fjREg9jbAkA4hHUIMek21wa2TLZKggDstkoq-_M_ddYi2xlq6IDmkvZDHDGx-7UMEp_Ebd-hSnGgtNSyzIBWqyvZA84VWL3Pk_c48lsfxyFGPrMGtZJCkOEL_GTcRbGHuRLZcIr7FZx9TK-Fs1RtJ9H69q6knU7-Zv611CjwnnsJBwASEnOC7ugPgBAGgBi6AB9SpkSqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAcBABGB0yAusCOgKAQLEJn6-cqX4lPrqACgOYCwHICwGADAG4DAGiE1QKNwgDQAFSCAoGEgQIARABaJ7-z8gwciESHyACKAE4AkDQ3Ki6K1gBaP7__________wGAAQGYAQMaGQoXY2EtcHViLTEyNjE5OTI0NDQ4MDM4NzW4E4gn2BMMiBQC0BUBmBYB-BYBgBcB&ae=1&num=1&cid=CAASUORoJ70Iub3X40aW5oiio4V0E90bfSExoI2Bzn1Ij5U9p-lkadaPy9ZKH_SM1TbpP495nMuHBlHWoh-_xJWCgGXzBCNYhG2ywXFA-N2Gt2MG&sig=AOD64_0pXL9YgG1Da0EHVHS4taeXsmESug&client=ca-pub-1261992444803875&nb=1&adurl=https://explore.velocityglobal.com/ebook-ugge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dultimate-guide-to-global-expansion-ebook%26%26%26%26utm_term%3D%26utm_matchtype%3D:dev%3Dc%26gclid%3DEAIaIQobChMIqKSpiZiy-AIVRZ53Ch2kMQ9tEAEYASAAEgLTEPD_BwE
Title: Velocity Global

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C-cdN8T6rYujnBcW83gOk47zoBtm2rs1qgcmkltgM2tkeEAEgm_Tta2CVgoCAsAegAZTW7tUDyAEJ4AIAqAMByAMKqgSTAk_QxZANejpusf_DfXKazU1nRvdVf3qWbitzgRQjOPn7ktO-Lw4zCmEjXt9avVhD5J5u5RcX-MkLQMVgBAOl0mXcIydlPoPwIzSeOGLy99gxTq9jjJlfAHIRKqNavwRthkjkMZjYrbJ7q-skP-7DjEVbup6bbhChekPXQzckcsprAvNBhnckoau8e73sMuldLq0fjREg9jbAkA4hHUIMek21wa2TLZKggDstkoq-_M_ddYi2xlq6IDmkvZDHDGx-7UMEp_Ebd-hSnGgtNSyzIBWqyvZA84VWL3Pk_c48lsfxyFGPrMGtZJCkOEL_GTcRbGHuRLZcIr7FZx9TK-Fs1RtJ9H69q6knU7-Zv611CjwnnsJBwASEnOC7ugPgBAGgBi6AB9SpkSqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAcBABGB0yAusCOgKAQLEJn6-cqX4lPrqACgOYCwHICwGADAG4DAGiE1QKNwgDQAFSCAoGEgQIARABaJ7-z8gwciESHyACKAE4AkDQ3Ki6K1gBaP7__________wGAAQGYAQMaGQoXY2EtcHViLTEyNjE5OTI0NDQ4MDM4NzW4E4gn2BMMiBQC0BUBmBYB-BYBgBcB&ae=1&num=1&cid=CAASUORoJ70Iub3X40aW5oiio4V0E90bfSExoI2Bzn1Ij5U9p-lkadaPy9ZKH_SM1TbpP495nMuHBlHWoh-_xJWCgGXzBCNYhG2ywXFA-N2Gt2MG&sig=AOD64_0pXL9YgG1Da0EHVHS4taeXsmESug&client=ca-pub-1261992444803875&nb=8&adurl=https://explore.velocityglobal.com/ebook-ugge-gd.html%3Futm_source%3Dgoogle%26utm_medium%3Ddisplay%26utm_campaign%3Dultimate-guide-to-global-expansion-ebook%26%26%26%26utm_term%3D%26utm_matchtype%3D:dev%3Dc%26gclid%3DEAIaIQobChMIqKSpiZiy-AIVRZ53Ch2kMQ9tEAEYASAAEgLTEPD_BwE

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=Aa2KcEbDE1dSJ6nq2DMmEN8KIuZWeaQmq-N22PGR_aXT6-DC-b3ErJUPXaTP5daCd9Xb2A1M3ltVHkf8iWN8iBl9Q7evrIyaNHWwHeEw32ZeLW8w6dXuOGA4imoNdRW4tw7e7FusORGOJhFslo_jRD8uCaxYXFImwJ1W4x2xGG6vpHaIy6Hr5Q2o5Ob8OGFbGxW-6F263Z2XEmGgFT3q04IFPT3IQ0Yr7MiabN9QvFDOrOQ_xEnHCrZGGCQPIBsPVwl3aLIMLaxE4H8TX23GWdfImKRAMD9kifTCHpuJSTKrz78w_7objIuYXOFJSZhJoTq5RK_WcB8ckd3bqaOS-3XU21V66ZYrCLjMbWtQ-mlTgKjc_95g78GZe5XLQEEvx29glroWCHynNf3n8R57HUx3zVT9_cwijoIw18E9xbYAYPcQ16bi8Fdww9n1cHWXE3khpz4VsELVT-OBVhdkyLqUKxbj7e5QwMwSCcuGsReOkdD47WyABEVKoD8GGzPSe5C8s-OLjzglMsNflZdqspWk6MBk5dA0NJmT1opr3W4KoMJFRqZS0fuITQ9gqCshIgDkPgm68N22i7-KwSUbJxyRBmK2tO56s6omlfPtWeTbYS6uQWIYDKwizzksHBb0vrxAdoV-qnniOMjIhE9Xc0K4xdkypLeugYivOInzA441Qdyc0Y9pc8ydjmDEN8EO3LFZv0WbVoJ2LaDwAJn9n5IBHdsKCar4TQs4L1G-W_TrPNzJKkcPfYLucmTdYloBf727PVa99pdHNeLo1Vg5jeXlu-s8auTzkvHy8rezokrRQAz3fSwvLtn34oBUcTAYcBz0If8qVHCeVI2CbX2hgfdLSot6bZI--XZCEOMvcwpTMiJjaVxwJjrWYiHGzXHlf9iZbO2R0rhA6JIcEmMHqpH6F1sx0Fap4-vLQpsJ-2DWfes582iM3vFucz2FvoQOGsz5-NBPw74pkJMacNJ_-1VImd1_2LCobUWbIJObRVuQS8YWNh1K9A1h2cdODjHQosw0cWAoUAhVzCzpXNdCWudEEsEZEeKj74lOt6_wBuQAJgPfQ8jkcaYrZc_K5EnQtS5F6OEymSxgEkMQU1csZ_UNA8MwdTWKZptybpExOipSKbF8842ixKXMcPEXWw59DbtGt7uUMUXILmWc68sl_57_OAPfRzScuCNZ2VBqWE5Xk-Kd3-uSDMa0lN1Xcg1yKgjDIyF4qeSYA3TwAQRU4G0IfhcQ9cFQ5qqHF0I4BbbpwrveCT54q5jCOSNAGPvFfH0yPYIF7JAZ2NyJo7Yb-ig0Z8ngHMYpaJsdFvqbEoGM2dQnliBPuEzBCntqJJ-MUrFpoB-fXnCt8g_eaI6c4AB6d0Qk--YqU0L_0hyq-rM_psOax_Y-nYD7W5Q-zpSJQhqBvnNOSzboPpnmT2mhSkdDGN_HYLrV450vFIkY7RNsum-UtYzKhR7cTGG8CbeugA7rW3JZf6qLlNexWcWSoqVex836Syk6al-S6NMlJjqZ3QVtYbP4LIrCO86I9Sfzn553tDlGtw1N7EmA0I_Cu91DwoBHlxRx5mQhZg6LHbMzM-hJ6A9kJDWdJ8ns9C0kMiuc07HG2oqHpBCQNOQjuAzkMfYH5i7Zq0GOsiRuKt6QlJ7KPUP22xfghoaNTejuQCgYt0g5mHloGu1TuOhB3WUP0FysOuZeCR7XlBcJ9LdN-1LhaMWBuEA949pUDDubPTFP7KyL9VaMT-Fv1dmAOTbewfEE5QDFcAhIf0WEZ_fccgaGBCDA9P6p_0EVELbFgoIMRg7h_qJTEEsqUjXGkd6ailAhz_UbvCsNhmCsomm69pMovESBltTXYHIfv2O4NUZkyRbY8eipf1AsNJ7v4R2F8etwQsV2x-aMxSt3rVftW0BgIQV4F7ncDkstCxbb6-lGbh569RgHoahduD5TUnu_p_W14zBNAwrnaSP8d5dn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://linkmktg.benefitspro.com/view/5ef5e325236d6455db266b8bgofdq.17u2/e4f275e1]. HTTP 302
https://benefitspro.com/ HTTP 301
https://www.benefitspro.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.benefitspro.com&source=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212 HTTP 302
http://store.benefitspro.com/Registration/Login.aspx?mode=token&ucid=ab56754f-68c2-4697-a9ce-8bc22cfbce11&source=https%3a%2f%2fwww.benefitspro.com%2f%3fslreturn%3d20220516103212&debug=lawDomainIPWithRefRedirectAnon HTTP 302
https://www.benefitspro.com/?slreturn=20220516103212 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1655389932862 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1655389932862

Request Chain 94

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D410134%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.benefitspro.com%252F%253Fslreturn%253D20220516103212 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D410134%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.benefitspro.com%25252F%25253Fslreturn%25253D20220516103212 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=8419371128779113978&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=410134&tzOffset=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212

Request Chain 109

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=01816cedcd31000e740472f004a503074003406c00b08&tealium_account=alm&tealium_profile=main HTTP 302
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=01816cedcd31000e740472f004a503074003406c00b08&tealium_account=alm&tealium_profile=main&google_tc= HTTP 302
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01816cedcd31000e740472f004a503074003406c00b08&tealium_account=alm&tealium_profile=main&google_gid=CAESED9FB7t1QpSvq3uFIw6Gz1Q&google_cver=1

Request Chain 122

https://cm.everesttech.net/cm/dd?d_uuid=14627321745694577022587182366785042243 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yqs_7gAAAGjV2ANe

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8419371128779113978&pixelIndex=0 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8419371128779113978&pixelIndex=0&google_gid=CAESEMZm03tWLjTjAynWJbhTn8w&google_cver=1

Request Chain 244

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&adnxs_id=$UID HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&adnxs_id=8419371128779113978

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001655389934-U4S65XKL-TTO8 HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&google_gid=CAESELTBKfXBiOPHz9L7wLor5sA&google_cver=1&google_ula=450542624,0

Request Chain 248

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001655389934-U4S65XKL-TTO8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1NTM4OTkzNC1VNFM2NVhLTC1UVE84

Request Chain 249

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001655389934-U4S65XKL-TTO8%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001655389934-U4S65XKL-TTO8%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&impr_uid=878bd6dc-6abb-4a3e-8df6-abcaa64ce5a7

Request Chain 250

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001655389934-U4S65XKL-TTO8 HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=7a6162ab-3ef0-4d00-be90-eadfbc02fd77&id=AU1D-0100-001655389934-U4S65XKL-TTO8

Request Chain 253

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001655389934-U4S65XKL-TTO8 HTTP 303
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001655389934-U4S65XKL-TTO8&_bee_ppp=1 HTTP 303
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AASRqE7FVn4AABOT28LfVQ&id=AU1D-0100-001655389934-U4S65XKL-TTO8

Request Chain 292

https://gum.criteo.com/sid/json?origin=publishertag&domain=p.medocdn.com&sn=ChromeSyncframe&so=0&topUrl=www.benefitspro.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=rXRIrXxGd0QwaGw0TnFxTG5TUlB0ZkNXRlJpeDBRVW5nWjNEMGVTNXRqcmk2RkhnaTlJUGNTM0JCcmpSUzBhOGt4TjFPcFNZNkxvMUd1blM1RGU1NW11UFEyZmkrVldjTnRSNnN5aXpSUTVrVHRIeG4xSGFxbUx3WEVYemxnT2NjZ0JKRmZMTEt3aXdxYWpaTGFPSUJSdEttTzQxTWFwallOOTRxOE5zc3ZKL2sxejJWWkpaYk4wblpLVklneE53a3JXaHlZQXFhS1ZkeTcxQ05VMWFNZzM2aDZTOVliSDY0V2pXNzJ0TzAxZW5aRlc4VU9BTktLS1hvU1U3QmxOMUt3YVhCS1hBNHg5aU15MGlNUkU2M21xa21IdmhSWC9sWkxTM2ZEc01YRkhvNThnUT18&cppv=2

Request Chain 293

https://gum.criteo.com/sid/json?origin=publishertag&domain=benefitspro.com&sn=ChromeSyncframe&so=0&topUrl=www.benefitspro.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=9q6-0XxCcXJxQmJuWXVqS3dQRFRJc0RGTUdZUTZZK200UVFlQU5QQWNneHZKNEc4SDJkRDF1VFo0a1R0THFaVElKbWJjRjBEekp2QTc1Nk9iRWx2YXVrekJud05NNW90UWFzVVlHRjkzcE1CdGV0TngzVmpVWGg2Z0wrV1BvS2hmYXV4RndsS3cyZEJHT0krNHBwRzRHWUdQWjJzcEY1Qk5wc3E4YlVCZmJ0a1g5UUEyZ0MvWFB0QWJkTnFGaGtkTXF6QXMxZy9QVGhPbC8xcGYrTTNEaXc2TVo3aWZMbDdPYjNIQy9PMGhhY2YzTC9QaTEyeTltZ0p6dWRId1dHRDYxVlNVbGZHazdJMDJGd1pYa0phbHc5WGVrdz09fA&cppv=2

Request Chain 308

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=416587665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CK--2omYsvgCFUx-4Aods54NUA;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=416587665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

Request Chain 316

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=4226521581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CNK-2omYsvgCFQ814AodJO4Ljw;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=4226521581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

Request Chain 321

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=714506142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CPbk2omYsvgCFYuX3godp5kOOg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=714506142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

Request Chain 331

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.benefitspro.com%2F&domain=www.benefitspro.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=RLQQ2nxYeTVFaXFSdXI4M1dnOXNCYTM3TFlScER6OEptTGJIZjVhYVVPWGtFUmxtbTFORkdKb3Yvd3NPblZoMkZoOVBoWmFsMWh2RVZkZk5GdmVwdXd3ejBjYWhtRlpYQk02TFNUMzltOGt1Z1VYZmFXKzh3bG9uY3E5MlZwRk9OWlpIOUtQRTFQSmlYZlBWNjNRT2xXeW9qZ0gyZUlkaFVId3NuQ3VkY3NtOHVhTjQ1a2FVTjdPaTVYcjQzY00wcHJodDlvbVErQWloLzYwU0RzTjJ1UXpBN0R2Sk9FeW9tVWpPaGdxWlR0UjJYdkZacnpSajAxVi85WFN6S3pDYlBoWUZVcElFTS9IRFhvcm10cXM1eXh2bVRNUT09fA&cppv=2

330 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.benefitspro.com/
Redirect Chain

https://linkmktg.benefitspro.com/view/5ef5e325236d6455db266b8bgofdq.17u2/e4f275e1].
https://benefitspro.com/
https://www.benefitspro.com/
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.benefitspro.com&source=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212
http://store.benefitspro.com/Registration/Login.aspx?mode=token&ucid=ab56754f-68c2-4697-a9ce-8bc22cfbce11&source=https%3a%2f%2fwww.benefitspro.com%2f%3fslreturn%3d20220516103212&debug=lawDomainIPWi...
https://www.benefitspro.com/?slreturn=20220516103212

141 KB
21 KB

183ms
183ms

Document
text/html

2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b93be04d932e5606dc6726c1ad6a7fb3f59f0bcaa0cbb03c60cda0d428c5f8f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

backend: templates_newlaw_director
cf-cache-status: DYNAMIC
cf-ray: 71c440ea4ca89a35-FRA
content-encoding: br
content-language: de-DE
content-type: text/html;charset=utf-8
date: Thu, 16 Jun 2022 14:32:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: accept-encoding
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 21

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 71c440e8ff1e694f-FRA
Cache-Control: private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Jun 2022 14:32:13 GMT
Location: https://www.benefitspro.com/?slreturn=20220516103212
Referrer-Policy: origin-when-cross-origin
Server: cloudflare
Transfer-Encoding: chunked
X-AspNet-Version: 4.0.30319
X-Powered-By: Server #2
X-Robots-Tag: noindex, nofollow noindex, nofollow

GET
H2 200 fa-icons-lib.min.css
www.benefitspro.com/assets/build/css/ 4 KB
1 KB 55ms
52ms Stylesheet
text/css 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/build/css/fa-icons-lib.min.css

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 4192
x-cache: MISS
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4085-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440eb7e9e9a35-FRA
x-vnode: 145
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 markets.min.css
www.benefitspro.com/assets/master-template/css/release/ 333 KB
51 KB 41ms
38ms Stylesheet
text/css 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/css/release/markets.min.css?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57c72c9c1ccc770a7b4b9e8c57bd5d49b6df810d54476080359d4dd9d9076516

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1698
x-cache: HIT 2
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"341006-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440eb8ea19a35-FRA
x-vnode: 27
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 falcon-ui.css
www.benefitspro.com/assets/css/ 771 B
407 B 132ms
130ms Stylesheet
text/css 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/css/falcon-ui.css?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: MISS
ntcoent-length: 771
x-cache: HIT 6
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"771-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440eb8ea59a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 qkq4rhw.css
use.typekit.net/ 6 KB
1 KB 48ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.css?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5a553da7ecb0174521c8c80f6b8d97a001481235b5a97cb0c270fc9ffe59a747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 16 Jun 2022 14:32:13 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 906

GET
H2 200 pagination.css
www.benefitspro.com/assets/master-template/css/plc/ 3 KB
877 B 42ms
40ms Stylesheet
text/css 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/css/plc/pagination.css?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

659982ff5dc4222a830703646062215bbd21a2fb13e4cc2833461e7718ce2565

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1856
cf-polished: origSize=4295
x-cache: HIT 1
backend: templates_newlaw_director
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4295-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440eb8eaa9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 broker-innovation-lab.css
www.benefitspro.com/assets/master-template/css/plc/pages/ 2 KB
742 B 132ms
130ms Stylesheet
text/css 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/css/plc/pages/broker-innovation-lab.css?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6e4f2361d88da42b9bf37a0155cf6bae4389dbfb64b5887373381ee16f13836

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: MISS
ntcoent-length: 1739
x-cache: HIT 6
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1739-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440eb8ead9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 161ms
12ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 11:47:51 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 42ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4899808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAnIqxd69Vb%2FGoK6EY0StTL0tb%2Bnlzsa3rGw2dhGLY414b1SOe%2BHdsvIdnkU5DxLeObKTjtqrox8K7Z3VCfeQKW3WEK9I9vB03X8f%2BNdzAnALRK7af9eiJlLAc5%2Flst6FsYYVXyrtcHAY1GljFdzeaec"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71c440ebaef69b1c-FRA
expires: Tue, 06 Jun 2023 14:32:13 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 11 KB
4 KB 19ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9639939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3592
timing-allow-origin: *
last-modified: Thu, 25 Jun 2020 01:22:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ef3fc71-2b0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKbSve5yumSIt7MEWjofp9AJ6it8wTYNT5PFr8l8RnELiJi6ilIBQWtWji5rdiPYvzajpX5nnoNvEPL%2FBHkdeeLMZPdnhYYmz8Ng0gUWkNRukpTOkPL3Ku867XwXOUf3C6tKaCyDEezth19HJuK9Uj%2Bc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71c440ec98a89b1c-FRA
expires: Tue, 06 Jun 2023 14:32:13 GMT

