Submitted URL: https://www.bpmmagazine.com/
Effective URL: https://www.benefitsandpensionsmonitor.com/
Submission: On September 06 via api from CA — Scanned from CA

Summary

This website contacted 25 IPs in 2 countries across 24 domains to perform 105 HTTP transactions. The main IP is 104.26.15.213, located in and belongs to CLOUDFLARENET, US. The main domain is www.benefitsandpensionsmonitor.com.
TLS certificate: Issued by GTS CA 1P5 on August 17th 2023. Valid for: 3 months.
This is the only time www.benefitsandpensionsmonitor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.215.24 13335 (CLOUDFLAR...)
1 9 104.26.15.213 13335 (CLOUDFLAR...)
1 172.253.115.95 15169 (GOOGLE)
3 172.64.103.11 13335 (CLOUDFLAR...)
12 104.26.9.198 13335 (CLOUDFLAR...)
1 17 142.251.16.157 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 35.190.50.98 15169 (GOOGLE)
2 172.253.122.97 15169 (GOOGLE)
4 142.251.16.94 15169 (GOOGLE)
1 13.107.253.40 8075 (MICROSOFT...)
1 142.250.31.155 15169 (GOOGLE)
7 172.67.73.236 13335 (CLOUDFLAR...)
3 11 34.111.234.236 396982 (GOOGLE-CL...)
1 52.22.242.75 14618 (AMAZON-AES)
1 142.251.16.113 15169 (GOOGLE)
1 142.251.16.132 15169 (GOOGLE)
1 2 50.17.27.28 14618 (AMAZON-AES)
2 2 35.190.60.146 15169 (GOOGLE)
2 2 3.33.220.150 16509 (AMAZON-02)
2 2 3.212.173.20 14618 (AMAZON-AES)
2 3 34.231.251.31 14618 (AMAZON-AES)
2 142.251.163.147 15169 (GOOGLE)
1 172.253.63.94 15169 (GOOGLE)
16 172.253.63.132 15169 (GOOGLE)
12 172.253.62.157 15169 (GOOGLE)
1 52.218.249.224 16509 (AMAZON-02)
2 52.179.73.41 8075 (MICROSOFT...)
105 25
Apex Domain
Subdomains
Transfer
23 googlesyndication.com
c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
623 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
185 KB
12 ml314.com
ml314.com — Cisco Umbrella Rank: 2152
in.ml314.com — Cisco Umbrella Rank: 11766
13 KB
12 keymedia.com
cdn-res.keymedia.com — Cisco Umbrella Rank: 258022
62 KB
9 benefitsandpensionsmonitor.com
www.benefitsandpensionsmonitor.com
42 KB
7 lytics.io
c.lytics.io — Cisco Umbrella Rank: 11144
67 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
340 KB
4 gstatic.com
fonts.gstatic.com
88 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1178
2 KB
3 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1729
eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 9378
45 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1204
169 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 957
583 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
692 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 447
833 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 234
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
147 KB
2 sajari.com
cdn.sajari.com — Cisco Umbrella Rank: 76156
248 KB
1 amazonaws.com
s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 2420
59 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 8913
455 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
258 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
1 KB
1 bpmmagazine.com
www.bpmmagazine.com
427 B
105 24
Domain Requested by
17 securepubads.g.doubleclick.net 1 redirects www.benefitsandpensionsmonitor.com
securepubads.g.doubleclick.net
js.monitor.azure.com
www.googletagservices.com
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.benefitsandpensionsmonitor.com
tpc.googlesyndication.com
12 cdn-res.keymedia.com www.benefitsandpensionsmonitor.com
11 ml314.com 3 redirects www.benefitsandpensionsmonitor.com
ml314.com
9 www.benefitsandpensionsmonitor.com 1 redirects www.benefitsandpensionsmonitor.com
7 c.lytics.io www.benefitsandpensionsmonitor.com
c.lytics.io
6 pagead2.googlesyndication.com js.monitor.azure.com
www.googletagservices.com
tpc.googlesyndication.com
6 www.googletagservices.com securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 ps.eyeota.net 2 redirects www.benefitsandpensionsmonitor.com
3 use.fontawesome.com www.benefitsandpensionsmonitor.com
use.fontawesome.com
2 eastus-8.in.applicationinsights.azure.com js.monitor.azure.com
2 www.google.com www.benefitsandpensionsmonitor.com
tpc.googlesyndication.com
2 sync.crwdcntrl.net 2 redirects
2 match.adsrvr.org 2 redirects
2 idsync.rlcdn.com 2 redirects
2 dpm.demdex.net 1 redirects www.benefitsandpensionsmonitor.com
2 www.googletagmanager.com www.benefitsandpensionsmonitor.com
www.googletagmanager.com
2 cdn.sajari.com www.benefitsandpensionsmonitor.com
cdn.sajari.com
1 s3.us-west-2.amazonaws.com c.lytics.io
1 www.google.ca www.benefitsandpensionsmonitor.com
1 c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.google-analytics.com www.googletagmanager.com
1 in.ml314.com ml314.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 js.monitor.azure.com www.benefitsandpensionsmonitor.com
1 cdnjs.cloudflare.com www.benefitsandpensionsmonitor.com
1 fonts.googleapis.com www.benefitsandpensionsmonitor.com
1 www.bpmmagazine.com 1 redirects
105 29
Subject Issuer Validity Valid
benefitsandpensionsmonitor.com
GTS CA 1P5
2023-08-17 -
2023-11-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
use.fontawesome.com
GTS CA 1P5
2023-09-01 -
2023-11-30
3 months crt.sh
keymedia.com
Cloudflare Inc ECC CA-3
2023-03-19 -
2024-03-18
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
cdn.sajari.com
GTS CA 1D4
2023-08-30 -
2023-11-28
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06
2023-06-21 -
2024-06-15
a year crt.sh
ml314.com
GTS CA 1D4
2023-08-05 -
2023-11-03
3 months crt.sh
*.ml314.com
Amazon RSA 2048 M02
2023-02-27 -
2023-12-14
10 months crt.sh
www.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.google.ca
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01
2023-04-11 -
2023-12-28
9 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 07
2023-09-05 -
2024-08-30
a year crt.sh

This page contains 12 frames:

Primary Page: https://www.benefitsandpensionsmonitor.com/
Frame ID: 57F06B25ADB015199A2BA545B64D5485
Requests: 60 HTTP requests in this frame

Frame: https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Frame ID: 82897E4D404E51EF8E73EEA1258626B8
Requests: 2 HTTP requests in this frame

Frame: https://c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B64C2EED029E75E1F599944934D9BDD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMMwAQY02uJDVy344tYVzMBMg2NbdYbGrOe_kCaoE5SVzOHhelEBPWjqMgMSrgxjcY-UOmL7uzLAxin-GoisxegBxStnipaXAPW30No5IYoPO9779dMO0OI6cWPmW_sDbJGzgYqbb3zXhWuCW9U1Qbm8OHZzrQZZ-G0Ia6TLH5Bfi2esRg1-4JB6fh4yqYK0GffRDYDBWNVqys4EcrYDuGZ5UanVQHphXhYiSNVKzEfEeQ2PuRsaIj0tvbY21Nuo1xvzWfHc63gUhI5wB6ft8H3JuGWD5avaFZUU_ZpZ-N1Mfla8YwWH6iMQBZh1A1nUYccCgAqr2TLsdd1bnqT0MXJ0ZlZwThUH5LOKgnhS8E-diCY6KNyeSevcg9NHSrshUWlESq7bjIfQ1v0DNqF6MhB-o&sai=AMfl-YTTI4lF3BYj4dPlWLXPj-eEVxy4gqSNhiWzmZbGEVLQ4SmJDOyJe96cCHbTLJRH5CYlBq4HuZAxfw3sRXiYcc4s3pmaw9tbM8gNPqLg6jVIlD6Q3OP0w_0UR0cltGMfR18iMQSxuAD_1STARZMD&sig=Cg0ArKJSzNzQLwFOb-pYEAE&uach_m=[UACH]&adurl=
Frame ID: A8E5D4376941047036FB62E7F05AE4A1
Requests: 7 HTTP requests in this frame

Frame: https://ml314.com/utsync.ashx?eid=89860&et=0&dc=BPMW_BMO_Global_Asset_Management_inc&cb=1355721217
Frame ID: 3AACF277790E8D94146692D3C6BAFCED
Requests: 8 HTTP requests in this frame

Frame: https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=805016255
Frame ID: 36E882A5630381518F4A3C27547F655B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYggXBUT7eiPhDEKWm6cYj75z8WWfpL2g8CDcdWDrTFqjjeMAYP5jCCVF2i1WObn4PGRUyt3nBTQQLJPn_7f0M_IVxr8ecNud8QfEKi0z_Xc7BnqRcfrtTMSx0qIBbu9hTAe9xpyxTIg3Pg-9y8H9jK80PObgdC6TrmvgKH8aezWrMhlj1pl-1eSWiglxmRm-9vU40lUrIXxjDgERxwAO1ZPxE1BmMFhH04TsfUtpanx2XtnzU0sOPchscOllr-mnbjKQzhh0a2ncJNyIP590jrOHyGP8se6wJloHdf7qFQZQLccWAc5xWL0wb6hCf2pFAYONmEd96-4_QUOcVhquoYE1G-m3XxiFjs_o&sai=AMfl-YRj4CnZrSfRdfUf4GmTnZvjAwAGbElQnduW3Hsqo1emF6Vw1ZaTTXGMtIXC6U7MYixX9BeAEvrmkb4C6t_ScWbMpbz-vBOv9OieTTUs8bUwIDJAymx2uy113eRtttz1jQeVjISky0kyaCqUd0-j&sig=Cg0ArKJSzKvrkpEseLnTEAE&uach_m=[UACH]&adurl=
Frame ID: E3409A69B7F161952D837909EADF070F
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFkojfSNWlEyNBBvO_HjfuUuNA8IEW3Hqt3NUYiBXoASON4STv3BFqPN8bXSVO4kYEO7KYYk8WCVO_ca0v71HlRmUVAJ4wvVBApwk0F0zrazYOVnFA9UsJ-Kek6W79VH7lNW_xsCHC84tUMYpNm0Y6_NDU5wuc3G37I0F5xi7krKZa1HTW5fyxm5a3K7Bt9IX_GFX8TGT3TqUn7x7zCPv6HMCEIDKjtYbGnjnAxBW8359WfHAQVD-PKIROgC-p_m2GQYFiIKo3AtQKUwQv62oYhOysKBIl49Do4OCtDMb8nL5sPQ40dYSmj5cQd8CE_hanyJsZyVfb5Rcapjyvk3V5Ij0dSGO5q9D9FI0&sai=AMfl-YRRyGjJEyNgsm7owwuvGR1uThfiblPsJtY92u9pIBNPAlIpMJ58g7iBJc2dSnEZTtepkENZz4dXy0XXKVitYsYnnacdeqyjc6Mw7UliA97nLXphagBGkjp0Pk_azCQy9Vmgf4sX76Aq1EDcb9UQ&sig=Cg0ArKJSzAaPaEB2BYK5EAE&uach_m=[UACH]&adurl=
Frame ID: D185610503A56BB8A8B7C303EE281AA1
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVBpXVsJHeD6fi9yKIcPf9GElsY5A9qLOvHs3uVplQIUSVQR8xkzvGZU9Qwzhx8vK3jfjuRpX6S2H-NSWabxAFoTQRfGnU8P4_ASGC3hA-Fbhd7UjaqeRvYmb8Lz4cd6c-vLRvw9EzHMnj6RDhOCTg8Dvy7mMjR3P0Q_jdweTKjVchiazqtGYAOc7w022FUW1Ps-4FRjdAvXnDMt0lNjPlLoAeiAlztFOKNTrTSuLvMejFsmgGmIeWdeQbdKw9tvMIcx1DkGw7P3iDaP2ADnmhkAJTIPf2wWT1KDKKRPvmoIt_ik4wDXBFn-h_vhEnbbGq6cEVQsNZ6YwWEioe5h0okJSpWp4uqpVas18&sai=AMfl-YTABKn2iUEkR9DnQlYvVgyyqP4TeFakbCfshi7im1XuOr4IDcMdIf2XDduEwURoHYcBHtWR1l8JoAVzdLDA5EQp6B9vviKEy991Sz0s-8h-6llYrBe4r-4G9Zya0lvHldY3weGxWr_IniFqg7lq&sig=Cg0ArKJSzKiNsZcrC6QsEAE&uach_m=[UACH]&adurl=
Frame ID: 451E14E4514A071D0FAD4E3E903C004D
Requests: 6 HTTP requests in this frame

Frame: https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=1677201037
Frame ID: 39812396796FAC2F93E9EB7CDD9D387F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57A05A454C5287B56ED3CD8415442E30
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F92D5C2E2A406B570D046B47184301C
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Benefits and Pensions Monitor

Page URL History Show full URLs

  1. https://www.bpmmagazine.com/ HTTP 301
    https://www.benefitsandpensionsmonitor.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Page Statistics

105
Requests

93 %
HTTPS

0 %
IPv6

24
Domains

29
Subdomains

25
IPs

2
Countries

2098 kB
Transfer

4879 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.bpmmagazine.com/ HTTP 301
    https://www.benefitsandpensionsmonitor.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Request Chain 44
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3638329944546738185&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638329944546738185&redir=
Request Chain 45
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3638329944546738185 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzODMyOTk0NDU0NjczODE4NRAAGg0I7dPhpwYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=b2a48fd0c21801c82d0b1617c053ecedecd120d12306692052d92f64b8c01b94f4cb09cee1a4f8eb&person_id=3638329944546738185&eid=50082
Request Chain 46
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=50e58a3f-1878-4992-aed7-3e6303b2976b&gdpr=0&gdpr_consent= HTTP 302
  • https://ml314.com/csync.ashx?fp=50e58a3f-1878-4992-aed7-3e6303b2976b&person_id=3638329944546738185&eid=53819
Request Chain 47
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638329944546738185 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638329944546738185 HTTP 302
  • https://ml314.com/csync.ashx?fp=da19cc73a9f80eb4d57f672174a7237d&eid=50146&person_id=3638329944546738185
Request Chain 48
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2Ub4a92uCKyWpPK1tncN_V-EnjDFvWVFyzY6ES80DRtk&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ml314.com/csync.ashx?fp=2Ub4a92uCKyWpPK1tncN_V-EnjDFvWVFyzY6ES80DRtk&person_id=3638329944546738185&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Request Chain 87
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdb9Uar1APYd2cPDSsehyuCbwrpNqycVnSIHq91TMfpalB0RdaCM4ERDYw--5a575jONutUtKZyGiSB0RxusJ-SnAFkCBC6vNjzX7WzPNSpxu9TTlQZLgXMN-wDT8dNA-mM2OvTAU3qsDv-jYL5i-ppyELvopn8hRMF5GL2GqiaX1B5e_h35P7fUIx3smhdkT3HL0BYTjDWnSkjhWvxnVd9DJ8sCbFbZY9KiUZjLWi2dxqe8bZDbTwFwYvtdIWGkrORGt5rB3NBZEVoUgo8lEn8wm19Ge376j5YOKgIeDCWIQNQP0Db2Ju5QMLRovdjnvcq1iLh64lAHMgta12g8kEQnF8gpeLoFy22TKypTaX8ogIlTU&sai=AMfl-YQl8RfBZmtCtlhtPvJqHHPLU-b_uI5v7rJabk-1vfrgjakka3JlCvpkxGDrB7wuhbjqaFOcRznpDsVkuh1Cbnm1KDftpPRzX1Aaa1UhpWexjVpnhuP1Pr_2IFcfXFaoY8rq71RlMRGyRy_fpHzG&sig=Cg0ArKJSzIa-PlitJBTVEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/938868486417794075? HTTP 302
  • https://tpc.googlesyndication.com/simgad/938868486417794075