GET
H2 200 benefitspro.prebid.js Show response
www.benefitspro.com/assets/master-template/js/prebid/ 2 KB
815 B 154ms
150ms Script
application/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d192c4ee2e44a7a8bf37c10896fac2c8ad41624f0c0f02afa356736b63af97f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: MISS
ntcoent-length: 1697
x-cache: HIT 5
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1697-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440ec98ac9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/almheader466656885399/ 213 KB
75 KB 161ms
13ms Script
application/x-javascript 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almheader466656885399/moatheader.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 881fbd3f6f6cfa6d5e05973a5536ab06bd52751b64ac2b023aeecc94da2baa35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 15:43:36 GMT
server: AmazonS3
x-amz-request-id: H3GPB4KRSNNW4EZ4
etag: "f427622a9c127f3bd6f05627436cdc59"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7017
accept-ranges: bytes
content-length: 76191
x-amz-id-2: ktFIku6t/u76MtonBNXjpOL1DT+R3BRstvGu4LKJ5UuhRTbjsTiCvPc09NyYJ5unT81VAR4TGAE=

GET
H2 200 lazyloadXT.min.js Show response
www.benefitspro.com/assets/master-template/js/release/ 3 KB
2 KB 39ms
33ms Script
application/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 4192
x-cache: MISS
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2937-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440ec98ad9a35-FRA
x-vnode: 145
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 / Show response
users.api.jeeng.com/users/domains/0O25x655EL/sdk/ 355 KB
119 KB 101ms
55ms Script
text/javascript 2606:4700:10::ac43:264e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/users/domains/0O25x655EL/sdk/?2022-06-16-10
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:264e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2acdbb947ad66791025b2662906e02e7e36bcc4990f311cb93b76d9b5c46eeed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 1421
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
server: cloudflare
etag: W/"58be4-KFWk/qBlcU0d2JA0a2JqiWr1N+M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-cloud-trace-context: ec4c48330492b32611288a23c9b0e6e9
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
cf-ray: 71c440ebcc4b9013-FRA
x-amz-cf-id: EOWNcJHHRZHVXajiG7ODTgTOYVDSejYfsnIvYesIe3Aqw03ocuZXsQ==

GET
H2 200 broker-innovation-lab.js Show response
www.benefitspro.com/assets/master-template/js/ 3 KB
1001 B 34ms
33ms Script
application/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/broker-innovation-lab.js?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d07e8a81e67c0fa6399678409e4c4c5c2ca450f0ed95de9fde52226accf485e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1856
x-cache: HIT 1
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3223-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440eb8eaf9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 api.js Show response
www.benefitspro.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 16ms
10ms Script
text/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 71c440ec98ae9a35-FRA

GET
H2 200 nav-icon-mini-burger-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 58 B
206 B 42ms
36ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2587
cf-polished: origFmt=png, origSize=2855
x-cache: HIT 2
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-mini-burger-white.webp"
cf-bgj: imgq:85,h2pri
content-length: 58
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"2855-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ec98b09a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 nav-icon-search-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 362 B
529 B 65ms
60ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/nav-icon-search-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2587
cf-polished: origFmt=png, origSize=3368
x-cache: HIT 2
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-search-white.webp"
cf-bgj: imgq:85,h2pri
content-length: 362
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"3368-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ec98b19a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 social-fb-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 166 B
433 B 32ms
27ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/social-fb-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2587
cf-polished: origFmt=png, origSize=1222
x-cache: HIT 2
backend: templates_newlaw_director
content-disposition: inline; filename="social-fb-white.webp"
cf-bgj: imgq:85,h2pri
content-length: 166
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"1222-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440eca8b49a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 social-tw-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 354 B
545 B 42ms
41ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/social-tw-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2587
cf-polished: origFmt=png, origSize=1583
x-cache: HIT 2
backend: templates_newlaw_director
content-disposition: inline; filename="social-tw-white.webp"
cf-bgj: imgq:85,h2pri
content-length: 354
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"1583-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ecb8d59a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 social-li-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 256 B
469 B 38ms
37ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/social-li-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2587
cf-polished: origFmt=png, origSize=1413
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="social-li-white.webp"
cf-bgj: imgq:85,h2pri
content-length: 256
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"1413-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ecd91a9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 nav-icon-sign-in.png
www.benefitspro.com/assets/master-template/images/ 236 B
380 B 29ms
29ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/nav-icon-sign-in.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2587
cf-polished: origFmt=png, origSize=1322
x-cache: HIT 2
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in.webp"
cf-bgj: imgq:85,h2pri
content-length: 236
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"1322-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ecd9249a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 bpro_logo_retina.png
www.benefitspro.com/assets/master-template/images/market-images/ 3 KB
3 KB 39ms
39ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/bpro_logo_retina.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e9971e6cf33eb3ae9da6caacebedea9df7332020441f41ebff53a1194b9f317

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2587
cf-polished: origFmt=png, origSize=23765
x-cache: HIT 2
backend: templates_newlaw_director
content-disposition: inline; filename="bpro_logo_retina.webp"
cf-bgj: imgq:85,h2pri
content-length: 2836
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"23765-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ece9419a35-FRA
x-vnode: 28
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 compass-charts-invest-future-trend.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/05/ 53 KB
53 KB 44ms
34ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/05/compass-charts-invest-future-trend.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fa91997312504e155be84d71daadc58d56323a2365d3a2734dd80bab36eaa33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
cf-cache-status: HIT
age: 53
cf-polished: qual=85, origFmt=jpeg, origSize=62701
x-cache: HIT 2
backend: contribsreimg_prod_director
content-disposition: inline; filename="compass-charts-invest-future-trend.webp"
content-length: 54284
last-modified: Thu, 26 May 2022 21:03:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9069bc-f4ed-5dff0860e22c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 16 Jun 2022 18:32:13 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ed09909a35-FRA
x-vnode: 21
cf-bgj: imgq:85,h2pri

GET
H2 200 DSC_6797.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/05/ 3 MB
3 MB 114ms
113ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/05/DSC_6797.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2568ef677361ce95ba1bb13f22a0102d8422a8f600ab8b79bfadb9d8497584b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
cf-cache-status: HIT
age: 53
cf-polished: qual=85, origFmt=jpeg, origSize=3669257
x-cache: HIT 3
backend: contribsreimg_prod_director
content-disposition: inline; filename="DSC_6797.webp"
content-length: 2843422
last-modified: Wed, 25 May 2022 12:23:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "90ed02-37fd09-5dfd524f44517"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 16 Jun 2022 18:32:13 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ed09919a35-FRA
x-vnode: 145
cf-bgj: imgq:85,h2pri

GET
H2 200 levar-burton.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/05/ 25 KB
25 KB 33ms
32ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/05/levar-burton.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee1fa9004d8dc85bcccb5d7607ae96aac04db466962f8e61f17bb10e9be5ce07

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
cf-cache-status: HIT
age: 53
cf-polished: qual=85, origFmt=jpeg, origSize=41674
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="levar-burton.webp"
content-length: 25788
last-modified: Wed, 25 May 2022 05:43:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "90ece9-a2ca-5dfcf8db12c1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 16 Jun 2022 18:32:13 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ed09939a35-FRA
x-vnode: 28
cf-bgj: imgq:85,h2pri

GET
H2 200 DSC_6682.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/05/ 2 MB
2 MB 21ms
21ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/05/DSC_6682.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a7d50f157a92976be1b7a4e88c7f62d4b53b4a2bc73ed6a3967dc185cbbdc6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
cf-cache-status: HIT
age: 53
cf-polished: qual=85, origFmt=jpeg, origSize=3708636
x-cache: HIT 3
backend: contribsreimg_prod_director
content-disposition: inline; filename="DSC_6682.webp"
content-length: 2582670
last-modified: Tue, 24 May 2022 18:43:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "90ec0b-3896dc-5dfc65676ad65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 16 Jun 2022 18:32:13 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440ed099a9a35-FRA
x-vnode: 28
cf-bgj: imgq:85,h2pri

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 201ms
12ms Stylesheet
text/css 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-fastly-request-id: a570ab194c724277035d0d10c4e9713164b9d003
date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
age: 545
x-cache: HIT
content-length: 1068
x-served-by: cache-hhn4026-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 7E14:961D:7A458:8A188:62AB278F
x-timer: S1655389934.684022,VS0,VE0
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 16 Jun 2022 13:02:31 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 11

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
900 B 200ms
12ms Stylesheet
text/css 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-fastly-request-id: 5aa8351d368f91ceed24db5bd8ba420acb9101a5
date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
age: 235
x-cache: HIT
content-length: 479
x-served-by: cache-hhn4026-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 35A0:0EF8:F9CB07:1050478:629EAD6A
x-timer: S1655389934.683995,VS0,VE0
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Tue, 07 Jun 2022 01:53:52 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 6

GET
H2 200 common.min.js Show response
www.benefitspro.com/assets/master-template/js/release/ 53 KB
14 KB 37ms
36ms Script
application/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/release/common.min.js?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1855
x-cache: HIT 1
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"54571-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440ed19a89a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H/1.1 200
OK overlayForm.js Show response
store.law.com/Registration/js/ 14 KB
4 KB 277ms
90ms Script
application/javascript 192.226.82.212
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/Registration/js/overlayForm.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.226.82.212 Dorchester, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / Server #2
Resource Hash: 30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 14:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
ClientProtocol: https
Last-Modified: Wed, 18 May 2022 22:01:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: Server #2
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=900
Accept-Ranges: bytes
Content-Length: 3647
ETag: "0c836e126bd81:0"

GET
H2 200 tealium.js Show response
www.benefitspro.com/assets/master-template/js/ 5 KB
1 KB 78ms
77ms Script
application/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/tealium.js?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf244fc1d90fe317911574ad24d421e615d33b544b9cbbef89d220ef7c40d98

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1855
x-cache: HIT 2
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5034-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440ed3a089a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 jquery.touchSwipe.js Show response
www.benefitspro.com/assets/js/core/ 66 KB
16 KB 76ms
76ms Script
application/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/js/core/jquery.touchSwipe.js?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1855
x-cache: HIT 2
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"67916-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440ed5a2e9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/ 18 KB
7 KB 30ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.js?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1970829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6463
timing-allow-origin: *
last-modified: Fri, 28 Aug 2020 22:36:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f4986fd-48b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1tA1NNuVqR12dA390cy3ENeuQsiHANute9ZlMR2hzMELv3RzqoXfmj56Z7A83Q5YlYfc4VLnt0fE%2BmnUdrrPJ5UuKTNRb8rY8W%2BugwvUNv74O%2BII%2FJdoQe2E3bhnuuhLARpkzB%2Fj2iPxS29P5nz9e9Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71c440eca8c59b1c-FRA
expires: Tue, 06 Jun 2023 14:32:13 GMT

GET
H2 200 jquery.history.js Show response
www.benefitspro.com/assets/js/core/ 21 KB
7 KB 69ms
68ms Script
application/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/js/core/jquery.history.js?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1855
x-cache: HIT 2
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"21571-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440ed5a3e9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 sponsorships.js Show response
www.benefitspro.com/assets/multishared/js/ 1 KB
575 B 127ms
126ms Script
application/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/multishared/js/sponsorships.js?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: MISS
ntcoent-length: 1454
x-cache: HIT 5
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1454-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440ed8a9c9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H/1.1 200
OK TimeConversion.js Show response
store.law.com/registration/js/ 9 KB
2 KB 270ms
90ms Script
application/javascript 192.226.82.212
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/registration/js/TimeConversion.js?2022-06-16-10
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.226.82.212 Dorchester, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / Server #1
Resource Hash: 815767dfc57a4a2e55b41de05e8da9d8cd3cc80fc39ecf244ce99ef392c3165a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 14:32:12 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
ClientProtocol: https
Last-Modified: Wed, 18 May 2022 22:01:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: Server #1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 1875
ETag: "0f823ce26bd81:0"

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
15 KB 22ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4287529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15508
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TR3OZHhQO0t%2BMuX5kIQt4waehlh3EYM0l0XuT3FcwhU3oCXlibjhhy2Zii6YJsmbIaMVZBLT7L8dIZmy2JAjpekBxRHwcl3G5JDySOL4766mbrNhzl51XL0uPkbYXkaHx6RLxzsOcsjaIH%2BMOebQkz6k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71c440eca8c89b1c-FRA
expires: Tue, 06 Jun 2023 14:32:13 GMT

GET
H2 200 river-load-more-pg.min.js Show response
www.benefitspro.com/assets/master-template/js/release/ 4 KB
2 KB 56ms
55ms Script
application/javascript 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/release/river-load-more-pg.min.js?2022-06-16-10

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 53
x-cache: HIT 3
backend: templates_newlaw_director
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4031-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 71c440ed9ab69a35-FRA
x-vnode: 27
expires: Thu, 16 Jun 2022 18:32:13 GMT

GET
H2 200 moatheader.js
z.moatads.com/almheader466656885399/ 0
75 KB 228ms
225ms Other
application/x-javascript 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almheader466656885399/moatheader.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 15:43:36 GMT
server: AmazonS3
x-amz-request-id: H3GPB4KRSNNW4EZ4
etag: "f427622a9c127f3bd6f05627436cdc59"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7017
accept-ranges: bytes
content-length: 76191
x-amz-id-2: ktFIku6t/u76MtonBNXjpOL1DT+R3BRstvGu4LKJ5UuhRTbjsTiCvPc09NyYJ5unT81VAR4TGAE=

GET
H2 200 qkq4rhw.css
use.typekit.net/ 0
1 KB 22ms
15ms Other
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.css

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 16 Jun 2022 14:32:13 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 906

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 55ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qkq4rhw&ht=tk&f=139.169.175.5474.25136.14541.14546.14548&a=702529&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 css Show response
fonts.googleapis.com/ 3 KB
1 KB 209ms
20ms Fetch
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71ab148cfc90acf719758d5afa6afe0e131647522a2516616e494b7469235752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 12:34:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:32:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:32:13 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 122 KB
33 KB 78ms
36ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 690a114ee6b71aed7e26d11a6e71c9e7b1c8ac6628cc33aca855bf5dc5b90afe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 23:11:33 GMT
server: AkamaiNetStorage
etag: "61519355155b6984e0e75d57e912c052:1654643493.493059"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 33538
expires: Thu, 16 Jun 2022 14:37:13 GMT

GET
H2 200 l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 18 KB
18 KB 33ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
server: nginx
etag: "fa20d38ca87af1153085d9146b698f2bb93b7223"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18468

GET
H2 200 l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 33 KB
33 KB 33ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
server: nginx
etag: "0373618e2db17cca6330e4b11556968310f08eb7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33856

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 35ms
11ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 40ms
16ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33660

GET
H2 200 smart_benefitspro.epl Show response
www.dianomi.com/ Frame 3423 6 KB
2 KB 178ms
106ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

297326d46648fbcdecc6b350abe705794c7c42f41244bcba93956e6c4fe1f735

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.benefitspro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-h2-pushed: </img/a/pss/1972/61.css>
cf-ray: 71c440ee1d4191db-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 14:32:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: now
link: </img/a/pss/1972/61.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ALM-21-422103%20Regulated%20Static%20Modules_BPRO_300x250.jpg
imageserver.amlaw.com/images/ 118 KB
118 KB 228ms
144ms Image
image/jpeg 2600:9000:2156:e600:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/images/ALM-21-422103%20Regulated%20Static%20Modules_BPRO_300x250.jpg
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2544b35317df6156ed8dd3cec802785526182131888e0b2274667c4aef1dd4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Mon, 09 May 2022 12:27:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "b0c7e322fe7dfb7b61a3030f6a6722e0"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-length: 120819
x-amz-cf-id: wvAr7VH-FmbpbFOPJSuQrrO3a1lg4iwJXH7ZeSpj6Aaybd5J9o_u5Q==

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 32 KB
32 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
server: nginx
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32384

GET
H2 200 l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ 32 KB
33 KB 9ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
server: nginx
etag: "b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33188

GET
H2 200 l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 19 KB
19 KB 9ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
server: nginx
etag: "5cf72d8979177145b3e27e04c6afd6f60bee7a35"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19288

GET
H2 200 hb_302826_14703.js Show response
player.mediafuse.com/prebidlink/459830/ 365 KB
112 KB 280ms
13ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 637768d31c4e2b2354a0e277ef240c5e209776aef6ce88fc75d7a4d669332f35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 18:26:23 GMT
server: nginx
etag: W/"62aa244f-5b4f5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 18 Jun 2022 14:32:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 78ms
27ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js?2022-06-16-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

db09b9eabe9fb2b201e8ec0b2a1d0f25ef244dbfcf605e5c859810381dccb6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27983
x-xss-protection: 0
server: sffe
etag: "1246 / 957 of 1000 / last-modified: 1655377844"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jun 2022 14:32:13 GMT

GET
H2 200 wrapper_hb_302826_14703.js Show response
player.mediafuse.com/prebidlink/459830/ 790 B
737 B 284ms
23ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.mediafuse.com/prebidlink/459830/wrapper_hb_302826_14703.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8804bf9193bccd983755bd7d4cc995fd4185bac1272ab5a0714adf0df6c515ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 14:04:56 GMT
server: nginx
etag: W/"62ab3888-316"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 18 Jun 2022 14:32:13 GMT

GET
H2 200 smart_benefitspro.epl Show response
www.dianomi.com/ Frame 7966 7 KB
2 KB 138ms
108ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d654bb7b9ce5c11eb5e9c1908cafdfa34e6be14e43789ca475757f04a8a5075

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.benefitspro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-h2-pushed: </img/a/pss/2232/12.css>
cf-ray: 71c440ee1d4491db-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 14:32:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: now
link: </img/a/pss/2232/12.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 19 KB
19 KB 12ms
10ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2022-06-16-10
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
server: nginx
etag: "70dc2d1e85f8b46c0851a31b57494c0bdb743209"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19412

GET
H/1.1 200
OK dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Show response
s.dpmsrv.com/ 317 KB
27 KB 60ms
13ms Script
application/x-javascript 143.204.89.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 503af589a4c7d0ac4126d796333287de4f0b708898800d68e42b5a55aa47f556

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 13:52:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 13:50:14 GMT
Server: AmazonS3
Age: 2494
ETag: "5fd3792a6b1c8fafd463b261bb856f63"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 27065
X-Amz-Cf-Id: DQdYSMxQj7sqDCKvh71EIMm5THl-KYepYYVEQuhVRRftvNMtYag1cQ==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 409 B
584 B 158ms
51ms Script
text/html 18.200.133.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-G%2FBLd6uuVWlgP6m3tVv3EhYKQlBk9l%2Bd1St6rl4fSl7XR4zDhBa4DU0%3D&rs=1-Lo02nnduOmx%2BSA%3D%3D&sc=1&os=1-Xg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&pcode=almheader466656885399&rx=764939142154&callback=MoatNadoAllJsonpRequest_12428023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.133.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-133-16.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 6c75ebcd6566bbe66149b7403c0a69d0d90d1232d020c576e9d5d9c8b1097787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "7f7b374a14f368213886fc76b83c646eb0b88cf0"
content-length: 409
content-type: text/html; charset=UTF-8

GET
H3 200 css
fonts.googleapis.com/ 8 KB
712 B 33ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ee745ddb73cf079c293a6aea2eac0fa10b70a47ccebc704d8aacaacc9bf8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 13:41:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:32:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:32:13 GMT

GET
H2 200 all.json Show response
www.benefitspro.com//paging/content/ 126 KB
18 KB 153ms
150ms XHR
application/json 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com//paging/content/all.json?id=32&limit=100&start=20

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86e0ca780cb01f31ebbcf46b4a0dafb1546c241456d238b34a0445b1dd413748

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.benefitspro.com/?slreturn=20220516103212
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-ray: 71c440ef6dcd9a35-FRA
x-vnode: 21

GET
H2 200 61.css
www.dianomi.com/img/a/pss/1972/ Frame 3423 2 KB
955 B 0ms
0ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/1972/61.css