105 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.benefitsandpensionsmonitor.com/
Redirect Chain
  • https://www.bpmmagazine.com/
  • https://www.benefitsandpensionsmonitor.com/
72 KB
13 KB
Document
General
Full URL
https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
585e747e0701153996b912f68aaa3b61cac294ecd4a8f2628b7ce5c5a370aa4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
80268d9feb5e842b-YVR
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 06 Sep 2023 12:00:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3FCB8n6hdCqvVHVcTSUDjWsMZj37D0Pkk6WmO7UXLu4S3jk0Ml8uhk0uySuNjFI%2BE%2B2fNYpToxQSyHWAIC0u5xPti0TgHIBf4bOAsU1WLtqv8jK%2FSV%2FWW8m6l3sCBNvMgfARK3VZWTU%2BrzMUduw5sbeFR0%3D"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

cache-control
max-age=3600
cf-ray
80268d9e6e1b2d72-YVR
date
Wed, 06 Sep 2023 12:00:43 GMT
expires
Wed, 06 Sep 2023 13:00:43 GMT
location
https://www.benefitsandpensionsmonitor.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gsjyr2dG7FWOFbHSsHyQwIbSfILWWVs40L0TGLo02skrdTMszRXIL9oCRFJfWuXPb3JrM8gCm0P4%2BOr6BySg2nosN%2BHXt8NFmpU269sR%2BRB42ymliBddUbW5By4fil0lm6yjV7wr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
22f7d96cec1bb8460edaad31832a5a5eb464d5fea528118c7ac2de337dafc2e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Sep 2023 12:00:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Sep 2023 12:00:44 GMT
all.css
use.fontawesome.com/releases/v5.15.1/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TWJPBM90KTFVNX2H
age
73822
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yc/FVSiIqsaSEs2XQh3nuziJQoMmaReG6tGh2fAaP3aoJexNm2VOIg7L/UhuoaEviZ23Q7ly52o=
last-modified
Wed, 30 Jun 2021 15:40:30 GMT
server
cloudflare
etag
W/"b227b1617a1763c8bc056772f05482b4"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zA4zEbVPWuE7jHyE0htjfbqD1NnepbINEAfWIZHhnd0Cr%2BM3WDOiBJcFSs8AZK%2BA9oB9b6TFKM86DgC93xIYOBiflztSUSkmJW7SoLEFCk71%2BEgJWtrX1pzX1auXFFpMDuhi1dR%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
80268da42abd15d4-SJC
site.min.css
www.benefitsandpensionsmonitor.com/css/
118 KB
17 KB
Stylesheet
General
Full URL
https://www.benefitsandpensionsmonitor.com/css/site.min.css?v=4Uz-QjdTe9I_uZ19mVb33fA6hdUy1JsF8VK5U3G4NfQ
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
155d083e71e7ab6e2eb5da29b26f8913c992b80198db9664167bce6808af23b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 07:35:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
207
etag
W/"1d9d65d8a9cf716"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ls9%2BZ281WmzBb%2BZRi2FtEIiNYcjU9XtTJuJloK2nMrGhHr9AWk1Zq194HpZtcoY7rAld4J6NdG1tEdrE8I33A%2FPWF0v8osaTgDHT1zRyuLwU1ob3GqikrSmmN9NAWXnGNGFEJukoLBphRjjEcc07HhBZjag%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80268da2dc19842b-YVR
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
0405_638295214742556240.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=680,h=408,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
14 KB
15 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=680,h=408,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0405_638295214742556240.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d602532420938af2a411770f1a39123381a9ac669c4b0c43eeea5dccab76ae
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14601
cf-resized
internal=ok/h q=0 n=8+247 c=0+0 v=2023.8.1 l=14601
last-modified
Tue, 05 Sep 2023 14:37:54 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf7Yk4Rj_Idt28MZA98BbDlkyP6GsGMvav3JMDfRZKDQ:0x8DBAE1DB09E6AF8"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exWcXIO0Nidumm0Cb5Lk0VlQ9iHzCVrzlT63MjEDQabu6oI9jb0ELt1wNK7PAE95kkoSUhe82yRQT%2FcugCXmbPZNZMq7E8JMswNWJtAdvHH7aSn8Yg3ixFh%2B1SRPGRqa341f97PH"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da6aeb961f9-YVR
0321_638295213439339487.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
2 KB
3 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0321_638295213439339487.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3c92d38448399407f04004ea8b0ff7ac54b416f7456f2e5bb2a04d800d0e27b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2260
cf-resized
internal=ram/m q=0 n=0+0 c=1+45 v=2023.8.1 l=2260
last-modified
Tue, 05 Sep 2023 14:35:44 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfBM06A2maLRBAII8f7gleEgMohG1-gvlHNtrRRN6BDQ:0x8DBAE1D6309C583"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y12YbxVbMh%2FbVKi1nzZlKvO%2BfieJ3sy%2FpKo7A5Cq%2FrFt4wNDsRdnOv2U2ub6KuEA2XOCXuW9Yuyg35juS%2F%2F9qHFSB7zseGxyjDsarrG3xeJhfbhnbLdpJ4%2FzKUu0HxjceBsQpEuf"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da6aeba61f9-YVR
0405_638295211986099462.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
2 KB
3 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0405_638295211986099462.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53068c5816e04a1a43f4a68f816c36a3e71153c3885eeed61efc4ac454306d43
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2300
cf-resized
internal=ram/m q=0 n=0+0 c=2+66 v=2023.8.1 l=2300
last-modified
Tue, 05 Sep 2023 14:33:18 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfgaTddP4JgxKEtJEScjcAJi1AhG1-gvlHNtrRRN6BDQ:0x8DBAE1D0C5AC20D"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GggYUuqKreG04qMbWktoaZl3TNEQbezetUKVySleNZHoIvP13hvDq7V%2BNGFzwLxAwzm8GDVyFV%2FbdSr%2FeR2%2FC2uANDxf%2B8M920GE9wipBr%2Fby4gyN0EKfxlNunMWOkuEPOQXStSj"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da6aebb61f9-YVR
0270_638291732631163108.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/us/036/
2 KB
2 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/us/036/0270_638291732631163108.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b2bc91a3209441b556bdca6cb42dc2755a10662a51b5aea914a459d1d169ae
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2056
cf-resized
internal=ram/h q=0 n=0+0 c=1+52 v=2023.8.1 l=2056
last-modified
Fri, 01 Sep 2023 13:54:23 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfGOiWlYrC7Qt5VTrPBwhBhnJZhG1-gvlHNtrRRN6BDQ:0x8DBAAF2F296A06B"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUdOkh4mSoQ5od7m4TY%2FoahjXmGgSo1NSvR1uFsbSX5X3Rhgj04PFxPxUmsdELK86Yb11in46h%2F%2FGu7eVcw3ot2W2E3LP6JkLZLT%2FZlZzKxoCavYMZpmmsDRCmZasdxPvGFXj%2FF4"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da6aebc61f9-YVR
0416_638235740276059227.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
3 KB
3 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0416_638235740276059227.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc765890aaaca37c31fb572ff9db7356e17cb243265b78533e19d97f32752b42
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2681
cf-resized
internal=ok/r q=0 n=76+2 c=102+52 v=2023.7.3 l=2681
last-modified
Wed, 28 Jun 2023 18:33:47 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfbGQ7S9d-4NNTieJbD1cCmAyzN13a9_yJUG5aXFUODQ:0x8DB78063644B912"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSkMowkQxX%2Fi%2Bqtjapnvo0aOl8CNStlbbcUPmwCGO7R8vpMHchKJ8ePhYHVYK6IiEB6VUvN74W%2FYk1nl%2BK2AWzSRZhXOd%2F%2FIqZ4a04QtxgTEYWCkxixbu0%2Ft9gp3T4IpFGVHU%2BQn"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da6aebe61f9-YVR
0380_638243366583363374.png
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
4 KB
4 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0380_638243366583363374.png
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de5cd45cccf973d02676e44e13c0209769eb7d8cfce2fcf8139238ee982f47ab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3837
cf-resized
internal=ok/r q=0 n=33+122 c=0+0 v=2023.7.3 l=3837
last-modified
Fri, 07 Jul 2023 14:24:18 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfzzl8pXUI6fCaMemyI5mM5BwYN13a9_yJUG5aXFUODQ:0x8DB7EF5D98B11A1"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=di4AikOAtmG5L8Rt7gaOA3bz2Z9o1gj30DbocOypacGN6n6cFZxjVhBY7gi%2BlDjanICJ%2BTHmOczuIg5WHAozonsg1GJQ%2FPk6sp%2B72X62b99f8%2BWr9YndKBXDL9aUGyhTHlYdq843"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da6aebd61f9-YVR
0379_638259010816384828.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
8 KB
8 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0379_638259010816384828.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9139eb008a6920449b04b7f2d0f7a2695867ca922bb43436f48c2eb88a9f70
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7771
cf-resized
internal=ok/r q=0 n=97+163 c=0+0 v=2023.7.3 l=7771
last-modified
Tue, 25 Jul 2023 16:58:01 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfJ5JxOG8CxWV76FcRo0Yh04F3N13a9_yJUG5aXFUODQ:0x8DB8D304E90AAF4"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiYg%2F7%2FqyZA1KQhBR51yMlYfp3Hza%2BAzJd9S9qEpz%2F%2B5A6R3%2BXrQk%2FWqxOSvRvsBe1AtrRQYNYnSvzynDNMCvHqx%2BrfsAm1q5EdUswduZ1aryHXr6Iw4nuGojfXCh2YPudaEfIEX"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da6aeb861f9-YVR
gpt.js
securepubads.g.doubleclick.net/tag/js/
98 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
8d4a6f33753ec2e106e224956e81cc673fdb24c509b4810190b0581951539247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28998
x-xss-protection
0
server
cafe
etag
979 / 19606 / m202308310101 / config-hash: 15008231380658717738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:00:44 GMT
logo-white.svg
www.benefitsandpensionsmonitor.com/images/
4 KB
2 KB
Image
General
Full URL
https://www.benefitsandpensionsmonitor.com/images/logo-white.svg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
81b2a42fe9601870364f23ee6cfb94073cfdd6a03a70802a54bd242b88cce769