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1767781
cf-polished: origSize=2947
strict-transport-security: max-age=2592000
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Apr 2022 05:22:28 GMT
server: cloudflare
etag: W/"b83-5ddb01ca78c4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sun, 17 Jul 2022 00:32:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 71c440ee7e0891db-FRA
cf-bgj: minify

GET
H2 200 12.css
www.dianomi.com/img/a/pss/2232/ Frame 7966 2 KB
954 B 0ms
0ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2232/12.css

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1754182
cf-polished: origSize=2446
strict-transport-security: max-age=2592000
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Feb 2022 21:36:34 GMT
server: cloudflare
etag: W/"98e-5d8de7e2f2252"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sun, 17 Jul 2022 00:32:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 71c440ee7e0b91db-FRA
cf-bgj: minify

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK / Show response
geoip.alm.com/json/ 180 B
449 B 408ms
107ms XHR
application/json 192.226.85.63
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.alm.com/json/
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 192.226.85.63 Lincoln, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: /
Resource Hash: 94a4ac0a4cb46b1cf7eb80b06b737c4176fd4da78b83c76353e283591b7dd915

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Thu, 16 Jun 2022 14:32:14 GMT
Access-Control-Allow-Credentials: true
X-Database-Date: Sat, 11 Jun 2022 08:05:01 GMT
Content-Length: 180
Vary: Origin
Content-Type: application/json

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame 3423 8 KB
3 KB 25ms
25ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b69810b05811735260bb9d32ae84fe5d0dfd66c74ee896f2cd7f3a13a31430d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 42
cf-polished: origSize=12294
last-modified: Tue, 29 Mar 2022 13:42:32 GMT
strict-transport-security: max-age=2592000
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"3006-5db5b99cf9a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 71c440f08a9a91db-FRA
expires: Thu, 16 Jun 2022 14:34:14 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame 7966 8 KB
2 KB 25ms
25ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b69810b05811735260bb9d32ae84fe5d0dfd66c74ee896f2cd7f3a13a31430d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 42
cf-polished: origSize=12294
last-modified: Tue, 29 Mar 2022 13:42:32 GMT
strict-transport-security: max-age=2592000
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"3006-5db5b99cf9a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 71c440f08aa191db-FRA
expires: Thu, 16 Jun 2022 14:34:14 GMT

GET
H2 200 VfG99MCoyKoAAGpDgiIAAAAI.png
www.dianomi.com/img/uploads/ Frame 7966 1 KB
1 KB 30ms
30ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/VfG99MCoyKoAAGpDgiIAAAAI.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2378078
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="VfG99MCoyKoAAGpDgiIAAAAI.webp"
strict-transport-security: max-age=2592000
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Aug 2020 16:33:27 GMT
server: cloudflare
etag: "f64-5ac380c3ca3c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Jul 2022 00:32:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71c440f08aa591db-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/259562/6/ Frame 7966 5 KB
5 KB 63ms
61ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/259562/6/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39c4f56d88fe54e362db4062ec6a98391a5c08a62efa7566c5fd4ce22e61987e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20829
cf-polished: qual=85, origFmt=jpeg, origSize=6687
content-disposition: inline; filename="263x200.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 07:55:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Jun 2022 14:32:14 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 71c440f18cde91db-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/225241/5/ Frame 7966 7 KB
7 KB 41ms
38ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/225241/5/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936e9fd29f146f4940c28ce1d29003f4952e469ad3d35fa3d79db7cc79ebcd4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1486206
cf-polished: qual=85, origFmt=jpeg, origSize=16118
content-disposition: inline; filename="263x200.webp"
strict-transport-security: max-age=2592000
content-length: 7080
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Mar 2022 09:55:14 GMT
server: cloudflare
etag: "3ef6-5db444f0fa562"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Jul 2022 00:32:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71c440f18ce191db-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/246964/7/ Frame 7966 18 KB
18 KB 58ms
56ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/246964/7/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a7ca529d98aae572b78767dee84109d1a087a064a16b279618524ce0da65174

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 569599
cf-polished: degrade=85, origSize=90248, status=webp_bigger
strict-transport-security: max-age=2592000
content-length: 18194
x-xss-protection: 1; mode=block
last-modified: Fri, 13 May 2022 10:29:15 GMT
server: cloudflare
etag: "16088-5dee225757fbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 17 Jul 2022 00:32:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71c440f18ce391db-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/259821/3/ Frame 7966 7 KB
7 KB 61ms
59ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/259821/3/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

084fb6c93a812ec77999e9ee16c4da0919acce85703aec6dd0e80f81a09aa114

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 108847
cf-polished: qual=85, origFmt=jpeg, origSize=12981
content-disposition: inline; filename="263x200.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jun 2022 07:20:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Jun 2022 14:32:14 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 71c440f18cef91db-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/257682/6/ Frame 7966 10 KB
10 KB 60ms
58ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/257682/6/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7b953d87c3e7ab3e08bd6a6630ecf056eaed4ddb01782015e4bebda4169c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 549622
cf-polished: origSize=10670, status=webp_bigger
strict-transport-security: max-age=2592000
content-length: 10297
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Jun 2022 15:44:48 GMT
server: cloudflare
etag: "29ae-5e105b3a32840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 17 Jul 2022 00:32:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71c440f18cf091db-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Benefits-Cooldown-1024-x-768-px.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/04/ 105 KB
106 KB 21ms
21ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/04/Benefits-Cooldown-1024-x-768-px.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18a60d03f82b1f732c17b57bcb5017c2c6fa669c86efb6f58cd862fec28a2a6f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 53
cf-polished: origSize=117904, status=webp_bigger
x-cache: HIT 9
backend: contribsreimg_prod_director
last-modified: Mon, 04 Apr 2022 14:50:35 GMT
content-length: 107806
cf-bgj: imgq:85,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f0c7f-1cc90-5dbd540330b8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f098149a35-FRA
x-vnode: 28
expires: Thu, 16 Jun 2022 18:32:14 GMT

GET
H2 200 pill-money-investing-investments-health-pharma.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 15 KB
15 KB 25ms
25ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/pill-money-investing-investments-health-pharma.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf19fbbacb95e0e006f112a3454d5c581552eaf6e9c6761a67417af908c37a13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 53
cf-polished: qual=85, origFmt=jpeg, origSize=24047
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="pill-money-investing-investments-health-pharma.webp"
content-length: 15306
last-modified: Tue, 14 Jun 2022 17:23:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f9578-5def-5e16baa9c8c8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f098169a35-FRA
x-vnode: 27
cf-bgj: imgq:85,h2pri

GET
H2 200 gavel-shutterstock-book-e1655240601195.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 27 KB
27 KB 22ms
22ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/gavel-shutterstock-book-e1655240601195.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09875ac8c9b4450a8b970b030cde9272a93912a1d43e911ac48878c0dd92e1b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 7161
cf-polished: qual=85, origFmt=jpeg, origSize=34476
x-cache: HIT 2
backend: contribsreimg_prod_director
content-disposition: inline; filename="gavel-shutterstock-book-e1655240601195.webp"
content-length: 27706
last-modified: Tue, 14 Jun 2022 21:03:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8cd7cb-86ac-5e16ebc112e09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f098179a35-FRA
x-vnode: 21
cf-bgj: imgq:85,h2pri

GET
H2 200 nav-icon-sign-in-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 236 B
486 B 45ms
44ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2587
cf-polished: origFmt=png, origSize=3131
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in-white.webp"
cf-bgj: imgq:85,h2pri
content-length: 236
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"3131-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f098259a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:14 GMT

GET
H2 200 arrow-open.png
www.benefitspro.com/assets/master-template/images/market-images/ 134 B
369 B 34ms
33ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/arrow-open.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2587
cf-polished: origFmt=png, origSize=2986
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="arrow-open.webp"
cf-bgj: imgq:85,h2pri
content-length: 134
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"2986-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f098279a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:14 GMT

GET
H2 200 Luminaries-2022-BPRO_2-1.png
images.benefitspro.com/contrib/content/uploads/sites/412/2022/04/ 5 KB
6 KB 28ms
27ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/04/Luminaries-2022-BPRO_2-1.png?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c9ef63832b28847e0eede2839afb230f5efc15d2dfd85728ec0e865c0fe60e

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
etag: "8f0ca0-1c70-5de08b8dd3564"
cf-cache-status: HIT
age: 53
cf-polished: qual=85, origFmt=jpeg, origSize=7280
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Mon, 02 May 2022 15:05:26 GMT
content-disposition: inline; filename="Luminaries-2022-BPRO_2-1.webp"
content-length: 5186
cf-bgj: imgq:85,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 14:32:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f098289a35-FRA
x-vnode: 27
expires: Thu, 16 Jun 2022 18:32:14 GMT

GET
H2 200 GiantCrack.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2019/01/ 5 KB
5 KB 37ms
37ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2019/01/GiantCrack.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb86a904c28a91ecf83cb07bd5a3d79cc6bb4a28bf04e73ebc9e404a95fcbe30

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
etag: "5d03dc-1812-5830b25949110"
cf-cache-status: HIT
age: 53
cf-polished: qual=85, origFmt=jpeg, origSize=6162
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Fri, 01 Mar 2019 16:46:21 GMT
content-disposition: inline; filename="GiantCrack.webp"
content-length: 4624
cf-bgj: imgq:85,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 14:32:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f0982a9a35-FRA
x-vnode: 27
expires: Thu, 16 Jun 2022 18:32:14 GMT

GET
H2 200 shift-shapers-david-saltzman.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 15 KB
15 KB 30ms
24ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/shift-shapers-david-saltzman.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c04b74194334a2b9f47924af8b8b1dd094cb79374c7f12fea896c8356691586

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
etag: "8f956d-3dbb-5e15c093ea102"
cf-cache-status: HIT
age: 53
cf-polished: qual=85, origFmt=jpeg, origSize=15803
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Mon, 13 Jun 2022 22:44:51 GMT
content-disposition: inline; filename="shift-shapers-david-saltzman.webp"
content-length: 15520
cf-bgj: imgq:85,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 14:32:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f0b8639a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:14 GMT

GET
H2 200 advisor-agent-sales-fav-fizkes-at-Adobe-Stock.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 8 KB
8 KB 33ms
32ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/advisor-agent-sales-fav-fizkes-at-Adobe-Stock.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01e86ab675e57a17ea4c818e1cd381bed5505680f74ca112d7d8ef6f8c9dd9ce

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
etag: "8f8519-23ff-5e15a79163e9b"
cf-cache-status: HIT
age: 53
cf-polished: qual=85, origFmt=jpeg, origSize=9215
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Mon, 13 Jun 2022 20:52:58 GMT
content-disposition: inline; filename="advisor-agent-sales-fav-fizkes-at-Adobe-Stock.webp"
content-length: 8394
cf-bgj: imgq:85,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 14:32:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f0b8659a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:14 GMT

GET
H2 200 employees-office-worker-fav-tech-BalanceFormCreative-at-Adobe-Stock.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 14 KB
15 KB 28ms
28ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/employees-office-worker-fav-tech-BalanceFormCreative-at-Adobe-Stock.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f9f1cdec875195b270d34aeec64217e8ed444e8fdee833e3b71cfd28296805d

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 53
cf-polished: degrade=85, origSize=14849, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 14833
last-modified: Mon, 13 Jun 2022 20:30:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f8516-3a01-5e15a2977e116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
accept-ranges: bytes
cf-ray: 71c440f0b8679a35-FRA
x-vnode: 21
cf-bgj: imgq:85,h2pri

GET
H2 200 Supreme-Court-building-Scotus-black-and-white-stairs.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 14 KB
14 KB 21ms
21ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/Supreme-Court-building-Scotus-black-and-white-stairs.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8086375f1fd287c35edf85c7eebbf51b1ee0702d3fc104e58f374ef39204564e

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 53
cf-polished: degrade=85, origSize=14718, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 14265
last-modified: Mon, 13 Jun 2022 17:16:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f8513-397e-5e157735027b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
accept-ranges: bytes
cf-ray: 71c440f0b8699a35-FRA
x-vnode: 27
cf-bgj: imgq:85,h2pri

GET
H2 200 shutterstock_184848263-family-thanksgiving-elderly.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 11 KB
12 KB 47ms
43ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/shutterstock_184848263-family-thanksgiving-elderly.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad101480624048c8b6ed0885553387334030a03cb36e1b9325bf16722927dbb

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 53
cf-polished: origSize=12389, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 11749
last-modified: Mon, 13 Jun 2022 14:16:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f8512-3065-5e154efa15213"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
accept-ranges: bytes
cf-ray: 71c440f0c8859a35-FRA
x-vnode: 28
cf-bgj: imgq:85,h2pri

GET
H2 200 bakery-workers-blue-collar.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 17 KB
17 KB 18ms
18ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/bakery-workers-blue-collar.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

534d6bf639fecbb6e078a4dc09c4b37a1f1cc0e35f583bf2d19f997380bec55b

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 53
cf-polished: degrade=85, origSize=17007, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 16997
last-modified: Mon, 13 Jun 2022 12:52:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f8511-426f-5e153c33936db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
accept-ranges: bytes
cf-ray: 71c440f0d8939a35-FRA
x-vnode: 145
cf-bgj: imgq:85,h2pri

GET
H2 200 AdobeStock_86109812.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 13 KB
13 KB 24ms
23ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/AdobeStock_86109812.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ecb28bf49c74ac24cf79ee55be2431dbe66e115bd490388039fa3b65d7d659

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 53
cf-polished: degrade=85, origSize=13660, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 13015
last-modified: Mon, 13 Jun 2022 12:28:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f850f-355c-5e1536b515944"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
accept-ranges: bytes
cf-ray: 71c440f0e8aa9a35-FRA
x-vnode: 28
cf-bgj: imgq:85,h2pri

GET
H2 200 AdobeStock_214794331.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 9 KB
9 KB 20ms
20ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/AdobeStock_214794331.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1680b634f03924d1acac42fa6e66a135bab27f067792d3a8ce6059e0df125c72

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 53
cf-polished: origSize=10046, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 9358
last-modified: Mon, 13 Jun 2022 12:20:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f850e-273e-5e15350b0c953"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
accept-ranges: bytes
cf-ray: 71c440f0e8b19a35-FRA
x-vnode: 145
cf-bgj: imgq:85,h2pri

GET
H2 200 AdobeStock_3031204471.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 15 KB
15 KB 21ms
21ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/AdobeStock_3031204471.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f23f95f5da131d4e3ea5996f67d6d5944f348964b023e6f256a9c2bb61663357

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 52
cf-polished: origSize=16358, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 15352
last-modified: Mon, 13 Jun 2022 11:06:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f771e-3fe6-5e152479163c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
accept-ranges: bytes
cf-ray: 71c440f0e8bc9a35-FRA
x-vnode: 28
cf-bgj: imgq:85,h2pri

GET
H2 200 Business-woman-puzzled-Article-202205191155.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/04/ 2 KB
3 KB 39ms
39ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/04/Business-woman-puzzled-Article-202205191155.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecc141739fd701c467a58e21c86bb285b78d08fecea60dfecafc8ebde8dd1230

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
etag: "8f2a50-da8-5df5fa11c3461"
cf-cache-status: HIT
age: 52
cf-polished: qual=85, origFmt=jpeg, origSize=3496
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Thu, 19 May 2022 16:11:41 GMT
content-disposition: inline; filename="Business-woman-puzzled-Article-202205191155.webp"
content-length: 2368
cf-bgj: imgq:85,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 14:32:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f0f8cf9a35-FRA
x-vnode: 27
expires: Thu, 16 Jun 2022 18:32:14 GMT

GET
H2 200 utag.119.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 10 KB
3 KB 32ms
32ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.39.202206072311
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2ef6d567cfb61bb6335094cb3b2a80477221daeb027ba0d82f91f2682925ef1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 23:11:33 GMT
server: AkamaiNetStorage
etag: "72197da8ce6de1c4aa6cb6f19610975c:1654643493.284625"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3197
expires: Fri, 01 Jul 2022 14:32:14 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1655389932862
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1655389932862

362 B
1 KB

58ms
58ms

XHR
application/json

52.49.126.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1655389932862

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

HTTP/1.1

Server

52.49.126.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-126-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c4cb91f9eaefa2a91d3ed40c75425821a4a0b5720fa0d776acdfcd307a19a882

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v034-0a50a7dd7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: VJ0+SseoT8w=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 305
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v034-0fcd0d7bf.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.benefitspro.com
X-TID: zHOAeoLKSGE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1655389932862
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 pubads_impl_2022060901.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 30ms
7ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127664
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 08:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 16 Jun 2023 13:05:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 122 B
127 B 42ms
23ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.benefitspro.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

63c54e1a7365643d41619441accc66105de41c9820a3a041cc115bf1b71a91d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Thu, 16 Jun 2022 14:32:14 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D410134%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%2...
https://a.dpmsrv.com/dpmpxl/index.php?id=8419371128779113978&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=410134&tzOffset=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212

245 B
997 B

522ms
97ms

Script
text/javascript

3.87.151.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=8419371128779113978&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=410134&tzOffset=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: HTTP/1.1
Server: 3.87.151.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-87-151-192.compute-1.amazonaws.com
Software: /
Resource Hash: c75b2dbe5a90490ae6efeb3685d8b7e95cad06e3e844adb2695c5a5224451d26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 218
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:14 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 019fdf54-477e-432d-af31-5f014075d200
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=8419371128779113978&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=410134&tzOffset=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 41ms
12ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 267336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
17 KB 39ms
10ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:57:13 GMT
x-content-type-options: nosniff
age: 268501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:57:13 GMT

GET
H2 200 hbw_master_302826_14703.js Show response
player.hbmp.mediafuse.com/prebidlink/459830/ 96 KB
34 KB 29ms
10ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hbmp.mediafuse.com/prebidlink/459830/hbw_master_302826_14703.js
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/wrapper_hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 83199ab0d2c5a0b0aa786e88ee10c25fcf272c6a083734778b0e9fc6bf3b0802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 14:04:56 GMT
server: nginx
etag: W/"62ab3888-17f60"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 18 Jun 2022 14:32:14 GMT

POST
H2 204 result Show response
www.benefitspro.com/cdn-cgi/bm/cv/ 0
268 B 22ms
21ms XHR
text/plain 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.benefitspro.com/cdn-cgi/bm/cv/result?req_id=71c440ea4ca89a35
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/?slreturn=20220516103212
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
server: cloudflare
cf-ray: 71c440f1ca819a35-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 utag.26.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 12ms
7ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202103192340
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5a02d8eef54e76a16a95b2325079d0f55222cecc927a60bac1de8e2a8c0257af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 23:40:46 GMT
server: AkamaiNetStorage
etag: "7c0950e22ed37b8b60ace798f4912a07:1616197246.557629"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1525
expires: Fri, 01 Jul 2022 14:32:14 GMT

GET
H2 200 utag.78.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 110 KB
35 KB 35ms
30ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.39.202206072311
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dcba15e5523be76d54eb66e628b33b5351457b7bc677178f6c2c091c78a77636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 23:11:32 GMT
server: AkamaiNetStorage
etag: "6ab05e857b2c2f339011b9dfc07e29da:1654643492.745129"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 35236
expires: Fri, 01 Jul 2022 14:32:14 GMT

GET
H2 200 utag.32.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 16ms
11ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.32.js?utv=ut4.39.201909121652
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:56 GMT
server: AkamaiNetStorage
etag: "fb390697366796015697c0162fac7588:1592861216.366485"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1448
expires: Fri, 01 Jul 2022 14:32:14 GMT

GET
H2 200 utag.39.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 17ms
12ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2016 19:05:16 GMT
server: AkamaiNetStorage
etag: "19f5cfea9207d9078058ad07886d8356:1472583916"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 953
expires: Fri, 01 Jul 2022 14:32:14 GMT

GET
H2 200 utag.101.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 13 KB
4 KB 18ms
13ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 300908cbcb84903590648db1851fcb3c493af3aaab47d4109e0a9f8394e06fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:53 GMT
server: AkamaiNetStorage
etag: "d92cbafa99067935fba25cba6e9bcb91:1592861213.763276"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4339
expires: Fri, 01 Jul 2022 14:32:14 GMT

GET
H2 200 utag.110.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 13 KB
4 KB 18ms
13ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.39.202107302124
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f82e15fdbadb6dc7d6e03118beba7d22a955bf05cd5fe8731c79c19d733549ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 21:24:26 GMT
server: AkamaiNetStorage
etag: "50802a806f0086c287d5df0c82065a18:1627680266.616143"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3847
expires: Fri, 01 Jul 2022 14:32:14 GMT

GET
H2 200 utag.112.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 19ms
14ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.39.202005192159
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Tue, 19 May 2020 21:59:32 GMT
server: AkamaiNetStorage
etag: "237667acf6557ccb2652f9af3e9f82a8:1589925572.725309"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1014
expires: Fri, 01 Jul 2022 14:32:14 GMT

GET
H2 200 employees-clapping-applauding-success-SFIO-CRACHO-at-Shutterstock.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 10 KB
10 KB 29ms
26ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/employees-clapping-applauding-success-SFIO-CRACHO-at-Shutterstock.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a1c3b556718b54be37293e2dad46046da21987cbe3b967b3f6b6b2c1240806

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
cf-cache-status: HIT
age: 52
cf-polished: origSize=10906, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 10261
last-modified: Thu, 16 Jun 2022 13:18:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f95b6-2a9a-5e19078899af1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 16 Jun 2022 18:32:14 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
accept-ranges: bytes
cf-ray: 71c440f21b299a35-FRA
x-vnode: 28
cf-bgj: imgq:85,h2pri

GET
H2 200 Ufe3LcCoyKoAADivRIsAAAAC.png
www.dianomi.com/img/uploads/ Frame 3423 1 KB
1 KB 27ms
26ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1766606
cf-polished: origFmt=png, origSize=2126
content-disposition: inline; filename="Ufe3LcCoyKoAADivRIsAAAAC.webp"
strict-transport-security: max-age=2592000
content-length: 1026
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Aug 2020 14:28:40 GMT
server: cloudflare
etag: "84e-5acc31eddb600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 17 Jul 2022 00:32:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71c440f24e8c91db-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
15 KB 314ms
13ms Script
application/x-javascript 2600:9000:2156:6e00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202103192340
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ad53ba7c073cc7c7e6f2a684129bebbcf956a9a4c6a7aa9068f575f4c533386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:10:28 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 02:06:17 GMT
server: nginx
age: 4906
etag: W/"62981b19-9081"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: h9QIhFF3nFD0fnCXnNOLHrwf_HyP1eE7_0HtE9UKXPNRlgjeM0vEcw==
expires: Thu, 16 Jun 2022 15:10:28 GMT

GET
H2

200

i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=01816cedcd31000e740472f004a503074003406c00b08&tealium_account=alm&tealium_profile=main
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=01816cedcd31000e740472f004a503074003406c00b08&tealium_account=alm&tealium_profile=main&goog...
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01816cedcd31000e740472f004a503074003406c00b08&tealium_account=alm&tealium_profile=main&google_gid=CAESED9FB7t1QpSvq3...

43 B
967 B

39ms
11ms

Image
image/gif

18.185.194.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01816cedcd31000e740472f004a503074003406c00b08&tealium_account=alm&tealium_profile=main&google_gid=CAESED9FB7t1QpSvq3uFIw6Gz1Q&google_cver=1
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Server: 18.185.194.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-194-205.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-serverid: uconnect_i-0a05ebcaa13f1330c
x-did: 01816cedcd31000e740472f004a503074003406c00b08
x-tid: 01816cedcd31000e740472f004a503074003406c00b08
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: alm:main:2:vdata
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-type: image/gif
x-ulver: 81cb70304c5bceef12cb3cd166ab57385009fd7f-SNAPSHOT
content-length: 43
x-uuid: eb49f2a2-caeb-421e-b997-f5a2bb43369a
expires: Thu, 16 Jun 2022 14:32:15 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01816cedcd31000e740472f004a503074003406c00b08&tealium_account=alm&tealium_profile=main&google_gid=CAESED9FB7t1QpSvq3uFIw6Gz1Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 24 KB
10 KB 310ms
10ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Jun 2022 14:32:14 GMT

POST
H2 200 i.gif Show response
collect.tealiumiq.com/alm/main/2/ 43 B
751 B 302ms
9ms XHR
image/gif 18.185.194.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/alm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.194.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-194-205.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryL41bQ6mzqRAZB2BH

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
vary: Origin
x-serverid: uconnect_i-0cb769b37dd8de97d
x-tid: 01816cedcd31000e740472f004a503074003406c00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: alm:main:2:datacloud
x-region: eu-central-1
content-length: 43
pragma: no-cache
x-did: 01816cedcd31000e740472f004a503074003406c00b08
content-type: image/gif
access-control-allow-origin: https://www.benefitspro.com
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-ulver: 81cb70304c5bceef12cb3cd166ab57385009fd7f-SNAPSHOT
x-uuid: 1b3c0432-c9b7-471c-bd2a-0b3e7582cc0a
expires: Thu, 16 Jun 2022 14:32:14 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279934/ 9 KB
4 KB 241ms
7ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279934/config.json?cb=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e976915db77ba345a931c541cf718c076d62d06024494b29a21316932e858843

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 12:01:06 GMT
server: nginx
etag: W/"62ab1b82-2203"
content-type: application/json
access-control-allow-origin: https://www.benefitspro.com
expires: Sat, 18 Jun 2022 14:32:14 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.hbmp.mediafuse.com/geo/ 144 B
419 B 265ms
20ms XHR
application/json 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/geo/
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/459830/hbw_master_302826_14703.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d5b16693c724c1642da52fde31483195cd190593257acc5b7385f693305313d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 14:32:13 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.benefitspro.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 144

GET
H/1.1 200
OK tracking Show response
ghb.hbmp.mediafuse.com/adunit/ 43 B
439 B 265ms
20ms XHR
image/gif 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/adunit/tracking?event=11&type=0&client_id=302826&site_id=14703&full_page_url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&adid=h4fb5z.gc&features=16416&vpbv=N062&tte=916&lifecycle_tte=2664
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/459830/hbw_master_302826_14703.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 14:32:13 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.benefitspro.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
43 KB 255ms
21ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-836740203

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.39.202107302124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd72c466a8054b168c3db8d75856327d8f12ba2a0c0bbe7cbf2502e1349d6e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43284
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Jun 2022 14:32:14 GMT

GET
H2 200 j.html Show response
p.medocdn.com/prebidlink/19159/ Frame 48C1 1 KB
888 B 42ms
7ms Document
text/html 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.medocdn.com/prebidlink/19159/j.html?i=11596
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer: https://www.benefitspro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=172800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 16 Jun 2022 14:32:14 GMT
etag: W/"620bee41-43d"
expires: Sat, 18 Jun 2022 14:32:14 GMT
last-modified: Tue, 15 Feb 2022 18:17:37 GMT
server: nginx

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
32 KB 240ms
9ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?165
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:53:23 GMT
age: 2331
x-guploader-uploadid: ADPycdvI_5cBFXJW3WmoK_PAx6QJvQIquo2oG_zqJWqSZLKy0wGzbgn6f3YKsZEfWgugU3wroLE0tfQ1NtaXkhkWBNzX3w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32025
last-modified: Mon, 04 Apr 2022 15:43:44 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "25b1f355dd487bdf5381a749056080c4"
x-goog-hash: crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA==
x-goog-generation: 1649087024620619
cache-id: FRA-fa985ced
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 13ms
12ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202206072311&cb=1655389933218
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 16 Jun 2022 14:42:14 GMT

GET
H2 200 menu-close-btn.png
www.benefitspro.com/assets/master-template/images/ 268 B
499 B 29ms
29ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/menu-close-btn.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc76428cad5c36631113a653d30ef85dbcfe672934b13630f4fdd2c1f1403f58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 53
cf-polished: origFmt=png, origSize=3321
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="menu-close-btn.webp"
cf-bgj: imgq:85,h2pri
content-length: 268
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"3321-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c440f38dcb9a35-FRA
x-vnode: 145
expires: Thu, 16 Jun 2022 18:32:14 GMT

GET
H/1.1 200
OK dest5.html Show response
alm.demdex.net/ Frame B9DB 7 KB
3 KB 143ms
37ms Document
text/html 34.249.212.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.212.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-212-46.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.benefitspro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v034-01d93149e.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UkT8nc5BRYE=
content-encoding: gzip
date: Thu, 16 Jun 2022 14:32:14 GMT
last-modified: Wed, 8 Jun 2022 13:40:06 GMT
vary: accept-encoding

GET
H2 200 id Show response
b.law.com/ 48 B
509 B 201ms
11ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.law.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=18769621776950411263289704335902275843&ts=1655389933253

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

6a52a1cc0b6b42aded151ce6db1e91860b0002d90426d53fd51c214a9224a3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-658967d5d4-j52hr
vary: Origin
x-c: main-1649.I02425a.M0-575
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yqs_7gAAAGjV2ANe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=14627321745694577022587182366785042243
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yqs_7gAAAGjV2ANe

42 B
945 B

44ms
44ms

Image
image/gif

52.49.126.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yqs_7gAAAGjV2ANe

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

HTTP/1.1

Server

52.49.126.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-126-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v034-096c78cf2.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3Pb0y2bSSGk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yqs_7gAAAGjV2ANe
Date: Thu, 16 Jun 2022 14:32:14 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 01816cedcd31000e740472f004a503074003406c00b08 Show response
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 27 B
243 B 43ms
9ms Script
application/javascript 52.57.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-eu-central-1.tealiumiq.com/alm/main/01816cedcd31000e740472f004a503074003406c00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1655389933445

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.207.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-207-136.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-version: 81cb70304c5bceef12cb3cd166ab57385009fd7f-SNAPSHOT
date: Thu, 16 Jun 2022 14:32:14 GMT
x-region: eu-central-1
content-length: 27
strict-transport-security: max-age=31536000; includeSubdomains
x-nodeid: i-0aa5f34dc1571ad20
content-type: application/javascript; charset=utf-8

GET
H2 200 rules-p-tet4NLTPxSXJn.js Show response
rules.quantcount.com/ 3 KB
1 KB 90ms
37ms Script
application/javascript 2600:9000:2156:9c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-tet4NLTPxSXJn.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:29:37 GMT
content-encoding: gzip
age: 192
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 09 Mar 2017 01:28:01 GMT
server: AmazonS3
etag: W/"f0a36155fe2ee3d6ce46f06d32dfc5df"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7kW9NQmDfv7FUSFSIO49REk0_57e_OyapsX9K3QVvMrYGykQslroXA==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 303ms
96ms Image
image/gif 54.146.191.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=benefitspro.com&p=%2F&u=Cbl5maC4WDE5EaeRX&d=benefitspro.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8354&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2943&t=E4bPft6Ol8Il4iQCcixs8TnulN&V=133&i=BenefitsPRO%3A%20Employee%20Benefits%20News%2C%20Trends%20%26%20Sales%20Tips%20%7C%20BenefitsPRO&tz=0&sn=1&sv=H78ayDqT_5eD6BT30DwprO-Iy4E9&sd=1&im=067b2ef3&_
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.191.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-191-54.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 s62143402602861
b.law.com/b/ss/almbpro,almglobal/1/JS-1.6/ 43 B
222 B 20ms
19ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.law.com/b/ss/almbpro,almglobal/1/JS-1.6/s62143402602861?AQB=1&ndh=1&pf=1&t=16%2F5%2F2022%2014%3A32%3A13%204%200&mid=18769621776950411263289704335902275843&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=bpro%3Ahome&g=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&cc=USD&ch=bpro%3Ahome&server=bpro&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v24=bpro&c30=home&v30=D%3Dc30&c40=17&c41=10%3A30am&v41=D%3Dc41&c42=thursday&v42=D%3Dc42&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
x-content-type-options: nosniff
x-c: main-1649.I02425a.M0-575
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 17 Jun 2022 14:32:14 GMT
server: jag
xserver: anedge-658967d5d4-x448s
etag: 3554922815387566080-4619361418141750037
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 15 Jun 2022 14:32:14 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 92ms
15ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 91ms
14ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 98ms
22ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 90ms
14ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 91ms
14ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 90ms
14ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 90ms
15ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 99ms
23ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 99ms
24ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 98ms
24ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 88ms
13ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 97ms
23ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 96ms
23ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 97ms
24ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 97ms
24ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 75ms
23ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.benefitspro.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 16 Jun 2022 14:32:15 GMT
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
893 B 9ms
9ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:14 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 672a8907-5e11-4fff-8b88-c541126fa291
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
446 B 114ms
79ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.benefitspro.com
date: Thu, 16 Jun 2022 14:32:14 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 62
vary: origin, Accept-Encoding

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 54ms
21ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.benefitspro.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
246 B 1719ms
698ms XHR
application/json 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Thu, 16 Jun 2022 14:32:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
862 B 12ms
11ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6866a25e-d3e3-4567-a27a-cd613bb347cf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 251ms
238ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

64a3d23d252e87ba0ee7b571e745f729f35d577084dbed597c6f0ce36b5b7faa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c630f96e-699a-48bd-8e86-7f218ec9e413
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
299 B 108ms
85ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 2cd21f46907f72eeb2e8fc200c7d6869b5d73930b36287c04b61f2916933d5b4

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 111ms
87ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 5e7b2240358444a2e12432d7209c2e3b4fb1fb4802f5abe8f29d61961f2e7d33

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 132ms
110ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 8dc201efc8abf2aefcb9fcd0b6643901dea7f0e2d36d7782792444a98d5ba5d8

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 144ms
120ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 356d314bfae636caf9a7b511b96e26935511f59cec41b5a06683f625300e2c97

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 118ms
95ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: d6b59f504da5545dd5c6b6d767e3179d05249485a4908713ece9bb16032f263c

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 161ms
137ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: df1926dff219967bc22826093aa70b15264deb80d377ede6bb47323833bfb465

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 126ms
103ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: c96aedcd7020f8b072dd068a8ac50c20ca41cf9094b1b88f45f341f7bc6fbe6d

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 143ms
121ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: dd3f361a7e81e57f07066254b0f3ca4ac59a716926c6b3a4189da5c6c1317698

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 133ms
113ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 2d0154b4f5718f73d5e30a02920a7294e714484f95c0d3b3ff63f40caf90b316

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 146ms
125ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: a0dca3317d342060662e95ca7543b970ecd13337d4f7331a378fc1bdd2c52dbd

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 131ms
107ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 3290502d50db0472828738f97250f6090febf7d8edd0ae9aebc0a3ea047cafe9

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 132ms
111ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 4f937e79e52c45a2a5d40365e93940165a0e327e14a913e9817db3efe2d9d844

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 133ms
111ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 8ba2560bc4185ed0f243270ab9979b5c3f35af3768fefc4f3ef5b088fb82e0e4

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 124ms
104ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 7acec7600d692a1b202e17046e105c5542974637183ade908589d70a8ff81419

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 134ms
114ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 8dc0da1e78a7fed160bfae8011d028a56315493222429df7c3413a62f6a99c80

Request headers

Referer: https://www.benefitspro.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 adreq Show response
ads.servenobid.com/ 768 B
651 B 356ms
276ms XHR
application/json 18.203.55.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5796
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.55.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-55-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c5cf38e1ac2de4a020f29c4803eb86fdc6184ca4a5583011002e8a344334e750

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.benefitspro.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/2e43c/1/www.benefitspro.com/ 2 B
161 B 57ms
17ms XHR
text/plain 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.benefitspro.com/ROS?rnd=0.7376232066731978&e=728x90_0%3A728x90%2C970x250%2C970x90%2B728x90_1%3A728x90%2C970x250%2C970x90%2B728x90_2%3A728x90%2B728x90_3%3A728x90%2C970x250%2C970x90%2B300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2B1400x320_0%3A1400x320%2B2x2_0%3A2x2%2B2x2_1%3A2x2%2B2x2_2%3A2x2%2B1090x95_0%3A1090x95%2B150x31_0%3A150x31%2B150x31_1%3A150x31%2B300x400_0%3A300x400%2B88x31_0%3A88x31%2C150x31&ur=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&pbv=6.7.0-pre&ncb=1&vs=FFFFFFFFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&e_pubcid=8bce39d6-42f7-446c-b73c-061fa5f266fb
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.benefitspro.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
server: openresty
content-type: text/plain
content-length: 2
x-sid: AMS-747

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
175 B 289ms
257ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.benefitspro.com
pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
689 B 757ms
665ms XHR
application/json 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f8b180f976834bc2372d7d14edb910e3c50c2a0bbdbd56a31900e7f88a7d7684

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Jun 2022 14:32:15 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.benefitspro.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 375

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
634 B 740ms
649ms XHR
application/json 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 158160a099581837b94291a2b85e33b9af546039bbc7014e1af69356360f16b8

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Jun 2022 14:32:15 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.benefitspro.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 320

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
332 B 71ms
26ms XHR
application/json 104.92.100.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=843135&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221497e12a152c3e8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A15%2C%22msi%22%3A15%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22150caa0e8d70bb56%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2215158071bd96a106%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%221523cef595c91c62%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22153c1450f4b5aff6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2215470dfe91aeb83d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2215555839dc832469%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22156ac1fad128796f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22843135%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediafuse.com%22%2C%22sid%22%3A%22160%22%2C%22hp%22%3A1%2C%22rid%22%3A%22c390009d-13b7-43f1-b32b-7f42b69b1134%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228bce39d6-42f7-446c-b73c-061fa5f266fb%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-100-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7304ffa3b0738845d440211edc744119c32a600479ff85d165b44f2a782618d9

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[81.95.5.36], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.benefitspro.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 16 Jun 2022 14:32:15 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
851 B 112ms
87ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUO2I9ST
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b58498fbd6e9cffbde590996c130234db3de2da2afce4aa6ee70f588c2dd7f88

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
862 B 38ms
38ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0eb5e22f-d481-4d13-85f7-00eff8dee54c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
317 B 106ms
50ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=3932701899

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 61ms
20ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.benefitspro.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 59ms
19ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.benefitspro.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 utsync.ashx Show response
ml314.com/ 62 B
81 B 53ms
36ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&pv=1655389933660_0xmr9dbg1&bl=en-us&cb=342650&return=&ht=&d=&dc=&si=1655389933660_0xmr9dbg1&cid=&s=1600x1200&rp=&v=2.5.1.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?165
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:14 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 7966 77 B
307 B 55ms
53ms XHR
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=259562&smartad_variant_id=6101&device_type=computer&geo_state=bayern&impression_id=Yqs-7fFgrM5yznuyQrAHeQAAADE&adgroup_variant_ids=246964,225241,257682,259821,259562&geo_ccod=de&geo_dma=&smartad_id=3424

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 71c440f6382e91db-FRA
expires: Wed, 15 Jun 2022 14:32:15 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 7966 77 B
138 B 76ms
75ms XHR
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=225241&smartad_variant_id=6101&device_type=computer&geo_state=bayern&impression_id=Yqs-7fFgrM5yznuyQrAHeQAAADE&adgroup_variant_ids=246964,225241,257682,259821,259562&geo_ccod=de&geo_dma=&smartad_id=3424

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 71c440f6485391db-FRA
expires: Wed, 15 Jun 2022 14:32:15 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 7966 77 B
138 B 77ms
74ms XHR
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=246964&smartad_variant_id=6101&device_type=computer&geo_state=bayern&impression_id=Yqs-7fFgrM5yznuyQrAHeQAAADE&adgroup_variant_ids=246964,225241,257682,259821,259562&geo_ccod=de&geo_dma=&smartad_id=3424

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 71c440f6485891db-FRA
expires: Wed, 15 Jun 2022 14:32:15 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 7966 77 B
138 B 65ms
62ms XHR
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=259821&smartad_variant_id=6101&device_type=computer&geo_state=bayern&impression_id=Yqs-7fFgrM5yznuyQrAHeQAAADE&adgroup_variant_ids=246964,225241,257682,259821,259562&geo_ccod=de&geo_dma=&smartad_id=3424