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 May 2023 09:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
208
etag
W/"1d9896843215d7b"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzxjcdttcxVibYGtW0ki9X%2FmTXPyy9Uj6OSPwrk5k%2FHH3nsnrYVIbSGkMo1SoiVG%2Bsux%2FoJ%2FJEnE6YKg08H8KPSpXzcKo49OmwDCr7EH0VcX3lijwIDH9UjfgdyMNYubB%2BMF8Sb3hcr7EEnkMRk58p6gp3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80268da5bce6842b-YVR
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.9.1/
18 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.9.1/underscore-min.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9209230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5831
last-modified
Mon, 04 May 2020 16:17:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04015-4695"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XU8kCPpgQjUv9H8eaqireW9iH9Dvmq%2FpqY0Re9xtlhMlvoBQOL%2FN6ag%2Bvr7ZLqYn6HmRkMUim25Zt5mpaYGv3qQ2XIJAC%2F52fSi5ASh2QeSmkqFoA3CbsNMGXkoQfuW9aluaRlHU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80268da61b3b2dbf-YVR
expires
Mon, 26 Aug 2024 12:00:44 GMT
site.min.js
www.benefitsandpensionsmonitor.com/js/
3 KB
2 KB
Script
General
Full URL
https://www.benefitsandpensionsmonitor.com/js/site.min.js?v=UT-jdT4iKaL5lsdmbYXMi0Z0AJP3g2jH9_ztRapS7xU
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
986234269574843718b280cee20a2027b06a5a4d4ed4a2109e4702c91980ee81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 May 2023 05:41:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
208
etag
W/"1d98ecb9eed5bcd"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFCXUJHS1KIb9JHIWMSDgSWZ5pG%2FL7p5Syjn87Pb2CIDClN27VkD3eI7dYo6WoJLFwth9OXtWX%2FeK06Qs97jVA%2BuGjKA4yH9JQkVuzJHprl22ZaoZwNFQqJJHPeuF5I3QMoiBFWHJARLGdvtAca%2FvhELw9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
80268da58cdd842b-YVR
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
loader.js
cdn.sajari.com/embed/1/
210 B
720 B
Script
General
Full URL
https://cdn.sajari.com/embed/1/loader.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.50.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.50.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aebf9956840a795c31489aa11afd8f9ae40e6b39805e04b6e43c9b57165dca8c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdtBi8KhHgmFtt9yfWhCy_zkWE20nU454LyYkylNHla6-Qyk_poeYwJh3J2msSW85oujNYZPBl_PUQmXk_xuxxKVlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179
last-modified
Wed, 30 Nov 2022 00:53:27 GMT
server
UploadServer
etag
"6195527ed4e9982e67129ecd537748f3"
vary
Accept-Encoding
x-goog-generation
1669769607635397
x-goog-hash
crc32c=gEY+DA==, md5=YZVSftTpmC5nEp7NU3dI8w==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-cache
x-goog-stored-content-length
179
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 05 Sep 2024 12:00:44 GMT
gtm.js
www.googletagmanager.com/
153 KB
58 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N54PC4S
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e697712ea46fc718f86b1f6cac883a81f5e15a0f5e8565117c8f974abeec2196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
59510
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 06 Sep 2023 12:00:44 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 20:02:36 GMT
x-content-type-options
nosniff
age
57488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20432
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:38:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 20:02:36 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/
78 KB
79 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer
https://use.fontawesome.com/releases/v5.15.1/css/all.css
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A0CWS69Y80QP66Z1
age
73821
alt-svc
h3=":443"; ma=86400
content-length
80300
x-amz-id-2
tvHJh9qkQT8xUQafoMSDqy1q964LYAf7eeJ9a5fA08fTJBg+/f6N/+lTC4psinoIrFfzIkndh2I=
last-modified
Wed, 30 Jun 2021 15:40:53 GMT
server
cloudflare
etag
"8e1ed89b6ccb8ce41faf5cb672677105"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTPIkpBW7uy9nCHC7GIFhnaEXR95StphD0cxy2mv2CHmZlhruObX%2FGvCIccnCh%2FtVq6O1UHIgUDKHW2ydn6qIXmft3CYIpeNK6fVEl2gMHkGck3KI%2Ft6fSl72tb538abwP%2BQzsvT"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80268da5dc7e15d4-SJC
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:45:59 GMT
x-content-type-options
nosniff
age
65685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27268
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 17:45:59 GMT
co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:00:04 GMT
x-content-type-options
nosniff
age
75640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21012
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 02:17:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 15:00:04 GMT
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 20:02:40 GMT
x-content-type-options
nosniff
age
57484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20200
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:28:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 20:02:40 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/
77 KB
77 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer
https://use.fontawesome.com/releases/v5.15.1/css/all.css
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DSP5GCFPH55SRZRB
alt-svc
h3=":443"; ma=86400
content-length
78460
x-amz-id-2
ALjpmE9OReG8jkmaIJyHkCAFYjt9V06soYXmZf5Ndwae8uKaiTN6G5i3eaqGQlkCWyVgXaZkzow=
last-modified
Wed, 30 Jun 2021 15:40:52 GMT
server
cloudflare
etag
"f075c50f89795e4cdb4d45b51f1a6800"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QKyu6xQmaO5vMWCPtPP0%2BXNVtkyXsu%2B1wIRSiOs2RpV04CtCrLiaY6loR%2BOBzicwUU6rs%2Bt0jHZJi2yUuqbkYrZApSAt5yLtOiWawwFzRzkGDR%2FMyfA%2FDQlVoWIhWhizAI%2FHg%2Be"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80268da5dc8015d4-SJC
0416_638240720879273421.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=160,h=223,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
10 KB
11 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=160,h=223,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0416_638240720879273421.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff5c482161de24d68eaddba9e083af6a0c933fbfe8a019e8cd9a84fbe5d4786
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
10405
cf-resized
internal=ok/m q=0 n=97+0 c=1+121 v=2023.7.3 l=10405
last-modified
Tue, 04 Jul 2023 12:54:48 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfsvK3j5R47uFlbyVdakADVPUFL57L2OJbxIRVSmh7DQ:0x8DB7C8DD9575643"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2VZqFSxb1lLt9b6FgYXznGE38hr8mwJrzU74IF1UuA4twDfe1ZIGgEsc6DrvQLCm9rHsRRXtCyK7cvQRJdjY5uT9si5nMP1skB7LOjgP7BKKIvWXR1glrQsH6TvAhdthgDpRHNh"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da74ee461f9-YVR
0405_638295216018014012.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
3 KB
4 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0405_638295216018014012.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32fb60eb9aa33c378b3f22656450ab566b63e51d2cf0b9b1d0d3caad7524e831
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3422
cf-resized
internal=ok/h q=0 n=12+0 c=1+60 v=2023.8.1 l=3422
last-modified
Tue, 05 Sep 2023 14:40:02 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfICyduJUVnDle8wRmwNv_kINChG1-gvlHNtrRRN6BDQ:0x8DBAE1DFCBD9650"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=622WSnJ9guXh%2FV6cHoVjFyd0paLUBL73%2BPzmAzI2fnwQMgrcmrT33BqGdxnxX0P7NvMovV3GKnjZ459ZjKJsWImn1cvxHucrK4MzL%2BAlxTs%2BBSmj93A%2Bi%2FTvwnvH7w5OCtKqNijq"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da74ee561f9-YVR
0405_638290914930727478.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
5 KB
5 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0405_638290914930727478.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db368eb2198fb7fabd18447ec5818684af2d37c2d278147e382dd9091908f49
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5196
cf-resized
internal=ok/h q=0 n=11+0 c=2+86 v=2023.8.1 l=5196
last-modified
Thu, 31 Aug 2023 15:11:33 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfCN8vWcOMA9xjs9ZxMAOwNuILhG1-gvlHNtrRRN6BDQ:0x8DBAA348FE2A73A"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQweoLvHVBcl86dIDr6l3UOqz7b64knofovNt8PlieyHkBSh4e8v43A34d7IyntKeqLE2u2PAeyncPqThFWPb70SO%2BRSGKJjSPdEj27Os22Xtrz1P6TH1zi%2F%2FzgKU5cVmuevsuiK"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da74ee661f9-YVR
0379_638271244057343798.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
2 KB
3 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0379_638271244057343798.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b11731cad9b522e095aa57c5323bc4e60bf5c5ec3ca537507708dc6e4c6596a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1914
cf-resized
internal=ok/m q=0 n=40+0 c=1+48 v=2023.7.3 l=1914
last-modified
Tue, 08 Aug 2023 20:46:45 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfPElnxiVqxn47evgqtZLtVHkJhG1-gvlHNtrRRN6BDQ:0x8DB98509481C9EE"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpDUc5RB2%2BRCH%2Br89qLFrCqeTkDDJW8eLt2qD5LLu1wnTVyWR74%2BfBnATnTXTH5hsZ0%2B22283170i2An%2BLn2omIpfLCOATSk288JjA0EqJpi182T5aMBiEpPKtPV%2FXhwar96%2FNfa"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da74ee761f9-YVR
0416_638236786968401602.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/
1 KB
2 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0416_638236786968401602.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785c1f4b0f336168b4c4a5a048fbdb936d8b0c2c2eac51aed8413c143c41ac37
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1264
cf-resized
internal=ok/r q=0 n=27+0 c=0+34 v=2023.7.3 l=1264
last-modified
Thu, 29 Jun 2023 23:38:16 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cftQ6sfjC9LN0_P980DIDgv5pihG1-gvlHNtrRRN6BDQ:0x8DB78F9E9ED5D9A"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKVOaxxDmDhqYHfLFf%2F0X%2ByUJE16iJA%2Bi%2BXAY%2FF5h4Sf32wi2lAeU1%2Fvw%2BHOnx5OhO9Lx4ap7GCg%2BuLaYmVWqAysjQGwu%2F3rgF%2FQiiottULvKZeU974seKNY1zqgzfI%2FFaW%2FZ00O"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268da74ee861f9-YVR
logo-gray.svg
www.benefitsandpensionsmonitor.com/images/
4 KB
2 KB
Image
General
Full URL
https://www.benefitsandpensionsmonitor.com/images/logo-gray.svg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b3672e8f53d4cd14250c0d76315fa94c7311da3ce7235696d1aa6fa39388dcb6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 May 2023 00:35:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
106
etag
W/"1d98469afcca1de"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51ys%2BmV83wjQrjHe5Rp4SCzzFrdu7woBjrED4Tst55FKd30Ogd56TE9iwgWfQDNN2vspznJdfJ0p5PHE5gBT6gfX6IgIlnClgNbeKgYYPBK10Vi4uIXnb%2BnhJ1ajvU4lvtqKKspiuNCgMeleaN0%2FltSfEcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80268da5fcf4842b-YVR
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
ai.2.min.js
js.monitor.azure.com/scripts/b/
119 KB
45 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.253.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d31a69f7ae0d174b9e6054ebedb533ffa1c85de012409db3fc16fcdf9cc525b

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:43 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 18:14:35 GMT
content-md5
ZPZ9afZflgHlfMADU+ZCqQ==
x-ms-meta-aijssdkver
2.8.15
etag
0x8DB9E84A5D319AC
x-azure-ref
07Gn4ZAAAAABQ9wuC9xqOTpPbT6T3BoYeQ082QUEzMTUwODA4MDQ5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6eeb1af7-f01e-008d-64b5-e010c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.15.min.js
main.js
www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/ Frame 8289
Redirect Chain
  • https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
7 KB
4 KB
Script
General
Full URL
https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b46083bf169d918156d580b3af7774c131ffcdcdf414a5cec8e12396d1ddb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWsLHBz3%2Box7IB4SSS2lGLC4%2FJOkkcPsE5HD5rhQ0SQzj8mzjd3YTzCv0gMu9WVc%2Bl30Ir4Bo9Ik%2BNhwBFm6W2sqrzhtlnpbZMQaZUyghQ9On3BpUH6RLzAnT%2Fqige7DszGeNWxlgWXY4KDScouiEhGavaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
80268da73d50842b-YVR

Redirect headers

date
Wed, 06 Sep 2023 12:00:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIugrAHwMLbKId0WfQSpDPOQmSvjvgySCKrpCm3VC7ih2vi9zz0Zfw9QgwRUTzl0WZFjVjlNZmpq0%2Fgf41mLXScqC9Bjx%2Fk4X5rBsbirr8uKJkTAHzEx41YZH2oe3rmFcBioKn7JU4K%2Feo1yQ3NmcFaxFWc%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
80268da6cd37842b-YVR
bundle.js
cdn.sajari.com/embed/2.24.0/
818 KB
248 KB
Script
General
Full URL
https://cdn.sajari.com/embed/2.24.0/bundle.js
Requested by
Host: cdn.sajari.com
URL: https://cdn.sajari.com/embed/1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.50.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.50.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99ae26c1a22048b879b145ace32446b3b92cae268ade305cd6e89bb885b5bcc4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:48:06 GMT
content-encoding
gzip
age
47558
x-guploader-uploadid
ADPycdssWf0ZtjAdFoaojkTvIKEbOB9hHN88EoqdMMVdvSfkPMUNiblTsVJ5epqCYyREkLSKTNekfx8aWA-FySn0NlIdeLPg__LE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253108
last-modified
Wed, 30 Nov 2022 00:53:27 GMT
server
UploadServer
etag
"64d4e7d24346e15977725b3c16cd2f74"
vary
Accept-Encoding
x-goog-generation
1669769607706680
x-goog-hash
crc32c=sbimEQ==, md5=ZNTn0kNG4Vl3cls8Fs0vdA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
253108
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 04 Sep 2024 22:48:06 GMT
80268d9feb5e842b
www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8289
0
545 B
XHR
General
Full URL
https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/jsd/r/80268d9feb5e842b
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Sep 2023 12:00:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
80268da86dbb842b-YVR
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnkTM4omIHDENrR5aIsOrNlerywYVcJQ%2FnsCC5Y8OiNZN3CaiPmAHmFbRflhn8qVPWumFi5Zhg0f%2BtPpl%2FZ5ZRvwxQi4mOr63yEFseVF1KW9uriQLbRofCyP9vglCs34T%2BDNqLU8FJOvPyZ25ZqvGCD%2FZY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/
403 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
65603
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Sep 2024 17:47:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
67 B
85 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.benefitsandpensionsmonitor.com
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
2649f11884cfff9c190cfc497510a92aeded35edd11a47a70360c08c6c9add1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:45 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/?random=1694001645003&cv=11&fst=1694001645003&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&hn=www.googleadservices.com&frm=0&tiba=Benefits%20and%20Pensions%20Monitor&auid=1740518731.1694001645&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N54PC4S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
a6d28ffb69942f92338293495ef8ace117ed2f884c2199d9dd28149d7b9de99f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.min.js
c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/
67 KB
23 KB
Script
General
Full URL
https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2b5c06d11b49f1a09b3c617f06d571638820619a918df7141e86d0157a996c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
EXPIRED
last-modified
Wed, 06 Sep 2023 09:58:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdNZqIe1K6eLZEGw7fSwzyEPOtgJNN4JoK%2FQJJdXrm3tBI1i6XnXmiBjlefSsstc1dmxXa6aS3xGatzbITs6j0wHTVdxjp6T4dfdPES2VAzG7M69jQ0flaHr32Gh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
80268daa78652d96-YVR
tag.aspx
ml314.com/
31 KB
11 KB
Script
General
Full URL
https://ml314.com/tag.aspx?68
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 11:32:36 GMT
content-encoding
br
age
1689
x-guploader-uploadid
ADPycdtORozNJvtXuyY30uk93a6AGqF81sd-9_tpib40oe2kyOXY8i-boRl1L6RH2g7FbZPEAMkaaEqBlJCPuOeJMgpRxA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10526
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
SEA-b9fa975e
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
js
www.googletagmanager.com/gtag/
266 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6PGJWLVE01&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N54PC4S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ddfeaf0efdaa34256996947c01bdf15ba8de5992eea07fe97a3aee57b57e2711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90517
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 06 Sep 2023 12:00:45 GMT
utsync.ashx
ml314.com/
644 B
1 KB
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=89860&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&pv=1694001645270_e14l62qi1&bl=en-us&cb=2631343&return=&ht=&d=&dc=&si=1694001645270_e14l62qi1&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
49d6c574090ada709342451c0e04a9d39d8bc5a9c3d5728bbac20d5c0577c366

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
expires
0
ud.ashx
in.ml314.com/
20 B
482 B
Script
General
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=682023&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.242.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-242-75.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:00:45 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Thu, 07 Sep 2023 12:00:45 GMT
collect
www.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6PGJWLVE01&gtm=45je38u0&_p=177827984&cid=503697323.1694001645&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694001645&sct=1&seg=0&dl=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&dt=Benefits%20and%20Pensions%20Monitor&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&ep.author=null
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PGJWLVE01&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefitsandpensionsmonitor.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fancybox_sprite.png
www.benefitsandpensionsmonitor.com/images/
1 KB
2 KB
Image
General
Full URL
https://www.benefitsandpensionsmonitor.com/images/fancybox_sprite.png
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/css/site.min.css?v=4Uz-QjdTe9I_uZ19mVb33fA6hdUy1JsF8VK5U3G4NfQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/css/site.min.css?v=4Uz-QjdTe9I_uZ19mVb33fA6hdUy1JsF8VK5U3G4NfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
206
x-powered-by
ASP.NET
content-length
1362
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
last-modified
Fri, 07 May 2021 01:38:57 GMT
server
cloudflare
etag
"1d742e1befc4bd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Loaom7H61Aa1RfS%2BmtGz9rHHoLBh75qCp53p1hvwqz66MfvTQ0Ffp3QWzEsei1Y0U9sdE1MQHaupT7N%2BVuNvv5uhW1q6Rknlm4Vug02vhL2SQfL6BDoMeMbxnOjFcZFlZk6VOGLSC5sahDnsYej7SN1g1HM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80268dabfea8842b-YVR
ads
securepubads.g.doubleclick.net/gampad/
253 KB
27 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3865592945472694&correlator=4451673977065297&eid=31076398%2C31076771%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=1042886%2Cbpm_homepage_640x480-prestitial%2Cbpm_homepage_970x250%2Cbpm_homepage_300x250%2Cbpm_homepage_300x600%2Cbpm_homepage_fluid-wallpaper%2Cbpm_homepage_oop-catfish&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F2%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=640x480%2C970x250%2C300x250%2C970x250%2C300x600%2C970x250%2C320x50%2C1x1&fluid=0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1694001645390&lmt=1694026845&adxs=-12245933%2C315%2C1181%2C315%2C1173%2C315%2C-12245933%2C0&adys=-12245933%2C120%2C1286%2C1663%2C2598%2C3730%2C-12245933%2C4311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C1%7C2%7C3%7C4%7C-1%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&vis=1&psz=0x-1%7C1600x330%7C299x250%7C1600x330%7C300x600%7C1600x330%7C1600x0%7C1600x4230&msz=0x-1%7C970x250%7C300x250%7C970x250%7C300x600%7C970x250%7C0x310%7C1600x0&fws=644%2C4%2C4%2C4%2C4%2C4%2C132%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=503697323.1694001645&ga_sid=1694001645&ga_hid=177827984&ga_fc=true&dlt=1694001643933&idt=1307&prev_scp=%7Cposition%3D1%7C%7Cposition%3D2%7C%7Cposition%3D3%7C%7C&adks=1254194993%2C641058633%2C1342818850%2C641058635%2C2346772835%2C641058629%2C2501186521%2C638214657&frm=20
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e688e1bc932473d750753b26c0ea05f7b6d6609ae4fbd4635eb48d430bee3705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27902
x-xss-protection
0
google-lineitem-id
6370123842,6372947933,6358557042,6370131516,6370131516,6330245742,-2,6358552503
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138444773987,138445871425,138443098984,138444757107,138444757104,138436934871,-2,138442383066
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.benefitsandpensionsmonitor.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B64
6 KB
3 KB
Document
General
Full URL
https://c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:00:45 GMT
expires
Thu, 05 Sep 2024 12:00:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3638329944546738185&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638329944546738185&redir=
42 B
940 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638329944546738185&redir=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
HTTP/1.1
Server
50.17.27.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-27-28.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-01dd21975.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fOrzU9AfSxY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcscanary-prod-va6-1-v062-0749cb0b9.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
JgO7xHV2Ra8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638329944546738185&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3638329944546738185
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzODMyOTk0NDU0NjczODE4NRAAGg0I7dPhpwYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=b2a48fd0c21801c82d0b1617c053ecedecd120d12306692052d92f64b8c01b94f4cb09cee1a4f8eb&person_id=3638329944546738185&eid=50082
43 B
60 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=b2a48fd0c21801c82d0b1617c053ecedecd120d12306692052d92f64b8c01b94f4cb09cee1a4f8eb&person_id=3638329944546738185&eid=50082
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 07 Sep 2023 08:00:45 GMT