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 71c440f6485a91db-FRA
expires: Wed, 15 Jun 2022 14:32:15 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 7966 77 B
138 B 73ms
70ms XHR
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=257682&smartad_variant_id=6101&device_type=computer&geo_state=bayern&impression_id=Yqs-7fFgrM5yznuyQrAHeQAAADE&adgroup_variant_ids=246964,225241,257682,259821,259562&geo_ccod=de&geo_dma=&smartad_id=3424

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3424&url=https%3A//www.benefitspro.com/%3Fslreturn%3D20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 71c440f6485e91db-FRA
expires: Wed, 15 Jun 2022 14:32:15 GMT

GET
H2 200 170 Show response
a.ad.gt/api/v1/u/matches/ 8 KB
9 KB 571ms
187ms Script
application/javascript 52.12.72.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/170
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/459830/hbw_master_302826_14703.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.12.72.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-12-72-198.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 2066d3a8149312209ea5f292cca6501f4db0d190dd90008c978998a08d74d03a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Jun 2022 14:32:15 GMT
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-length: 8644
content-type: application/javascript

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 413 B
246 B 53ms
50ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3493363142612423&correlator=191864787396187&eid=31064018&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=21665826759%2Cbenefitspro%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=280884692&sfv=1-0-38&ecs=20220616&ists=1&fsapi=false&prev_scp=position%3Dinterstitial%26hb_rfBid%3D0&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1655389933722&lmt=1655389933&dlt=1655389931946&idt=1217&biw=1600&bih=1200&adxs=0&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x8353&msz=1600x0&fws=0&ohw=0&ga_vid=470211526.1655389934&ga_sid=1655389934&ga_hid=1164392544&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

d5e4dab6077a39adc70c1115e1a61d7fec27412610e81fcaf00d79fb37bef183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bcc781a88193ff3b593d54b5e2247a17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B63 6 KB
4 KB 75ms
17ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bcc781a88193ff3b593d54b5e2247a17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:32:15 GMT
expires: Fri, 16 Jun 2023 14:32:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hbw_master_307825_11596.js Show response
p.medocdn.com/prebidlink/y19159/ Frame 48C1 73 KB
25 KB 20ms
19ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.medocdn.com/prebidlink/y19159/hbw_master_307825_11596.js
Requested by: Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/19159/j.html?i=11596
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5015d878e981802158adacba561e8ff4d0ece02e4d91af29ce4577d3044dcdc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.medocdn.com/prebidlink/19159/j.html?i=11596
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 21:49:38 GMT
server: nginx
etag: W/"62968d72-125de"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 18 Jun 2022 14:32:15 GMT

GET
H2 200 pixel;r=1948987649;labels=ALM%20Insurance.Benefits%20Pro;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212;uht=2;fpan=1;fpa=P0-337096068-1655389933762;pbc=...
pixel.quantserve.com/ 35 B
371 B 46ms
15ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1948987649;labels=ALM%20Insurance.Benefits%20Pro;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212;uht=2;fpan=1;fpa=P0-337096068-1655389933762;pbc=8bce39d6-42f7-446c-b73c-061fa5f266fb;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=benefitspro.com;je=0;sr=1600x1200x24;dst=0;et=1655389933762;tzo=0;ogl=type.website%2Ctitle.BenefitsPRO%3A%20Employee%20Benefits%20News%252C%20Trends%20%26%20Sales%20Tips%20%7C%20BenefitsPRO%2Csite_name.BenefitsPRO%2Curl.https%3A%2F%2Fwww%252Ebenefitspro%252Ecom%2F%2Cimage.%2F%2Fimages%252Ebenefitspro%252Ecom%2Fmedia%2Fmaster-template%2Fsocial-share-logos%2Fsocial-share-b%2Cdescription.BenefitsPRO%252Ecom%20is%20the%20leading%20source%20of%20employee%20benefits%20news%252C%20trends%252C%20opinion

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 62ms
36ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-836740203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 14:32:15 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8419371128779113978&pixelIndex=0
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8419371128779113978&pixelIndex=0&google_gid=CAESEMZm03tWLjTjAynWJbhTn8w&google_cver=1

0
598 B

96ms
96ms

Script
text/javascript

3.87.151.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8419371128779113978&pixelIndex=0&google_gid=CAESEMZm03tWLjTjAynWJbhTn8w&google_cver=1
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: HTTP/1.1
Server: 3.87.151.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-87-151-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8419371128779113978&pixelIndex=0&google_gid=CAESEMZm03tWLjTjAynWJbhTn8w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 54ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=8419371128779113978
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 hb_307825_11596.js Show response
player.adtelligent.com/prebidlink/ex19160/ Frame 48C1 291 KB
90 KB 23ms
6ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Requested by: Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19159/hbw_master_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e8b8b7f5858bffc97b6f59764535e43bc2b455ac78c17d89c83b3c6b72da04d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.medocdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
last-modified: Mon, 23 May 2022 15:25:26 GMT
server: nginx
etag: W/"628ba766-48a3f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 18 Jun 2022 14:32:15 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ Frame 48C1 144 B
413 B 55ms
18ms XHR
application/json 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19159/hbw_master_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d5b16693c724c1642da52fde31483195cd190593257acc5b7385f693305313d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.medocdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 14:32:15 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://p.medocdn.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 144

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ Frame 48C1 43 B
430 B 54ms
18ms XHR
image/gif 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11596&full_page_url=https%3A%2F%2Fwww.benefitspro.com&adid=h4fboy.aq&features=16416&vpbv=N061&lifecycle_tte=623
Requested by: Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19159/hbw_master_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.medocdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 14:32:15 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://p.medocdn.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/836740203/ 2 KB
2 KB 51ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/836740203/?random=1655389933845&cv=9&fst=1655389933845&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&tiba=BenefitsPRO%3A%20Employee%20Benefits%20News%2C%20Trends%20%26%20Sales%20Tips%20%7C%20BenefitsPRO&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3caa1916d477601c9afaa43cb0adde0465d49fa977d86db52e2bd8d55c534687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/307824/ Frame 48C1 2 KB
1 KB 8ms
8ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.benefitspro.com
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b81b496425cdbd2f2277d81e65f81edfe2cd36d8d2a992d2217ff4e2eb6d80de

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 12:01:10 GMT
server: nginx
etag: W/"62ab1b86-851"
content-type: application/json
access-control-allow-origin: https://p.medocdn.com
expires: Sat, 18 Jun 2022 14:32:15 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 17ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 13ms
13ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3bbddf14-5bdb-431a-a459-69431c70a8ef
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 466 B
789 B 413ms
328ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: b51da656c07305988913bec9c9cb7829d1e13384bd98d8a3772da61bda84e65a

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 466
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 15ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 139 B
977 B 16ms
16ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c2116195b8d9dec00fe04c49aa739ecd572fcc844fd9214c1f077c5ccb779af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a8b6c19c-b241-4d08-a808-e8d0e1e12ff4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 465 B
788 B 155ms
75ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: ae9c8168896feda69f5d26ce8b25e4e9be96b61050ad29ccadebe00ef76ad540

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 465
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 15ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 48C1 0
214 B 16ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=82962202208

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:14 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://p.medocdn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 465 B
788 B 155ms
80ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: fa0f3c52dfbf6bb39221a011f2b3dc6b17f14e9f2626d14c8d46a5d276300a1f

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 465
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 13ms
12ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 54cf761a-a568-46b7-af48-e187f4311e67
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 106ms
101ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9fdbe9bc-1560-4f8b-8a3b-e75369c8046c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 48C1 0
214 B 17ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=47696090891

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://p.medocdn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 16ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 465 B
788 B 148ms
81ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 9b0686ddd1eb56350bef75de300786b66356d96eb86f64db1c51d429b8c39f4d

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 465
expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/836740203/ 42 B
548 B 46ms
21ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/836740203/?random=1655389933845&cv=9&fst=1655388000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&tiba=BenefitsPRO%3A%20Employee%20Benefits%20News%2C%20Trends%20%26%20Sales%20Tips%20%7C%20BenefitsPRO&async=1&fmt=3&is_vtc=1&random=2237598805&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/836740203/ 42 B
548 B 45ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/836740203/?random=1655389933845&cv=9&fst=1655388000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&tiba=BenefitsPRO%3A%20Employee%20Benefits%20News%2C%20Trends%20%26%20Sales%20Tips%20%7C%20BenefitsPRO&async=1&fmt=3&is_vtc=1&random=2237598805&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 48C1 0
214 B 20ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=48804846808

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://p.medocdn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 15ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 79ms
79ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3f52841f-7771-4a2a-8bc6-8bdaaba02c70
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 465 B
788 B 64ms
63ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: f2d6df0c20409fd2d91acd411396e5976d21905f12d1a580e9f55f092022f325

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 465
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 11ms
11ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2a4ef23c-d315-4dcf-af8c-f1fa8aaa7fd4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 465 B
788 B 68ms
68ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 19f9af8f490af44a7589b426998a7a783298d87a4dd225bc5c5cfea5955e66d8

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 465
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 10ms
9ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1cba1495-fa50-4ba6-99e2-27b293eec110
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 466 B
789 B 228ms
228ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: f67e6ff56a1ff2d14894adb56e623d340a79755189f5cff4fc7fbb7dba08d202

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 466
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 17ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 465 B
788 B 87ms
87ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 67d6c585132a04d55f23c0596ee1d7a0fc212c205a232e4ca20d3c85044402a8

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 465
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 12ms
11ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 834f0483-69c4-4a22-8f7c-3b7d5c70a576
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 48C1 0
214 B 17ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=19578522890

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://p.medocdn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 400
Bad Request auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 69 B
409 B 111ms
111ms XHR
text/plain 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 078073865f25860f0af82474826c57972fe0dd1a4921878981960fb4fc32d79d

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 69
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 15ms
14ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 15ms
15ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cb03f6ea-0185-4bc9-904f-188250457146
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 48C1 0
214 B 17ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=89793618543

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://p.medocdn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 10ms
10ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 28528030-0f13-400c-be68-19a0d3829b81
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 15ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 400
Bad Request auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 69 B
409 B 17ms
17ms XHR
text/plain 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 078073865f25860f0af82474826c57972fe0dd1a4921878981960fb4fc32d79d

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 69
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 48C1 0
214 B 19ms
19ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=91272869631

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://p.medocdn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 400
Bad Request auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 69 B
409 B 17ms
17ms XHR
text/plain 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 078073865f25860f0af82474826c57972fe0dd1a4921878981960fb4fc32d79d

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 69
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 50ms
50ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 60158f86-ea61-4a17-9fc2-baca8c84a38d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 19ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 19ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 400
Bad Request auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 69 B
409 B 34ms
34ms XHR
text/plain 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 078073865f25860f0af82474826c57972fe0dd1a4921878981960fb4fc32d79d

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 69
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 11ms
10ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7999b8db-2f13-4489-a056-9df2296f3680
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 18ms
18ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 21a2f58d-38e7-4f64-a1b4-7826e11e2060
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 400
Bad Request auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 69 B
409 B 16ms
16ms XHR
text/plain 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 078073865f25860f0af82474826c57972fe0dd1a4921878981960fb4fc32d79d

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 69
expires: 0

GET
H2 200 170 Show response
id.halo.ad.gt/api/v1/partner/ 52 KB
10 KB 545ms
182ms Script
text/javascript 35.85.185.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.halo.ad.gt/api/v1/partner/170?sync=1&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.185.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-185-37.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 00b6166281bc5165f6f8aa0a890d0afd6b32d8eab9c48f9b15608046862e19c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:16 GMT
content-encoding: gzip
origin-trial
server: nginx/1.20.0
content-type: text/javascript; charset=UTF-8

GET
H2 200 170 Show response
p.ad.gt/api/v1/p/ 32 KB
32 KB 725ms
358ms Script
application/javascript 44.232.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/170?au_id=AU1D-0100-001655389934-U4S65XKL-TTO8
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.232.1.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-1-224.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: bc0886e86c3f072e0dd5009be9a6ceeea9065cdf8e3d2d0ae3249d1193776235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:16 GMT
last-modified: Thu, 16 Jun 2022 07:51:50 GMT
server: nginx/1.20.0
etag: "1655365910.0-32628-2710964840"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=43200
accept-ranges: bytes
content-length: 32628
expires: Fri, 17 Jun 2022 02:32:16 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&adnxs_id=$UID
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&adnxs_id=8419371128779113978

43 B
473 B

490ms
176ms

Image
image/gif

35.83.6.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&adnxs_id=8419371128779113978
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Server: 35.83.6.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-6-89.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:16 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Fri, 17 Jun 2022 02:32:16 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b03eb09c-5673-4a67-a5a6-1fde3d7da97e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&adnxs_id=8419371128779113978
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 103ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001655389934-U4S65XKL-TTO8&gdpr=0
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 UCookieSetPug
image2.pubmatic.com/AdServer/ 0
225 B 194ms
18ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001655389934-U4S65XKL-TTO8
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001655389934-U4S65XKL-TTO8
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&google_gid=CAESELTBKfXBiOPHz9L7wLor5sA&google_cver=1&google_ula=450542624,0

43 B
471 B

507ms
175ms

Image
image/gif

35.83.6.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&google_gid=CAESELTBKfXBiOPHz9L7wLor5sA&google_cver=1&google_ula=450542624,0
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Server: 35.83.6.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-6-89.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:16 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Fri, 17 Jun 2022 02:32:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&google_gid=CAESELTBKfXBiOPHz9L7wLor5sA&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001655389934-U4S65XKL-TTO8
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1NTM4OTkzNC1VNFM2NVhLTC1UVE84

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1NTM4OTkzNC1VNFM2NVhLTC1UVE84

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1NTM4OTkzNC1VNFM2NVhLTC1UVE84
date: Thu, 16 Jun 2022 14:32:16 GMT
server: nginx/1.20.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001655389934-U4S65XKL-TTO8%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001655389934-U4S65XKL-TTO8%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&impr_uid=878bd6dc-6abb-4a3e-8df6-abcaa64ce5a7

43 B
380 B

408ms
199ms

Image
image/gif

35.83.6.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&impr_uid=878bd6dc-6abb-4a3e-8df6-abcaa64ce5a7
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Server: 35.83.6.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-6-89.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:16 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Fri, 17 Jun 2022 02:32:16 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&impr_uid=878bd6dc-6abb-4a3e-8df6-abcaa64ce5a7
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001655389934-U4S65XKL-TTO8
https://ids.ad.gt/api/v1/mediamath_match?user_id=7a6162ab-3ef0-4d00-be90-eadfbc02fd77&id=AU1D-0100-001655389934-U4S65XKL-TTO8

43 B
381 B

176ms
175ms

Image
image/gif

35.83.6.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=7a6162ab-3ef0-4d00-be90-eadfbc02fd77&id=AU1D-0100-001655389934-U4S65XKL-TTO8
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Server: 35.83.6.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-6-89.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:16 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Fri, 17 Jun 2022 02:32:16 GMT

Redirect headers

Date: Thu, 16 Jun 2022 14:32:16 GMT
Server: MT3 4447 e18e916 master hkg-pixel-x20 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=7a6162ab-3ef0-4d00-be90-eadfbc02fd77&id=AU1D-0100-001655389934-U4S65XKL-TTO8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Jun 2022 14:32:15 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ 43 B
306 B 74ms
24ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001655389934-U4S65XKL-TTO8%26auid%3DAU1D-0100-001655389934-U4S65XKL-TTO8
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
214 B 70ms
10ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001655389934-U4S65XKL-TTO8&gdpr=0
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

beeswax_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001655389934-U4S65XKL-TTO8
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001655389934-U4S65XKL-TTO8&_bee_ppp=1
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AASRqE7FVn4AABOT28LfVQ&id=AU1D-0100-001655389934-U4S65XKL-TTO8

43 B
380 B

478ms
345ms

Image
image/gif

35.83.6.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AASRqE7FVn4AABOT28LfVQ&id=AU1D-0100-001655389934-U4S65XKL-TTO8
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Server: 35.83.6.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-6-89.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:16 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Fri, 17 Jun 2022 02:32:16 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AASRqE7FVn4AABOT28LfVQ&id=AU1D-0100-001655389934-U4S65XKL-TTO8
Date: Thu, 16 Jun 2022 14:32:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 19ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 400
Bad Request auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 69 B
409 B 16ms
15ms XHR
text/plain 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 078073865f25860f0af82474826c57972fe0dd1a4921878981960fb4fc32d79d

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 69
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 10ms
9ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f8101824-b5a0-4c37-befb-48a661d14681
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 22ms
22ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 400
Bad Request auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 69 B
409 B 15ms
15ms XHR
text/plain 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 078073865f25860f0af82474826c57972fe0dd1a4921878981960fb4fc32d79d

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 69
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 11ms
10ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bcf1bc2a-4edf-4504-9697-3147e92498bd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48C1 0
175 B 19ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.medocdn.com
date: Thu, 16 Jun 2022 14:32:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 48C1 19 B
856 B 76ms
74ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:32:15 GMT
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 20537838-34de-4699-8972-498d55868e8a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.medocdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 400
Bad Request auction Show response
rtb.adxpremium.services/openrtb2/ Frame 48C1 69 B
409 B 18ms
17ms XHR
text/plain 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 078073865f25860f0af82474826c57972fe0dd1a4921878981960fb4fc32d79d

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:15 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://p.medocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 69
expires: 0

POST
H/1.1 204
No Content multitracking Show response
ghb.hbmp.mediafuse.com/adunit/ 0
230 B 42ms
41ms XHR
text/plain 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/adunit/multitracking
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/459830/hbw_master_302826_14703.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Thu, 16 Jun 2022 14:32:15 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
474 B 236ms
236ms Image
image/gif 35.83.6.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001655389934-U4S65XKL-TTO8&halo_id=060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2oik0mggk4e4s4ou04gu0oeow6sy
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.83.6.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-6-89.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:16 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Fri, 17 Jun 2022 02:32:16 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
106 B 536ms
182ms XHR
text/plain 52.12.72.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170?au_id=AU1D-0100-001655389934-U4S65XKL-TTO8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.12.72.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-12-72-198.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.benefitspro.com
date: Thu, 16 Jun 2022 14:32:16 GMT
server: nginx/1.20.0
vary: Origin

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
52 B 542ms
180ms Script
text/plain 44.238.81.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=4d6f63d33f35255190cd04e08080d288&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170?au_id=AU1D-0100-001655389934-U4S65XKL-TTO8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.81.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-81-176.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:16 GMT
server: nginx/1.20.0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 64ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170?au_id=AU1D-0100-001655389934-U4S65XKL-TTO8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6189
date: Thu, 16 Jun 2022 12:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Jun 2022 14:49:07 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 27ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jun 2022 14:38:18 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jun 2022 14:45:14 GMT

POST
H/1.1 204
No Content mut Show response
ghb.adtelligent.com/adunit/ Frame 48C1 0
224 B 19ms
18ms XHR
text/plain 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/mut
Requested by: Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19159/hbw_master_307825_11596.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.medocdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://p.medocdn.com
Date: Thu, 16 Jun 2022 14:32:16 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.benefitspro.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.benefitspro.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 382 KB
37 KB 732ms
732ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3493363142612423&correlator=2648039745209520&eid=31064018&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=21665826759%2Cbenefitspro%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%2C728x90%2C728x90%7C970x90%7C970x250%2C1400x320%2C2x2%2C2x2%2C2x2%2C1090x95%2C150x31%2C300x400%2C150x31%2C88x31%7C150x31&ifi=2&adks=2374663990%2C423164296%2C621869612%2C2389933584%2C212082572%2C2962773317%2C423164297%2C1184254381%2C4222465145%2C4222465144%2C202127516%2C2428321928%2C3638061094%2C4253840728%2C2009399356%2C172955470&sfv=1-0-38&ecs=20220616&fsapi=false&prev_scp=position%3Dtop%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dtop1%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dmiddle%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dmiddle1%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dmiddle2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dfooter%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dtop2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dsuper_hero%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dnative_single1%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dnative_single2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dnative_collection%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Des_pushdown%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Des_logo_pushdown%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Des_rr_module%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Des_logo_rr%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dii_logo%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1&sc=1&cookie=ID%3D9b0be3fc1c1833f0%3AT%3D1655389935%3AS%3DALNI_MYq6ETbAcNxqFCgQPATl-8NghhO9Q&abxe=1&dt=1655389935602&lmt=1655389935&dlt=1655389931946&idt=1217&biw=1600&bih=1200&adxs=230%2C230%2C1090%2C1090%2C1090%2C0%2C230%2C100%2C210%2C210%2C1090%2C255%2C260%2C1090%2C1090%2C210&adys=623%2C3681%2C673%2C1113%2C4457%2C0%2C8075%2C0%2C1063%2C1570%2C1093%2C603%2C603%2C673%2C673%2C3794&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&frm=20&vis=1&scr_x=0&scr_y=0&psz=1170x40%7C1170x40%7C300x0%7C300x0%7C300x0%7C1600x8353%7C1170x40%7C1600x0%7C850x2998%7C850x2998%7C300x0%7C1600x8353%7C1600x8353%7C300x0%7C300x0%7C1180x0&msz=1140x0%7C1140x0%7C300x0%7C300x0%7C300x0%7C1600x0%7C1140x0%7C1600x0%7C850x0%7C850x0%7C300x0%7C1600x0%7C1080x0%7C300x0%7C300x0%7C1180x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=470211526.1655389934&ga_sid=1655389934&ga_hid=1164392544&ga_fc=true&btvi=0%7C1%7C0%7C0%7C2%7C0%7C3%7C0%7C0%7C4%7C0%7C0%7C0%7C0%7C0%7C5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

00b5fa9efd5d03cb15c2e84f494f399e28a20a8745e3d4422f60b9c550087588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38010
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,4594036698,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,138226581719,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 49ms
25ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cd2e6620d43956d043afda431f867890c0e2caad75d01c2638de7e380675f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10579
x-xss-protection: 0

GET
H2 200 nav-icon-sign-in-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 236 B
388 B 32ms
31ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2590
cf-polished: origFmt=png, origSize=3131
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in-white.webp"
cf-bgj: imgq:85,h2pri
content-length: 236
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"3131-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c441028a2b9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:17 GMT

GET
H2 200 arrow-open.png
www.benefitspro.com/assets/master-template/images/market-images/ 134 B
355 B 46ms
46ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/arrow-open.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/?slreturn=20220516103212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 2590
cf-polished: origFmt=png, origSize=2986
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="arrow-open.webp"
cf-bgj: imgq:85,h2pri
content-length: 134
last-modified: Wed, 15 Jun 2022 16:23:38 GMT
server: cloudflare
etag: W/"2986-1655310218000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c441028a2f9a35-FRA
x-vnode: 21
expires: Thu, 16 Jun 2022 18:32:17 GMT

GET
H2 200 Luminaries-2022-BPRO_2-1.png
images.benefitspro.com/contrib/content/uploads/sites/412/2022/04/ 5 KB
6 KB 29ms
28ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/04/Luminaries-2022-BPRO_2-1.png?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c9ef63832b28847e0eede2839afb230f5efc15d2dfd85728ec0e865c0fe60e

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
etag: "8f0ca0-1c70-5de08b8dd3564"
cf-cache-status: HIT
age: 56
cf-polished: qual=85, origFmt=jpeg, origSize=7280
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Mon, 02 May 2022 15:05:26 GMT
content-disposition: inline; filename="Luminaries-2022-BPRO_2-1.webp"
content-length: 5186
cf-bgj: imgq:85,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 14:32:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c441028a329a35-FRA
x-vnode: 27
expires: Thu, 16 Jun 2022 18:32:17 GMT

GET
H2 200 GiantCrack.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2019/01/ 5 KB
5 KB 30ms
29ms Image
image/webp 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2019/01/GiantCrack.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb86a904c28a91ecf83cb07bd5a3d79cc6bb4a28bf04e73ebc9e404a95fcbe30

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
etag: "5d03dc-1812-5830b25949110"
cf-cache-status: HIT
age: 56
cf-polished: qual=85, origFmt=jpeg, origSize=6162
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Fri, 01 Mar 2019 16:46:21 GMT
content-disposition: inline; filename="GiantCrack.webp"
content-length: 4624
cf-bgj: imgq:85,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 16 Jun 2022 14:32:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 71c441028a359a35-FRA
x-vnode: 27
expires: Thu, 16 Jun 2022 18:32:17 GMT

GET
H2 200 employees-clapping-applauding-success-SFIO-CRACHO-at-Shutterstock.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/ 10 KB
10 KB 31ms
31ms Image
image/jpeg 2606:4700:4400::ac40:9199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/06/employees-clapping-applauding-success-SFIO-CRACHO-at-Shutterstock.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a1c3b556718b54be37293e2dad46046da21987cbe3b967b3f6b6b2c1240806

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
cf-cache-status: HIT
age: 55
cf-polished: origSize=10906, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 10261
last-modified: Thu, 16 Jun 2022 13:18:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8f95b6-2a9a-5e19078899af1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 16 Jun 2022 18:32:17 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
accept-ranges: bytes
cf-ray: 71c441028a389a35-FRA
x-vnode: 28
cf-bgj: imgq:85,h2pri

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 67ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:32:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 49ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 14:32:17 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2166 15 KB
6 KB 222ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.benefitspro.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cf123b4d7a9a20f1cd0a1e41dd39841845abb4350e5d466adb592f4bdf5b9be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.benefitspro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6149
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:32:17 GMT
server-processing-duration-in-ticks: 2411
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 62ms
30ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:32:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 41EF 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 13:56:06 GMT
expires: Fri, 16 Jun 2023 13:56:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5B3E 783 B
533 B 37ms
20ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

498959ae9bccdb60b1ead47857b081bba819b7caf436eb7f1ebb97cad50896b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SytjOLC_DcbGQRgaEnxKNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.benefitspro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-SytjOLC_DcbGQRgaEnxKNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:32:17 GMT
expires: Thu, 16 Jun 2022 14:32:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 41EF 35 KB
13 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 11:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 11:23:49 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 48C1 87 KB
28 KB 21ms
21ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19160/hb_307825_11596.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.medocdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:32:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5B3E 0
0 72ms
71ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=3493363142612423&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7457 15 KB
6 KB 103ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.benefitspro.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cf123b4d7a9a20f1cd0a1e41dd39841845abb4350e5d466adb592f4bdf5b9be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://p.medocdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6149
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:32:16 GMT
server-processing-duration-in-ticks: 2118
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 48C1 87 KB
28 KB 23ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.medocdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:32:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 41EF 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nbIPpA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7457
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=p.medocdn.com&sn=ChromeSyncframe&so=0&topUrl=www.benefitspro.com&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=rXRIrXxGd0QwaGw0TnFxTG5TUlB0ZkNXRlJpeDBRVW5nWjNEMGVTNXRqcmk2RkhnaTlJUGNTM0JCcmpSUzBhOGt4TjFPcFNZNkxvMUd1blM1RGU1NW11UFEyZmkrVldjTnRSNnN5aXpSUTVrVHRIeG4xSGFxbUx3WEVYem...

430 B
631 B

147ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rXRIrXxGd0QwaGw0TnFxTG5TUlB0ZkNXRlJpeDBRVW5nWjNEMGVTNXRqcmk2RkhnaTlJUGNTM0JCcmpSUzBhOGt4TjFPcFNZNkxvMUd1blM1RGU1NW11UFEyZmkrVldjTnRSNnN5aXpSUTVrVHRIeG4xSGFxbUx3WEVYemxnT2NjZ0JKRmZMTEt3aXdxYWpaTGFPSUJSdEttTzQxTWFwallOOTRxOE5zc3ZKL2sxejJWWkpaYk4wblpLVklneE53a3JXaHlZQXFhS1ZkeTcxQ05VMWFNZzM2aDZTOVliSDY0V2pXNzJ0TzAxZW5aRlc4VU9BTktLS1hvU1U3QmxOMUt3YVhCS1hBNHg5aU15MGlNUkU2M21xa21IdmhSWC9sWkxTM2ZEc01YRkhvNThnUT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

27452ea7254e86c8c2bd57a3db78b27651760bccdd9bf3d0631ac7e95a75931d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5303
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:16 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=rXRIrXxGd0QwaGw0TnFxTG5TUlB0ZkNXRlJpeDBRVW5nWjNEMGVTNXRqcmk2RkhnaTlJUGNTM0JCcmpSUzBhOGt4TjFPcFNZNkxvMUd1blM1RGU1NW11UFEyZmkrVldjTnRSNnN5aXpSUTVrVHRIeG4xSGFxbUx3WEVYemxnT2NjZ0JKRmZMTEt3aXdxYWpaTGFPSUJSdEttTzQxTWFwallOOTRxOE5zc3ZKL2sxejJWWkpaYk4wblpLVklneE53a3JXaHlZQXFhS1ZkeTcxQ05VMWFNZzM2aDZTOVliSDY0V2pXNzJ0TzAxZW5aRlc4VU9BTktLS1hvU1U3QmxOMUt3YVhCS1hBNHg5aU15MGlNUkU2M21xa21IdmhSWC9sWkxTM2ZEc01YRkhvNThnUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1459
content-length: 567
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2166
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=benefitspro.com&sn=ChromeSyncframe&so=0&topUrl=www.benefitspro.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=9q6-0XxCcXJxQmJuWXVqS3dQRFRJc0RGTUdZUTZZK200UVFlQU5QQWNneHZKNEc4SDJkRDF1VFo0a1R0THFaVElKbWJjRjBEekp2QTc1Nk9iRWx2YXVrekJud05NNW90UWFzVVlHRjkzcE1CdGV0TngzVmpVWGg2Z0wrV1...

422 B
628 B

144ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=9q6-0XxCcXJxQmJuWXVqS3dQRFRJc0RGTUdZUTZZK200UVFlQU5QQWNneHZKNEc4SDJkRDF1VFo0a1R0THFaVElKbWJjRjBEekp2QTc1Nk9iRWx2YXVrekJud05NNW90UWFzVVlHRjkzcE1CdGV0TngzVmpVWGg2Z0wrV1BvS2hmYXV4RndsS3cyZEJHT0krNHBwRzRHWUdQWjJzcEY1Qk5wc3E4YlVCZmJ0a1g5UUEyZ0MvWFB0QWJkTnFGaGtkTXF6QXMxZy9QVGhPbC8xcGYrTTNEaXc2TVo3aWZMbDdPYjNIQy9PMGhhY2YzTC9QaTEyeTltZ0p6dWRId1dHRDYxVlNVbGZHazdJMDJGd1pYa0phbHc5WGVrdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

30239cfdd32dd23d4bb40db0fad6d64a242a966f760cdb0376fdc59341c8559a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:16 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5859
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:16 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=9q6-0XxCcXJxQmJuWXVqS3dQRFRJc0RGTUdZUTZZK200UVFlQU5QQWNneHZKNEc4SDJkRDF1VFo0a1R0THFaVElKbWJjRjBEekp2QTc1Nk9iRWx2YXVrekJud05NNW90UWFzVVlHRjkzcE1CdGV0TngzVmpVWGg2Z0wrV1BvS2hmYXV4RndsS3cyZEJHT0krNHBwRzRHWUdQWjJzcEY1Qk5wc3E4YlVCZmJ0a1g5UUEyZ0MvWFB0QWJkTnFGaGtkTXF6QXMxZy9QVGhPbC8xcGYrTTNEaXc2TVo3aWZMbDdPYjNIQy9PMGhhY2YzTC9QaTEyeTltZ0p6dWRId1dHRDYxVlNVbGZHazdJMDJGd1pYa0phbHc5WGVrdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1867
content-length: 541
expires: 0

POST iev
csm.fr.eu.criteo.net/ Frame 7457 0
0

POST iev
csm.fr.eu.criteo.net/ Frame 2166 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 47ms
46ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFey0exB-cnnGQ5YuqqiZmPWUaKQrnZ_c-m_01Hahi51xL2bdpdnUl8AucUtMed_XEuwWvtVba_xS4lY_-o-1nEqevP6GB0h4bfX_YkS1anwUW5Ly1NehpAxSFIlI9b6dplUIewSeVEDDHQOzG0h3V4K6G3Y8faNGqb9ZmxX6W6Ki50TIDJS_E-pZqR39Qn-7uO0OXbwpPe5sI-MhcEpZqiNuhw1B4Jht9E7EO3C2t0FDPHIFOn0nED12ktMA8is9Xf2mAQTEjJmVvV5wO6eoGRrvIVe9BX_60dj8Yt9SP8-bmDcddiNkWjN3226wtOxei4u2z3rBU35AIgAUTn7w&sig=Cg0ArKJSzIWNsiPBnVCsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:32:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ 0
0

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ 314 KB
107 KB 8ms
7ms Script
application/x-javascript 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d9fe43c3aa129c2b7882ccff81676e4101f6fbb54e92fe4eab6ba3a71d640766

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 16 Jun 2022 14:32:17 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 15:43:59 GMT
server: AmazonS3
x-amz-request-id: E55AQ3KZ0TN5HQ8G
etag: "7a082afca3899eec136009cdffe4da1c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=9009
accept-ranges: bytes
content-length: 108541
x-amz-id-2: QGsnWFeI5AyOxUjJxeBfoa6Wd4zliGQ65kUI7HrXYmeuxqwbA15s07RNYhEF+o6KiK9oemcVg7Y=

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012205270638000/ 220 KB
61 KB 56ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d201bb3b6a9b5c4572b54ff8cd188b8e77374e1694fead0bccd6606ffa147b2d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 249904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61483
x-xss-protection: 0
server: sffe
date: Mon, 13 Jun 2022 17:07:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c2451425189fb5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Jun 2023 17:07:13 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ 14 KB
5 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 107252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5195
x-xss-protection: 0
server: sffe
date: Wed, 15 Jun 2022 08:44:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4bef18b80ae165d1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Jun 2023 08:44:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ 94 KB
28 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 144901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28898
x-xss-protection: 0
server: sffe
date: Tue, 14 Jun 2022 22:17:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7ca71f15d9979237"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Jun 2023 22:17:16 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ 5 KB
2 KB 70ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 144872
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Tue, 14 Jun 2022 22:17:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "67a7e3dd539afea9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Jun 2023 22:17:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ 40 KB
13 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 144887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
server: sffe
date: Tue, 14 Jun 2022 22:17:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8dbbd2e5c9e4f2da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Jun 2023 22:17:30 GMT

GET
H3 200 css
fonts.googleapis.com/ 8 KB
893 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 12:42:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:32:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:32:17 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
2 KB 12ms
9ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 70349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Jun 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
319 B 11ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 31723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Jun 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 20ms
16ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlvZ0k3SMIAYUBaUMGKhnmpy7b23YE4c95RkFfnkq886wJaZiEepPn-nbasr2gAx0YAv3Y
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3

200

B25164142.293005005;dc_pre=CK--2omYsvgCFUx-4Aods54NUA;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=416587665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=416587665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CK--2omYsvgCFUx-4Aods54NUA;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=416587665;dc_lat=;dc_rdid...

43 B
64 B

52ms
32ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CK--2omYsvgCFUx-4Aods54NUA;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=416587665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CK--2omYsvgCFUx-4Aods54NUA;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=416587665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 54ms
51ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJGHJ8T6rYubnBcW83gOk47zoBtm2rs1qgcmkltgM2tkeEAEgm_Tta2CVgoCAsAegAZTW7tUDyAEJ4AIAqAMByAMKqgSNAk_QPw4FqeDiBZM2cOdf5hzJTyVkwCapV1jzyEja_ZunQHuMCwqugr3JV_dPAw2swqEn6NpmLKeDWm2DQEe2zop-Q94diInJybn5sn4-nUuMOE8Lxiit8wp65-srCZJFzmiRyk9J-pRxsARmiuCQDE1ZvkLWQX23QQQn77NsRN63YeJnRLDfS86VNRXYZQ8-f6wRm15LnvQRwFVJIzl2jKns5yq4pxUpqb_5W1qzrP3w1wywte6YZHJXXjjzMK-lpLp40p1Qxk_DCU_GCsmQojkK-Z3fQ_T4l3HUacatDtaXZkVpudqkPQowxOBFQSzE0lq1-qF2AilqjWgAeXsZ30a24bJVmOYiZsCJZ93wwASEnOC7ugPgBAGSBQQIBBgBkgUECAUYBKAGLoAH1KmRKqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEKP4sgHSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAbgTiCfYEwyIFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTI2MTk5MjQ0NDgwMzg3NRiPymo&sigh=jPYjJ8onMoc&uach_m=[UACH]&template_id=5000
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9975602013579026835/ 36 KB
36 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9975602013579026835/downsize_200k_v1?w=600&h=314

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acfc56af11023640161a7fa7c0932bb736f482736b38cb1e5adf7ca835b809b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:38:55 GMT
x-content-type-options: nosniff
age: 71602
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36752
x-xss-protection: 0
last-modified: Fri, 06 Sep 2019 19:31:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Jun 2023 18:38:55 GMT

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 560d647f22256a63ba771e68506e3a7ff2e5fafb07009d59ed4bcc9bb0e17978

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
11ms Image
image/gif 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALM_HEADER1&hp=1&zMoatAdUnit1=benefitspro&zMoatAdUnit2=home&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1655389932375&de=345384890001&rx=764939142154&m=0&ar=bba88fd8b49-clean&iw=12c49af&q=1&cb=0&cu=1655389932375&ll=2&lm=0&ln=0&em=0&en=0&d=4525440395%3A2480285401%3A5003105952%3A138270398165&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&id=1&ii=4&bo=benefitspro&bd=home&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=almheader466656885399&fd=1&ac=1&it=500&pe=1%3A1629%3A1629%3A5095%3A1810&fs=198853&na=1104687613&cs=0
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 16 Jun 2022 14:32:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 20ms
16ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTRTkrwofvXmxBX5hw9ginBtT2LJYaPWNG7vbBUGNO0Mms6l1VYtqS00uY1wYaWkdczYDd
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3

200

B25164142.293005005;dc_pre=CNK-2omYsvgCFQ814AodJO4Ljw;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=4226521581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=4226521581;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CNK-2omYsvgCFQ814AodJO4Ljw;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=4226521581;dc_lat=;dc_rdi...

43 B
64 B

51ms
31ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CNK-2omYsvgCFQ814AodJO4Ljw;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=4226521581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CNK-2omYsvgCFQ814AodJO4Ljw;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=4226521581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 53ms
51ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5UPH8T6rYunnBcW83gOk47zoBtm2rs1qgcmkltgM2tkeEAEgm_Tta2CVgoCAsAegAZTW7tUDyAEJ4AIAqAMByAMKqgSQAk_Qn8GVBIlRRFdL63eMmUyMi3nayjV70ry_-xcFhmofPFEVviNYk9Ixy2ETl3AWrnO_GM3e-qmctELPhoQvo0jbSYsfmrokUCjNP_vGtv0CVvHAZe8sFg2hItcb2-92vkW8CJ2zXyZf0NWAsMfGflWLYt5mZv1hl_RSKy-J2TaeRaBEt2Wld8vAEYpzIkpospN_tqtsLDNVmfZck5smWffsAdMsGYLhvEcPTMwRgEA3KRXUEmfE5pfPZaJIR2mP9ttbceK5GSzGObPF89FnfNDhqVcR6JgaNy1cKKqR-VL6dghb1bdILUwbgCIKx9zKa98AAModjv95Xc4z8YLkucwiYmtC0JdHo2vhIO2eLV5DwASEnOC7ugPgBAGSBQQIBBgBkgUECAUYBKAGLoAH1KmRKqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEO6xQ9IIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsBuBOIJ9gTDIgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMjYxOTkyNDQ0ODAzODc1GI_Kag&sigh=XrpHowc6cUU&uach_m=[UACH]&template_id=5000
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9975602013579026835/ 18 KB
18 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9975602013579026835/downsize_200k_v1?w=400&h=209

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f435f25c36db0390acfab9b595abfd08c29936dc7a1b5577632a4a3f4e17a46e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 08:45:40 GMT
x-content-type-options: nosniff
age: 107197
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18518
x-xss-protection: 0
last-modified: Fri, 06 Sep 2019 19:31:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Jun 2023 08:45:40 GMT

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 020ac33349f2f62c26dafbb07f55383b2e8c677108b6fb09159ed6251122e369

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 18ms
18ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRV5xq4kn7YjFN1b6rVrnwBrrQRh2c5RdbobhczN8mqQtPy3goCxL1jKv9FKIkgY6gh10dH
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3

200

B25164142.293005005;dc_pre=CPbk2omYsvgCFYuX3godp5kOOg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=714506142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=714506142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CPbk2omYsvgCFYuX3godp5kOOg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=714506142;dc_lat=;dc_rdid...