Redirect headers

date
Wed, 06 Sep 2023 12:00:45 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=b2a48fd0c21801c82d0b1617c053ecedecd120d12306692052d92f64b8c01b94f4cb09cee1a4f8eb&person_id=3638329944546738185&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csync.ashx
ml314.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=50e58a3f-1878-4992-aed7-3e6303b2976b&gdpr=0&gdpr_consent=
  • https://ml314.com/csync.ashx?fp=50e58a3f-1878-4992-aed7-3e6303b2976b&person_id=3638329944546738185&eid=53819
43 B
60 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=50e58a3f-1878-4992-aed7-3e6303b2976b&person_id=3638329944546738185&eid=53819
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 07 Sep 2023 08:00:45 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
location
https://ml314.com/csync.ashx?fp=50e58a3f-1878-4992-aed7-3e6303b2976b&person_id=3638329944546738185&eid=53819
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Thu, 07 Sep 2023 08:00:45 GMT
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638329944546738185
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638329944546738185
  • https://ml314.com/csync.ashx?fp=da19cc73a9f80eb4d57f672174a7237d&eid=50146&person_id=3638329944546738185
43 B
60 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=da19cc73a9f80eb4d57f672174a7237d&eid=50146&person_id=3638329944546738185
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 07 Sep 2023 08:00:46 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=da19cc73a9f80eb4d57f672174a7237d&eid=50146&person_id=3638329944546738185
cache-control
no-cache
x-server
10.40.4.18
content-length
0
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2Ub4a92uCKyWpPK1tncN_V-EnjDFvWVFyzY6ES80DRtk&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ml314.com/csync.ashx?fp=2Ub4a92uCKyWpPK1tncN_V-EnjDFvWVFyzY6ES80DRtk&person_id=3638329944546738185&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 06 Sep 2023 12:00:46 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date
Wed, 06 Sep 2023 12:00:46 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
expires
Thu, 07 Sep 2023 08:00:46 GMT
/
www.google.com/pagead/1p-user-list/948015301/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/948015301/?random=1694001645003&cv=11&fst=1694001600000&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&frm=0&tiba=Benefits%20and%20Pensions%20Monitor&fmt=3&is_vtc=1&random=2550531513&rmt_tld=0&ipr=y
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/948015301/
42 B
455 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/948015301/?random=1694001645003&cv=11&fst=1694001600000&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&frm=0&tiba=Benefits%20and%20Pensions%20Monitor&fmt=3&is_vtc=1&random=2550531513&rmt_tld=1&ipr=y
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/cid/
24 B
448 B
Script
General
Full URL
https://c.lytics.io/cid/04efff7793bfc7d9b702b19cc7b0db31?assign=false&callback=u_719086869719574700
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2817396ee137855e41a860c821d9eecae5115cba06efdbcb5b272789a7047ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
24
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjBWSshX%2FUm2J4dLeZqvLqQRZPmWMBaCVICdMM8VZOHYHVoXJ11CcaCADT7xUhuNnCihxzOttYgg4rYc0vXmagcS5YrC%2BNkqyUfF5I5QenPB4IQuNyhs%2BL7eabkJ"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
80268dac98d62d96-YVR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
9139cc1e-3c02-458e-8bdb-f4fe0559de1f
c.lytics.io/api/personalize/04efff7793bfc7d9b702b19cc7b0db31/user/_uid/
129 KB
17 KB
Script
General
Full URL
https://c.lytics.io/api/personalize/04efff7793bfc7d9b702b19cc7b0db31/user/_uid/9139cc1e-3c02-458e-8bdb-f4fe0559de1f?segments=true&mergestate=true&state=%7B%22_uid%22%3A%229139cc1e-3c02-458e-8bdb-f4fe0559de1f%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A-7%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.benefitsandpensionsmonitor.com%2F%22%2C%22_v%22%3A%223.0.33%22%7D&ts=1694001645625&callback=u_3991777184129796
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
927cc5c445c1abef2c2001e0f7033214a6e070288a1068c81da7256d59a3dbce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNR6XpFaLqXxsCck8Fs%2FELugIMEXHtf5linIgSn5TfGmd6YxPqagnmNdUXnvBTnd%2F5UmirxnKDswa0p15m5sha3c1IH%2FsuWcBQXlvjZl6wzVFaK3v58Vabofo2to"}],"group":"cf-nel","max_age":604800}
cf-ray
80268dad69082d96-YVR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/c/
35 B
397 B
Image
General
Full URL
https://c.lytics.io/c/04efff7793bfc7d9b702b19cc7b0db31?_e=pv&_sesstart=1&_tz=-7&_ul=en-US&_sz=1600x1200&_ts=1694001645487&_nmob=t&_device=desktop&url=www.benefitsandpensionsmonitor.com%2F&_v=3.0.33&_uid=9139cc1e-3c02-458e-8bdb-f4fe0559de1f&_getid=t
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMyYXlBYGz%2F4EiCfwz7L%2B4DDfZXel75aAdZlImam2pRIM1EHqxIcgjlfPiIJkKMln8pUQ6TDpwi%2B%2BqNoala6%2B9FGq6IYtnyY1WE8zijkaacb%2Fcxx9IDCWjXwmXMP"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
80268dad69092d96-YVR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame A8E5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMMwAQY02uJDVy344tYVzMBMg2NbdYbGrOe_kCaoE5SVzOHhelEBPWjqMgMSrgxjcY-UOmL7uzLAxin-GoisxegBxStnipaXAPW30No5IYoPO9779dMO0OI6cWPmW_sDbJGzgYqbb3zXhWuCW9U1Qbm8OHZzrQZZ-G0Ia6TLH5Bfi2esRg1-4JB6fh4yqYK0GffRDYDBWNVqys4EcrYDuGZ5UanVQHphXhYiSNVKzEfEeQ2PuRsaIj0tvbY21Nuo1xvzWfHc63gUhI5wB6ft8H3JuGWD5avaFZUU_ZpZ-N1Mfla8YwWH6iMQBZh1A1nUYccCgAqr2TLsdd1bnqT0MXJ0ZlZwThUH5LOKgnhS8E-diCY6KNyeSevcg9NHSrshUWlESq7bjIfQ1v0DNqF6MhB-o&sai=AMfl-YTTI4lF3BYj4dPlWLXPj-eEVxy4gqSNhiWzmZbGEVLQ4SmJDOyJe96cCHbTLJRH5CYlBq4HuZAxfw3sRXiYcc4s3pmaw9tbM8gNPqLg6jVIlD6Q3OP0w_0UR0cltGMfR18iMQSxuAD_1STARZMD&sig=Cg0ArKJSzNzQLwFOb-pYEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame A8E5
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:40:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:40:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A8E5
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:00:46 GMT
11202325669827928853
tpc.googlesyndication.com/simgad/ Frame A8E5
101 KB
102 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11202325669827928853
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
0df756c4dfce2d3233196f3d1ed13159bb17810dd98e66e5864125692fd7288d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103794
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:04:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Sep 2024 12:00:46 GMT
utsync.ashx
ml314.com/ Frame 3AAC
43 B
63 B
Fetch
General
Full URL
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=BPMW_BMO_Global_Asset_Management_inc&cb=1355721217