43 B
64 B

46ms
32ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CPbk2omYsvgCFYuX3godp5kOOg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=714506142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212

Protocol

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CPbk2omYsvgCFYuX3godp5kOOg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=714506142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 52ms
51ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLdFB8T6rYujnBcW83gOk47zoBtm2rs1qgcmkltgM2tkeEAEgm_Tta2CVgoCAsAegAZTW7tUDyAEJ4AIAqAMByAMKqgSQAk_QxZANejpusf_DfXKazU1nRvdVf3qWbitzgRQjOPn7ktO-Lw4zCmEjXt9avVhD5J5u5RcX-MkLQMVgBAOl0mXcIydlPoPwIzSeOGLy99gxTq9jjJlfAHIRKqNavwRthkjkMZjYrbJ7q-skP-7DjEVbup6bbhChekPXQzckcsprAvNBhnckoau8e73sMuldLq0fjREg9jbAkA4hHUIMek21wa2TLZKggDstkoq-_M_ddYi2xlq6IDmkvZDHDGx-7UMEp_Ebd-hSnGgtNSyzIBWqyvZA84VWL3Pk_c48lsfxyFGPrMGtZNKmGNAsuohQ8t62xGkBokktUjcuBfm9ULwIauMtvIU_myZe4i0qhLqMwASEnOC7ugPgBAGSBQQIBBgBkgUECAUYBKAGLoAH1KmRKqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPGvW9IIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsBuBOIJ9gTDIgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMjYxOTkyNDQ0ODAzODc1GI_Kag&sigh=AL9FPDSFdb4&uach_m=[UACH]&template_id=5000
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de2c401a0c71eab889a4174da5c9bea3a0b5340fc77cafc145868248b9462e17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ 28 KB
28 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitspro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 64523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:36:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 11ms
10ms Image
image/gif 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALM_HEADER1&hp=1&zMoatAdUnit1=benefitspro&zMoatAdUnit2=home&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1655389932375&de=497742495000&rx=764939142154&m=0&ar=bba88fd8b49-clean&iw=12c49af&q=2&cb=0&cu=1655389932375&ll=2&lm=0&ln=0&em=0&en=0&d=4525440395%3A2480285401%3A5003105952%3A138270398165&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&id=1&ii=4&bo=benefitspro&bd=home&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=almheader466656885399&fd=1&ac=1&it=500&pe=1%3A1629%3A1629%3A5095%3A1810&fs=198853&na=766916854&cs=0
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 16 Jun 2022 14:32:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
13ms Image
image/gif 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALM_HEADER1&hp=1&zMoatAdUnit1=benefitspro&zMoatAdUnit2=home&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1655389932375&de=655776100811&rx=764939142154&m=0&ar=bba88fd8b49-clean&iw=12c49af&q=3&cb=0&cu=1655389932375&ll=2&lm=0&ln=0&em=0&en=0&d=4525440395%3A2480285401%3A5003105952%3A138270398165&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20220516103212&id=1&ii=4&bo=benefitspro&bd=home&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=almheader466656885399&fd=1&ac=1&it=500&pe=1%3A1629%3A1629%3A5095%3A1810&fs=198853&na=44090319&cs=0
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20220516103212
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 16 Jun 2022 14:32:18 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.hbmp.mediafuse.com/adunit/ 0
230 B 20ms
20ms XHR
text/plain 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/adunit/multitracking
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/459830/hbw_master_302826_14703.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Thu, 16 Jun 2022 14:32:17 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 46ms
45ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CR-F38T6rYujnBcW83gOk47zoBtm2rs1qgcmkltgM2tkeEAEgm_Tta2CVgoCAsAegAZTW7tUDyAEJ4AIAqAMBqgSQAk_QxZANejpusf_DfXKazU1nRvdVf3qWbitzgRQjOPn7ktO-Lw4zCmEjXt9avVhD5J5u5RcX-MkLQMVgBAOl0mXcIydlPoPwIzSeOGLy99gxTq9jjJlfAHIRKqNavwRthkjkMZjYrbJ7q-skP-7DjEVbup6bbhChekPXQzckcsprAvNBhnckoau8e73sMuldLq0fjREg9jbAkA4hHUIMek21wa2TLZKggDstkoq-_M_ddYi2xlq6IDmkvZDHDGx-7UMEp_Ebd-hSnGgtNSyzIBWqyvZA84VWL3Pk_c48lsfxyFGPrMGtZNKmGNAsuohQ8t62xGkBokktUjcuBfm9ULwIauMtvIU_myZe4i0qhLqMwASEnOC7ugPgBAGSBQQIBBgBkgUECAUYBKAGLoAH1KmRKqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPGvW9IIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsBuBOIJ9gTDIgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMjYxOTkyNDQ0ODAzODc1GI_Kag&sigh=iaNRZ5w4I6w&vt=1&template_id=5000&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLY76s6IBh3SuwSMJ3Px3S1goSUjsrd4GZsHAGdbl73ic29gzgagKzlB8HCpV_YcLJo224DdRM2ZfyvRdlsTKKNTP6LhDnDhdqlvDkEkUr9QXIcP5jmxEXzf0DbE3wNMY7u6y2ISnkHZ0iVTpPsWcxxOCw3ws2THo4&sai=AMfl-YQfKw7C_H-Rn3GkOX0z2z5sPUwHNgtW-hhfueei_xrUzSn0qValrY9lroBaDIK20GoDBEMOHCgYDEgwUNvge-XO193OMoSDARl71xg-_p0zMcJNwzb205IvTPAN&sig=Cg0ArKJSzARYaV7EPrb_EAE&cid=CAASUORoJ70Iub3X40aW5oiio4V0E90bfSExoI2Bzn1Ij5U9p-lkadaPy9ZKH_SM1TbpP495nMuHBlHWoh-_xJWCgGXzBCNYhG2ywXFA-N2Gt2MG&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=6117&tls=7117&g=100&h=100&tt=7117&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=621869612

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 48ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.benefitspro.com%2F&domain=www.benefitspro.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.benefitspro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 16 Jun 2022 14:32:19 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1074
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.benefitspro.com%2F&domain=www.benefitspro.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=RLQQ2nxYeTVFaXFSdXI4M1dnOXNCYTM3TFlScER6OEptTGJIZjVhYVVPWGtFUmxtbTFORkdKb3Yvd3NPblZoMkZoOVBoWmFsMWh2RVZkZk5GdmVwdXd3ejBjYWhtRlpYQk02TFNUMzltOGt1Z1VYZmFXKzh3bG9uY3E5Ml...

444 B
685 B

15ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RLQQ2nxYeTVFaXFSdXI4M1dnOXNCYTM3TFlScER6OEptTGJIZjVhYVVPWGtFUmxtbTFORkdKb3Yvd3NPblZoMkZoOVBoWmFsMWh2RVZkZk5GdmVwdXd3ejBjYWhtRlpYQk02TFNUMzltOGt1Z1VYZmFXKzh3bG9uY3E5MlZwRk9OWlpIOUtQRTFQSmlYZlBWNjNRT2xXeW9qZ0gyZUlkaFVId3NuQ3VkY3NtOHVhTjQ1a2FVTjdPaTVYcjQzY00wcHJodDlvbVErQWloLzYwU0RzTjJ1UXpBN0R2Sk9FeW9tVWpPaGdxWlR0UjJYdkZacnpSajAxVi85WFN6S3pDYlBoWUZVcElFTS9IRFhvcm10cXM1eXh2bVRNUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8eec82bb19ba6f80a4de28f23d393bb8a3b67217b58d5f9e154e7be4c507e716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:20 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3027
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:32:19 GMT
location: https://mug.criteo.com/sid?cpp=RLQQ2nxYeTVFaXFSdXI4M1dnOXNCYTM3TFlScER6OEptTGJIZjVhYVVPWGtFUmxtbTFORkdKb3Yvd3NPblZoMkZoOVBoWmFsMWh2RVZkZk5GdmVwdXd3ejBjYWhtRlpYQk02TFNUMzltOGt1Z1VYZmFXKzh3bG9uY3E5MlZwRk9OWlpIOUtQRTFQSmlYZlBWNjNRT2xXeW9qZ0gyZUlkaFVId3NuQ3VkY3NtOHVhTjQ1a2FVTjdPaTVYcjQzY00wcHJodDlvbVErQWloLzYwU0RzTjJ1UXpBN0R2Sk9FeW9tVWpPaGdxWlR0UjJYdkZacnpSajAxVi85WFN6S3pDYlBoWUZVcElFTS9IRFhvcm10cXM1eXh2bVRNUT09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1491
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
626 B 38ms
11ms XHR
application/json 141.95.98.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/459830/hb_302826_14703.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.69 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216534.ip-141-95-98.eu

Software

Resource Hash

ce1e2eacc6780bf2af6938c18e86bc78d0ac1c4968e608da08dcc2ac88952b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.benefitspro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.benefitspro.com
date: Thu, 16 Jun 2022 14:32:19 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 41ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 16 Jun 2022 14:32:19 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 953
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET 01816cedcd31000e740472f004a503074003406c00b08
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: csm.fr.eu.criteo.net
URL: https://csm.fr.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~165

Domain: csm.fr.eu.criteo.net
URL: https://csm.fr.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~164

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: visitor-service-eu-central-1.tealiumiq.com
URL: https://visitor-service-eu-central-1.tealiumiq.com/alm/main/01816cedcd31000e740472f004a503074003406c00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1655389939445

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benefitspro.com/	1970-01-20 12:35:46	Name: sailthru_hid Value: d986988c4d1e3dce12e8d5b0f121aeb15ef5e325236d6455db266b8b57c7ce1e7cfc05a12c9bce899c2ef42c
.benefitspro.com/	1970-01-20 03:59:54	Name: sailthru_bid Value: 28013534.00056810
www.benefitspro.com/	1970-01-20 03:49:50	Name: NSC_wbsojti!5_ttm_10.0.254.204 Value: ffffffff0908e00445525d5f4f58455e445a4a423660
store.law.com/	1970-01-20 03:49:53	Name: regSID Value: 714e107d-9953-44a3-bdbb-9e061fbdec17
.law.com/	1970-01-20 03:50:33	Name: ipAddress Value: 71QjfsNKE5Uoow%3d%3d
.law.com/	1970-01-31 02:49:21	Name: UCID Value: ab56754f-68c2-4697-a9ce-8bc22cfbce11
store.law.com/	1970-01-20 03:50:33	Name: CSRFToken Value: 7rvtCP5EwcDDEc49EP73jrpajT3OHSkxUigezXQsfKw
.law.com/	1970-01-20 03:50:33	Name: ActiveDomains Value: pBFiNZNKRN518Ctp9A1S1wWAYig5
store.benefitspro.com/	1970-01-20 03:49:53	Name: regSID Value: 94cedd49-a13f-4eda-9d8e-f688018b9deb
.benefitspro.com/	1970-01-20 03:50:33	Name: ipAddress Value: 5lM%2facdRHpUipWMxs0c%3d
.benefitspro.com/	1970-01-31 02:49:21	Name: UCID Value: 7235248b-ae47-4b3e-ab08-03300b23c4dd
www.benefitspro.com/	1970-01-20 12:35:25	Name: ssoCompliant Value:
.benefitspro.com/	1969-12-31 23:59:59	Name: hbx_lt Value: none
www.benefitspro.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.adnxs.com/	1970-01-20 05:59:25	Name: uuid2 Value: 8419371128779113978
.benefitspro.com/	1970-01-20 03:49:51	Name: __cf_bm Value: mnawSfAIYuklW5Tz.LB29y2B39.5sHtgAuXCdq2lYuA-1655389934-0-AVwguUXujS61j5LG2HeQs8LTl1B0WZ/qZUlWYKiYOK18jrz/g2zKjzMV0w+0FNzF2dKiDdqWE6LLTjUK8JdMHObfkr7yueAoVHoRqhs/mvVdRq0H5ncxlnlg1Bqp2o+Rsg==
.demdex.net/	1970-01-20 08:09:01	Name: demdex Value: 14627321745694577022587182366785042243
www.benefitspro.com/	1970-01-20 03:51:16	Name: almGeoLoc2 Value: DE
.benefitspro.com/	1969-12-31 23:59:59	Name: AMCVS_96C4370453295E4C0A490D44%40AdobeOrg Value: 1
.tealiumiq.com/	1970-01-20 12:35:25	Name: TAPID Value: alm/main>01816cedcd31000e740472f004a503074003406c00b08\|
.benefitspro.com/	1970-01-20 12:35:25	Name: utag_main Value: v_id:01816cedcd31000e740472f004a503074003406c00b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1655391732849$ses_id:1655389932849%3Bexp-session$vapi_domain:benefitspro.com$dcsyncran:1%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$_prevpage:bpro%3Ahome%3Bexp-1655393533210$dc_region:eu-central-1%3Bexp-session
.benefitspro.com/	1970-01-20 13:18:37	Name: _cb Value: Cbl5maC4WDE5EaeRX
.benefitspro.com/	1970-01-20 13:18:37	Name: _chartbeat2 Value: .1655389933459.1655389933459.1.H78ayDqT_5eD6BT30DwprO-Iy4E9.1
.benefitspro.com/	1970-01-20 03:49:51	Name: _cb_svref Value: null
.everesttech.net/	1970-01-20 12:35:25	Name: everest_g_v2 Value: g_surferid~Yqs_7gAAAGjV2ANe
.benefitspro.com/	1970-01-20 03:49:51	Name: s_pers Value: %20qpv_v40%3Dbpro%253Ahome%7C1655391733497%3B
.benefitspro.com/	1969-12-31 23:59:59	Name: s_cc Value: true
www.benefitspro.com/	1970-01-20 04:33:01	Name: _pbjs_userid_consent_data Value: 3524755945110770
.benefitspro.com/	1970-01-20 12:35:25	Name: _pubcid Value: 8bce39d6-42f7-446c-b73c-061fa5f266fb
.doubleclick.net/	1970-01-20 13:11:25	Name: IDE Value: AHWqTUkMuaMq653OC56QlpQ2T7OVbtDZinAPn1_4bV9xwc-nytOVM3m-h6JlBtNokkw
.dpmsrv.com/	1970-04-11 04:16:29	Name: dpm_pxl Value: 6a8de40d422b3463a341f9d1ef0d1b02ea8c697b
.dpmsrv.com/	1970-04-11 04:16:29	Name: dpm_pxl_aid Value: 8419371128779113978
.dpm.demdex.net/	1970-01-20 08:09:01	Name: dpm Value: 14627321745694577022587182366785042243
prebid.a-mo.net/	1970-01-20 12:35:25	Name: __amc Value: 1_1655389935_1655389935
.tealiumiq.com/	1970-01-20 08:11:54	Name: tcs.google_gid Value: eyJhbG0vbWFpbiI6IkNBRVNFRDlGQjd0MVFwU3ZxM3VGSXc2R3oxUXwxNjU1Mzg5OTM1MTA3In0=
.tealiumiq.com/	1970-01-20 08:11:54	Name: tcs.google_cver Value: eyJhbG0vbWFpbiI6IjF8MTY1NTM4OTkzNTEwNyJ9
.benefitspro.com/	1970-01-20 05:59:25	Name: _gcl_au Value: 1.1.1509946227.1655389934
www.benefitspro.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.benefitspro.com/	1970-01-20 21:22:28	Name: AMCV_96C4370453295E4C0A490D44%40AdobeOrg Value: -1303530583%7CMCIDTS%7C19160%7CMCMID%7C18769621776950411263289704335902275843%7CMCAAMLH-1655994733%7C6%7CMCAAMB-1655994733%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1655397133s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19167%7CvVersion%7C3.3.0
.benefitspro.com/	1970-01-20 13:11:25	Name: __gads Value: ID=9b0be3fc1c1833f0:T=1655389935:S=ALNI_MYq6ETbAcNxqFCgQPATl-8NghhO9Q
.quantserve.com/	1970-01-20 13:20:04	Name: mc Value: 62ab3eef-32e9a-6251d-d3ada
.benefitspro.com/	1970-01-20 13:14:18	Name: __qca Value: P0-337096068-1655389933762
.adnxs.com/	1970-01-20 05:59:25	Name: icu Value: ChgI4axaEAoYASABKAEw7_2slQY4AUABSAEQ7_2slQYYAA..
.ad.gt/	1970-01-20 03:51:16	Name: au_idmatch Value: eyJhcG4iOiAxNjU1Mzg5OTM1NjAyLCAidHRkIjogMTY1NTM4OTkzNTYwMiwgInB1YiI6IDE2NTUzODk5MzU2MDIsICJhZHgiOiAxNjU1Mzg5OTM1NjAyLCAiZ29vIjogMTY1NTM4OTkzNTYwMiwgImltcHIiOiAxNjU1Mzg5OTM1NjAyLCAibWVkaWFtYXRoIjogMTY1NTM4OTkzNTYwMiwgIm9wZW54IjogMTY1NTM4OTkzNTYwMiwgInJ1YiI6IDE2NTUzODk5MzU2MDIsICJiZWVzIjogMTY1NTM4OTkzNTYwMiwgInNvbiI6IDE2NTUzODk5MzU2MDIsICJhZG8iOiAxNjU1Mzg5OTM1NjAyLCAic21hcnQiOiAxNjU1Mzg5OTM1NjAyLCAicHBudCI6IDE2NTUzODk5MzU2MDIsICJ1bnJ1bHkiOiAxNjU1Mzg5OTM1NjAyLCAidGFib29sYSI6IDE2NTUzODk5MzU2MDJ9
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_1d Value: AU1D-0100-001655389934-U4S65XKL-TTO8
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_apn Value: 1655389934296
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_ttd Value: 1655389934296
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_pub Value: 1655389934296
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_adx Value: 1655389934296
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_goo Value: 1655389934296
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_impr Value: 1655389934296
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_mediamath Value: 1655389934296
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_openx Value: 1655389934296
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_rub Value: 1655389934296
.benefitspro.com/	1970-01-20 12:35:25	Name: _au_last_seen_bees Value: 1655389934296
.360yield.com/	1970-01-20 05:59:25	Name: tuuid Value: 878bd6dc-6abb-4a3e-8df6-abcaa64ce5a7
.360yield.com/	1970-01-20 05:59:25	Name: tuuid_lu Value: 1655389935
.bidr.io/	1970-01-20 13:18:23	Name: bito Value: AASRqE7FVn4AABOT28LfVQ
.bidr.io/	1970-01-20 13:18:23	Name: bitoIsSecure Value: ok
.ad.gt/	1970-01-20 21:21:01	Name: last_seenadx Value: 1655389936160
.ad.gt/	1970-01-20 21:21:01	Name: au_id Value: AU1D-0100-001655389934-U4S65XKL-TTO8
.ad.gt/	1970-01-20 21:21:01	Name: first_seenadx Value: 1655389936160
.ad.gt/	1970-01-20 21:21:01	Name: last_seeng_hosted Value: 1655389936160
.ad.gt/	1970-01-20 21:21:01	Name: g_hosted Value:
.ad.gt/	1970-01-20 21:21:01	Name: last_seenadnxs Value: 1655389936161
.ad.gt/	1970-01-20 21:21:01	Name: first_seenadnxs Value: 1655389936161
.ad.gt/	1970-01-20 21:21:01	Name: last_seenimprove Value: 1655389936169
.ad.gt/	1970-01-20 21:21:01	Name: last_seenbeeswax Value: 1655389936184
.ad.gt/	1970-01-20 21:21:01	Name: last_seenhaloid Value: 1655389936386
.ad.gt/	1970-01-20 21:21:01	Name: first_seenhaloid Value: 1655389936386
.benefitspro.com/	1970-01-20 21:21:01	Name: _ga Value: GA1.2.470211526.1655389934
.benefitspro.com/	1970-01-20 03:51:16	Name: _gid Value: GA1.2.1888960329.1655389935
.mathtag.com/	1970-01-20 13:15:45	Name: uuid Value: 7a6162ab-3ef0-4d00-be90-eadfbc02fd77
.ad.gt/	1970-01-20 21:21:01	Name: last_seenmediamath Value: 1655389936858
.criteo.com/	1970-01-20 13:11:25	Name: uid Value: 0211edf1-6a46-43b9-af46-318618c0e27c
.benefitspro.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_ppvl%3Dbpro%25253Ahome%252C14%252C14%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B%20s_ppv%3Dbpro%25253Ahome%252C100%252C14%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B
.benefitspro.com/	1970-01-20 13:11:25	Name: cto_bundle Value: EsbjTV9TOWNFM2Zhc080QTZRcW93eSUyQjJ6eDBXTGZWZ2dPS0RWem9RRHlqMTNDUzRjR1JqcnlGMndSczF4JTJGMTNkU0t6UWpqeHJzTExxJTJCT0hXdFM4VjBENlAyZll4WiUyRnZ1T2tDJTJCYVVXRkVzNktUczdiTXNURmMyJTJCa0Q3YVA4VUlKc1RiS0EzWFVyTjBRSjBjbFJqWWk4ZWklMkJUQSUzRCUzRA
.benefitspro.com/	1970-01-20 13:11:25	Name: cto_bidid Value: oFNrhl9NOU81TFhRZ0pxNjRJY002aUdoQmR0YjEzeU16QVFJSVRIdiUyQjdiVmZ6dENzMENnd2lKb1dTSjViRFZOaXFNM2w2ZjA5TEZPcWx2Z09aM3RjVG9hcU5pTWxDNTBEU0VDRWdwYSUyQmtWQURqclJpQzlMJTJCeW8xRXJkOEVEN1JRTktMbQ
www.benefitspro.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 7.032