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Thu, 07 Sep 2023 08:00:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3AAC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNwRh0Gt7EWdyuBPOghtMxsezEM4OTIA5DqSwNU4jpX8hRDo7NHY3-oaVPTjNVKOSSQ1Szl2ze5IntMLx42eFrfHq458F1t76C-8hkQ0xXhootdGr5ydNycgFsnHmoB0kx0EkRbBmZ-vkawAKMsjHnGCA68sJfYXz379C58pQhYa-_Ju0MhPQ4IHg8rQNnev9hpIcIp9Z8mzktHv7HLxxTWE8vjZ1ifou5PKrub0yn97CE25evwQOw5V6RvqCDWMsIw8m2muvGGDa4xgpRw5VjfavgfQHbNrbgyOUvvPUXel2hb55YWI-UHYdzwqElNO5KF6x38Xts0Bsug2c0Qm7HLu4V8jLyW5gPl0c&sai=AMfl-YRcEQqIPTymSveMgL5quVitbFBzqVg31ehOl_z1k6ABXnzUIwaIN5O3WuCVEQLDZfJ8anuEMNigKL1U5AyTo0syXJ4z0N3MrElb6VLuANf6jfgWdl5a-DK2HVO4qesGjpICL9EYguaoT3pj6lLR&sig=Cg0ArKJSzCg-bOWaLMmcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 3AAC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:40:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:40:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AAC
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:00:46 GMT
5410905114216313110
tpc.googlesyndication.com/simgad/ Frame 3AAC
109 KB
109 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5410905114216313110
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
cefdf0990471243717a17f03abe0063905b1652cd184d74c7773553f9a0ffb71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111791
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 14:31:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Sep 2024 12:00:46 GMT
utsync.ashx
ml314.com/ Frame 36E8
43 B
63 B
Fetch
General
Full URL
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=805016255
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Thu, 07 Sep 2023 08:00:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 36E8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6fkR316uX3bYKUjnZqH97yj5n2qgM-WPQnmgzpB3vTWu8AJfKp6KvHbA49WfpfRNdQj6qHMMTBwnmEjmApQ5IKmhowJEAXSLrNIchgrDlpjJn8CO3jASqEVuc2xF-qjLVhumTop83T2r99CZm50AWfAlfsf0Axih0-G4n0eO9-PqmzUuFGW7im7LxEVQF_sUh8hFm5sU14euf2XPi8a4FwCPmVpjp8oZpEpSXaelCHHI_JqD8xQSB10A9u_CwsXs3ox-QKpCpLrVtFBf1W86uI0YD4DwUyk2AWGl8xYPV9WMdMtDNx8sY9oKBP2NzFduYmhzE4UARZMg2Y0luv2e9tCwG-Ckkuk1SaelfHi4&sai=AMfl-YQpCwVfA_GGlGKlPl2O8NbShj55XaKCRAKv9PqsUH9IOJmHZeiSK1BH0NZKw5poHWRUzt8fdwpiemrm38ayYW5rljP2xks4xnbDkjDi-sBm76kFZ8LAZLI90DfRX7kYPI04aEDHZgZxtO65UYHi&sig=Cg0ArKJSzMzfGSOpvmrdEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 36E8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:40:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:40:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 36E8
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:00:46 GMT
8141981464877924056
tpc.googlesyndication.com/simgad/ Frame 36E8
28 KB
28 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8141981464877924056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
81f3524a047e935982417031e51ea8b28a6bb30e47d65a65d0c94b88178453ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28541
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 18:56:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Sep 2024 12:00:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E340
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYggXBUT7eiPhDEKWm6cYj75z8WWfpL2g8CDcdWDrTFqjjeMAYP5jCCVF2i1WObn4PGRUyt3nBTQQLJPn_7f0M_IVxr8ecNud8QfEKi0z_Xc7BnqRcfrtTMSx0qIBbu9hTAe9xpyxTIg3Pg-9y8H9jK80PObgdC6TrmvgKH8aezWrMhlj1pl-1eSWiglxmRm-9vU40lUrIXxjDgERxwAO1ZPxE1BmMFhH04TsfUtpanx2XtnzU0sOPchscOllr-mnbjKQzhh0a2ncJNyIP590jrOHyGP8se6wJloHdf7qFQZQLccWAc5xWL0wb6hCf2pFAYONmEd96-4_QUOcVhquoYE1G-m3XxiFjs_o&sai=AMfl-YRj4CnZrSfRdfUf4GmTnZvjAwAGbElQnduW3Hsqo1emF6Vw1ZaTTXGMtIXC6U7MYixX9BeAEvrmkb4C6t_ScWbMpbz-vBOv9OieTTUs8bUwIDJAymx2uy113eRtttz1jQeVjISky0kyaCqUd0-j&sig=Cg0ArKJSzKvrkpEseLnTEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame E340
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:40:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:40:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E340
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:00:46 GMT
2067408762714973922
tpc.googlesyndication.com/simgad/ Frame E340
120 KB
120 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2067408762714973922
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
ed88c46660034c43015d10f6267203692a277a5bcb4f130a8175f4f0828d53c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123171
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:19:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Sep 2024 12:00:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D185
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFkojfSNWlEyNBBvO_HjfuUuNA8IEW3Hqt3NUYiBXoASON4STv3BFqPN8bXSVO4kYEO7KYYk8WCVO_ca0v71HlRmUVAJ4wvVBApwk0F0zrazYOVnFA9UsJ-Kek6W79VH7lNW_xsCHC84tUMYpNm0Y6_NDU5wuc3G37I0F5xi7krKZa1HTW5fyxm5a3K7Bt9IX_GFX8TGT3TqUn7x7zCPv6HMCEIDKjtYbGnjnAxBW8359WfHAQVD-PKIROgC-p_m2GQYFiIKo3AtQKUwQv62oYhOysKBIl49Do4OCtDMb8nL5sPQ40dYSmj5cQd8CE_hanyJsZyVfb5Rcapjyvk3V5Ij0dSGO5q9D9FI0&sai=AMfl-YRRyGjJEyNgsm7owwuvGR1uThfiblPsJtY92u9pIBNPAlIpMJ58g7iBJc2dSnEZTtepkENZz4dXy0XXKVitYsYnnacdeqyjc6Mw7UliA97nLXphagBGkjp0Pk_azCQy9Vmgf4sX76Aq1EDcb9UQ&sig=Cg0ArKJSzAaPaEB2BYK5EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame D185
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:40:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:40:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D185
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:00:46 GMT
13750746038314746937
tpc.googlesyndication.com/simgad/ Frame D185
101 KB
101 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13750746038314746937
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
57831e5d0327296d6be29fdbff260ba2d9293e42046ec3dba7b47237c8121bba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103525
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:19:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Sep 2024 12:00:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 451E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVBpXVsJHeD6fi9yKIcPf9GElsY5A9qLOvHs3uVplQIUSVQR8xkzvGZU9Qwzhx8vK3jfjuRpX6S2H-NSWabxAFoTQRfGnU8P4_ASGC3hA-Fbhd7UjaqeRvYmb8Lz4cd6c-vLRvw9EzHMnj6RDhOCTg8Dvy7mMjR3P0Q_jdweTKjVchiazqtGYAOc7w022FUW1Ps-4FRjdAvXnDMt0lNjPlLoAeiAlztFOKNTrTSuLvMejFsmgGmIeWdeQbdKw9tvMIcx1DkGw7P3iDaP2ADnmhkAJTIPf2wWT1KDKKRPvmoIt_ik4wDXBFn-h_vhEnbbGq6cEVQsNZ6YwWEioe5h0okJSpWp4uqpVas18&sai=AMfl-YTABKn2iUEkR9DnQlYvVgyyqP4TeFakbCfshi7im1XuOr4IDcMdIf2XDduEwURoHYcBHtWR1l8JoAVzdLDA5EQp6B9vviKEy991Sz0s-8h-6llYrBe4r-4G9Zya0lvHldY3weGxWr_IniFqg7lq&sig=Cg0ArKJSzKiNsZcrC6QsEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 451E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:40:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:40:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 451E
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:00:46 GMT
2835067271640315872
tpc.googlesyndication.com/simgad/ Frame 451E
84 KB
84 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2835067271640315872
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
bef2c56ac4dc5ac6175e313afae36e5ea0f1a1a4e5f717ec0ff66a6f5c8fb74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85693
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 15:26:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Sep 2024 12:00:46 GMT
truncated
/ Frame A8E5
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd3d6fadce0e149d87d8ce7bc663da01a78ce8c033d121ab6a138786f632f956