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=8419371128779113978 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://z.moatads.com/almdfp680616975594/moatad.js#moatClientLevel1=4481724681&moatClientLevel2=2255325031&moatClientLevel3=4594036698&moatClientLevel4=138226581719&moatClientSlicer1=21664827602&moatClientSlicer2=21683638891&zMoatMData=1&zMoatMSafety=safe&zMoatPS=footer&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatTopic=&refresh=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://z.moatads.com/almdfp680616975594/moatad.js#moatClientLevel1=4481724681&moatClientLevel2=2255325031&moatClientLevel3=4594036698&moatClientLevel4=138226581719&moatClientSlicer1=21664827602&moatClientSlicer2=21683638891&zMoatMData=1&zMoatMSafety=safe&zMoatPS=footer&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatTopic=&refresh=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://cdn.ampproject.org/rtv/012205270638000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js(Line 70) Message: Refused to load the script 'https://visitor-service-eu-central-1.tealiumiq.com/alm/main/01816cedcd31000e740472f004a503074003406c00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1655389939445' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js(Line 70) Message: Refused to load the script 'https://visitor-service-eu-central-1.tealiumiq.com/alm/main/01816cedcd31000e740472f004a503074003406c00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1655389939445' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js(Line 70) Message: Refused to load the script 'https://visitor-service-eu-central-1.tealiumiq.com/alm/main/01816cedcd31000e740472f004a503074003406c00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1655389939445' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.dpmsrv.com
ad.360yield.com
ad.doubleclick.net
ads.servenobid.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
alm.demdex.net
b.law.com
bcc781a88193ff3b593d54b5e2247a17.safeframe.googlesyndication.com
benefitspro.com
bidder.criteo.com
c2shb.pubgw.yahoo.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
collect.tealiumiq.com
colossusssp.com
csm.fr.eu.criteo.net
datacloud.tealiumiq.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
geoip.alm.com
ghb.adtelligent.com
ghb.hbmp.mediafuse.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.halo.ad.gt
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
images.benefitspro.com
imageserver.amlaw.com
linkmktg.benefitspro.com
match.adsrvr.org
match.prod.bidr.io
mb.moatads.com
ml314.com
mug.criteo.com
owlcarousel2.github.io
p.ad.gt
p.medocdn.com
p.typekit.net
pagead2.googlesyndication.com
pbjs.e-planning.net
ping.chartbeat.net
pixel.quantserve.com
pixels.ad.gt
player.adtelligent.com
player.hbmp.mediafuse.com
player.mediafuse.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
px.moatads.com
rtb.adxpremium.services
rules.quantcount.com
s.dpmsrv.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
store.benefitspro.com
store.law.com
sync.mathtag.com
tags.tiqcdn.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
use.typekit.net
users.api.jeeng.com
visitor-service-eu-central-1.tealiumiq.com
www.benefitspro.com
www.dianomi.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
csm.fr.eu.criteo.net
hbopenbid.pubmatic.com
visitor-service-eu-central-1.tealiumiq.com
www.googletagservices.com
103.229.206.240
104.18.23.230
104.75.88.194
104.92.100.195
141.95.98.69
142.250.181.226
142.250.186.162
142.250.186.38
143.204.89.4
147.75.85.234
148.251.121.152
15.236.176.210
178.250.0.165
178.250.2.146
18.156.195.47
18.185.194.205
18.200.133.16
18.203.55.223
185.184.8.90
185.239.173.210
185.239.174.234
185.64.190.80
192.226.82.212
192.226.85.63
213.19.147.42
216.58.212.162
2600:9000:2156:6e00:18:1fcd:351:7bc1
2600:9000:2156:9c00:6:44e3:f8c0:93a1
2600:9000:2156:e600:d:df45:5680:93a1
2606:4700:10::ac43:264e
2606:4700:4400::ac40:9199
2606:4700::6811:180e
2606:50c0:8001::153
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
3.226.166.212
3.87.151.192
34.107.148.139
34.111.234.236
34.248.32.199
34.249.212.46
34.98.64.218
35.244.174.68
35.83.6.89
35.85.185.37
37.252.173.215
37.252.173.22
44.232.1.224
44.238.81.176
45.133.44.3
45.133.44.4
46.249.52.248
52.12.72.198
52.223.40.198
52.49.126.217
52.50.27.121
52.57.207.136
54.146.191.54
54.229.131.207
69.173.144.165
69.192.161.152
8.2.111.126
00b5fa9efd5d03cb15c2e84f494f399e28a20a8745e3d4422f60b9c550087588
00b6166281bc5165f6f8aa0a890d0afd6b32d8eab9c48f9b15608046862e19c7
01e86ab675e57a17ea4c818e1cd381bed5505680f74ca112d7d8ef6f8c9dd9ce
020ac33349f2f62c26dafbb07f55383b2e8c677108b6fb09159ed6251122e369
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10
078073865f25860f0af82474826c57972fe0dd1a4921878981960fb4fc32d79d
084fb6c93a812ec77999e9ee16c4da0919acce85703aec6dd0e80f81a09aa114
09875ac8c9b4450a8b970b030cde9272a93912a1d43e911ac48878c0dd92e1b4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c2116195b8d9dec00fe04c49aa739ecd572fcc844fd9214c1f077c5ccb779af
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657
158160a099581837b94291a2b85e33b9af546039bbc7014e1af69356360f16b8
1680b634f03924d1acac42fa6e66a135bab27f067792d3a8ce6059e0df125c72
18a60d03f82b1f732c17b57bcb5017c2c6fa669c86efb6f58cd862fec28a2a6f
19f9af8f490af44a7589b426998a7a783298d87a4dd225bc5c5cfea5955e66d8
1ad53ba7c073cc7c7e6f2a684129bebbcf956a9a4c6a7aa9068f575f4c533386
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2066d3a8149312209ea5f292cca6501f4db0d190dd90008c978998a08d74d03a
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
27452ea7254e86c8c2bd57a3db78b27651760bccdd9bf3d0631ac7e95a75931d
297326d46648fbcdecc6b350abe705794c7c42f41244bcba93956e6c4fe1f735
2a7ca529d98aae572b78767dee84109d1a087a064a16b279618524ce0da65174
2acdbb947ad66791025b2662906e02e7e36bcc4990f311cb93b76d9b5c46eeed
2cd21f46907f72eeb2e8fc200c7d6869b5d73930b36287c04b61f2916933d5b4
2d0154b4f5718f73d5e30a02920a7294e714484f95c0d3b3ff63f40caf90b316
2d192c4ee2e44a7a8bf37c10896fac2c8ad41624f0c0f02afa356736b63af97f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef6d567cfb61bb6335094cb3b2a80477221daeb027ba0d82f91f2682925ef1b
2fa91997312504e155be84d71daadc58d56323a2365d3a2734dd80bab36eaa33
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
300908cbcb84903590648db1851fcb3c493af3aaab47d4109e0a9f8394e06fd7
30239cfdd32dd23d4bb40db0fad6d64a242a966f760cdb0376fdc59341c8559a
30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a
3290502d50db0472828738f97250f6090febf7d8edd0ae9aebc0a3ea047cafe9
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
356d314bfae636caf9a7b511b96e26935511f59cec41b5a06683f625300e2c97
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38a7d50f157a92976be1b7a4e88c7f62d4b53b4a2bc73ed6a3967dc185cbbdc6
39c4f56d88fe54e362db4062ec6a98391a5c08a62efa7566c5fd4ce22e61987e
3caa1916d477601c9afaa43cb0adde0465d49fa977d86db52e2bd8d55c534687
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
498959ae9bccdb60b1ead47857b081bba819b7caf436eb7f1ebb97cad50896b0
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d654bb7b9ce5c11eb5e9c1908cafdfa34e6be14e43789ca475757f04a8a5075
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f937e79e52c45a2a5d40365e93940165a0e327e14a913e9817db3efe2d9d844
5015d878e981802158adacba561e8ff4d0ece02e4d91af29ce4577d3044dcdc6
503af589a4c7d0ac4126d796333287de4f0b708898800d68e42b5a55aa47f556
51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
534d6bf639fecbb6e078a4dc09c4b37a1f1cc0e35f583bf2d19f997380bec55b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560d647f22256a63ba771e68506e3a7ff2e5fafb07009d59ed4bcc9bb0e17978
57c72c9c1ccc770a7b4b9e8c57bd5d49b6df810d54476080359d4dd9d9076516
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc
5a02d8eef54e76a16a95b2325079d0f55222cecc927a60bac1de8e2a8c0257af
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a553da7ecb0174521c8c80f6b8d97a001481235b5a97cb0c270fc9ffe59a747
5ad101480624048c8b6ed0885553387334030a03cb36e1b9325bf16722927dbb
5cd2e6620d43956d043afda431f867890c0e2caad75d01c2638de7e380675f51
5e7b2240358444a2e12432d7209c2e3b4fb1fb4802f5abe8f29d61961f2e7d33
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335
637768d31c4e2b2354a0e277ef240c5e209776aef6ce88fc75d7a4d669332f35
63c54e1a7365643d41619441accc66105de41c9820a3a041cc115bf1b71a91d0
64a3d23d252e87ba0ee7b571e745f729f35d577084dbed597c6f0ce36b5b7faa
659982ff5dc4222a830703646062215bbd21a2fb13e4cc2833461e7718ce2565
67d6c585132a04d55f23c0596ee1d7a0fc212c205a232e4ca20d3c85044402a8
690a114ee6b71aed7e26d11a6e71c9e7b1c8ac6628cc33aca855bf5dc5b90afe
6a52a1cc0b6b42aded151ce6db1e91860b0002d90426d53fd51c214a9224a3e9
6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787
6c04b74194334a2b9f47924af8b8b1dd094cb79374c7f12fea896c8356691586
6c75ebcd6566bbe66149b7403c0a69d0d90d1232d020c576e9d5d9c8b1097787
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
71ab148cfc90acf719758d5afa6afe0e131647522a2516616e494b7469235752
7304ffa3b0738845d440211edc744119c32a600479ff85d165b44f2a782618d9
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9
78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c
7acec7600d692a1b202e17046e105c5542974637183ade908589d70a8ff81419
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d07e8a81e67c0fa6399678409e4c4c5c2ca450f0ed95de9fde52226accf485e
7f9f1cdec875195b270d34aeec64217e8ed444e8fdee833e3b71cfd28296805d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8086375f1fd287c35edf85c7eebbf51b1ee0702d3fc104e58f374ef39204564e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
815767dfc57a4a2e55b41de05e8da9d8cd3cc80fc39ecf244ce99ef392c3165a
83199ab0d2c5a0b0aa786e88ee10c25fcf272c6a083734778b0e9fc6bf3b0802
86e0ca780cb01f31ebbcf46b4a0dafb1546c241456d238b34a0445b1dd413748
8804bf9193bccd983755bd7d4cc995fd4185bac1272ab5a0714adf0df6c515ef
881fbd3f6f6cfa6d5e05973a5536ab06bd52751b64ac2b023aeecc94da2baa35
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
8ba2560bc4185ed0f243270ab9979b5c3f35af3768fefc4f3ef5b088fb82e0e4
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0da1e78a7fed160bfae8011d028a56315493222429df7c3413a62f6a99c80
8dc201efc8abf2aefcb9fcd0b6643901dea7f0e2d36d7782792444a98d5ba5d8
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e9971e6cf33eb3ae9da6caacebedea9df7332020441f41ebff53a1194b9f317
8eec82bb19ba6f80a4de28f23d393bb8a3b67217b58d5f9e154e7be4c507e716
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
936e9fd29f146f4940c28ce1d29003f4952e469ad3d35fa3d79db7cc79ebcd4d
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
94a4ac0a4cb46b1cf7eb80b06b737c4176fd4da78b83c76353e283591b7dd915
999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293
9b0686ddd1eb56350bef75de300786b66356d96eb86f64db1c51d429b8c39f4d
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
9b93be04d932e5606dc6726c1ad6a7fb3f59f0bcaa0cbb03c60cda0d428c5f8f
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c7b953d87c3e7ab3e08bd6a6630ecf056eaed4ddb01782015e4bebda4169c14
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0dca3317d342060662e95ca7543b970ecd13337d4f7331a378fc1bdd2c52dbd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2544b35317df6156ed8dd3cec802785526182131888e0b2274667c4aef1dd4c
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acfc56af11023640161a7fa7c0932bb736f482736b38cb1e5adf7ca835b809b5
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adf244fc1d90fe317911574ad24d421e615d33b544b9cbbef89d220ef7c40d98
ae9c8168896feda69f5d26ce8b25e4e9be96b61050ad29ccadebe00ef76ad540
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6
b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0
b51da656c07305988913bec9c9cb7829d1e13384bd98d8a3772da61bda84e65a
b58498fbd6e9cffbde590996c130234db3de2da2afce4aa6ee70f588c2dd7f88
b69810b05811735260bb9d32ae84fe5d0dfd66c74ee896f2cd7f3a13a31430d0
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6
b81b496425cdbd2f2277d81e65f81edfe2cd36d8d2a992d2217ff4e2eb6d80de
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bc0886e86c3f072e0dd5009be9a6ceeea9065cdf8e3d2d0ae3249d1193776235
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
bd72c466a8054b168c3db8d75856327d8f12ba2a0c0bbe7cbf2502e1349d6e24
bf19fbbacb95e0e006f112a3454d5c581552eaf6e9c6761a67417af908c37a13
c1a1c3b556718b54be37293e2dad46046da21987cbe3b967b3f6b6b2c1240806
c2c9ef63832b28847e0eede2839afb230f5efc15d2dfd85728ec0e865c0fe60e
c2ecb28bf49c74ac24cf79ee55be2431dbe66e115bd490388039fa3b65d7d659
c4cb91f9eaefa2a91d3ed40c75425821a4a0b5720fa0d776acdfcd307a19a882
c5cf38e1ac2de4a020f29c4803eb86fdc6184ca4a5583011002e8a344334e750
c75b2dbe5a90490ae6efeb3685d8b7e95cad06e3e844adb2695c5a5224451d26
c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6
c96aedcd7020f8b072dd068a8ac50c20ca41cf9094b1b88f45f341f7bc6fbe6d
cb86a904c28a91ecf83cb07bd5a3d79cc6bb4a28bf04e73ebc9e404a95fcbe30
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41
ce1e2eacc6780bf2af6938c18e86bc78d0ac1c4968e608da08dcc2ac88952b04
cf123b4d7a9a20f1cd0a1e41dd39841845abb4350e5d466adb592f4bdf5b9be3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e
d201bb3b6a9b5c4572b54ff8cd188b8e77374e1694fead0bccd6606ffa147b2d
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d5b16693c724c1642da52fde31483195cd190593257acc5b7385f693305313d3
d5e4dab6077a39adc70c1115e1a61d7fec27412610e81fcaf00d79fb37bef183
d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda
d6b59f504da5545dd5c6b6d767e3179d05249485a4908713ece9bb16032f263c
d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f
d9fe43c3aa129c2b7882ccff81676e4101f6fbb54e92fe4eab6ba3a71d640766
db09b9eabe9fb2b201e8ec0b2a1d0f25ef244dbfcf605e5c859810381dccb6e8
dcba15e5523be76d54eb66e628b33b5351457b7bc677178f6c2c091c78a77636
dd3f361a7e81e57f07066254b0f3ca4ac59a716926c6b3a4189da5c6c1317698
de2c401a0c71eab889a4174da5c9bea3a0b5340fc77cafc145868248b9462e17
df1926dff219967bc22826093aa70b15264deb80d377ede6bb47323833bfb465
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e2568ef677361ce95ba1bb13f22a0102d8422a8f600ab8b79bfadb9d8497584b
e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e4f2361d88da42b9bf37a0155cf6bae4389dbfb64b5887373381ee16f13836
e8b8b7f5858bffc97b6f59764535e43bc2b455ac78c17d89c83b3c6b72da04d1
e976915db77ba345a931c541cf718c076d62d06024494b29a21316932e858843
ecc141739fd701c467a58e21c86bb285b78d08fecea60dfecafc8ebde8dd1230
ee1fa9004d8dc85bcccb5d7607ae96aac04db466962f8e61f17bb10e9be5ce07
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23f95f5da131d4e3ea5996f67d6d5944f348964b023e6f256a9c2bb61663357
f2d6df0c20409fd2d91acd411396e5976d21905f12d1a580e9f55f092022f325
f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768
f435f25c36db0390acfab9b595abfd08c29936dc7a1b5577632a4a3f4e17a46e
f4ee745ddb73cf079c293a6aea2eac0fa10b70a47ccebc704d8aacaacc9bf8b0
f67e6ff56a1ff2d14894adb56e623d340a79755189f5cff4fc7fbb7dba08d202
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82e15fdbadb6dc7d6e03118beba7d22a955bf05cd5fe8731c79c19d733549ac
f8b180f976834bc2372d7d14edb910e3c50c2a0bbdbd56a31900e7f88a7d7684
fa0f3c52dfbf6bb39221a011f2b3dc6b17f14e9f2626d14c8d46a5d276300a1f
fc76428cad5c36631113a653d30ef85dbcfe672934b13630f4fdd2c1f1403f58
fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf

www.benefitspro.com Open in urlscan Pro 2606:4700:4400::ac40:9199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

330 Requests

93 %HTTPS

31 %IPv6

57 Domains

91 Subdomains

72 IPs

8 Countries

7939 kBTransfer

11683 kBSize

79 Cookies

6 Outgoing links

Page URL History

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.benefitspro.com Open in urlscan Pro
2606:4700:4400::ac40:9199 Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

93 %
HTTPS

31 %
IPv6

57
Domains

91
Subdomains

72
IPs

8
Countries

7939 kB
Transfer

11683 kB
Size

79
Cookies

330 HTTP transactions
6 data transactions