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3AAC
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
960c012bcf69ab90fcc37dc9486afce242eba29d635f7e6c8b8d243fedac6d7c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 36E8
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54f001f120914a2d4a2b2ab39931fd524a7080bf532f13bd5547fc1255ca5c76

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E340
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47d83c0acf73a546b785d0da2b2b824486d5b55f64efc2fa1845904d92b67f20

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D185
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b699d040f844f5292148ec99302b5af19624782ca5ccdce5e94af26f69da4cd8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 451E
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22ef2c9b07673319f2329cbc48e5ef3b7e93c14ed51ee4df87b0a798ec70ac09

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
utsync.ashx
ml314.com/ Frame 3981
43 B
63 B
Image
General
Full URL
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=1677201037
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:45 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Thu, 07 Sep 2023 08:00:45 GMT
938868486417794075
tpc.googlesyndication.com/simgad/ Frame 3981
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdb9Uar1APYd2cPDSsehyuCbwrpNqycVnSIHq91TMfpalB0RdaCM4ERDYw--5a575jONutUtKZyGiSB0RxusJ-SnAFkCBC6vNjzX7WzPNSpxu9TTlQZLgXMN-wDT8dNA-mM2OvTAU3q...
  • https://tpc.googlesyndication.com/simgad/938868486417794075?
29 KB
29 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/938868486417794075?
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
ecc48c5d07bc999ce015cb02d037832476425803ebb65d21392c34f8c827121c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29544
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 18:53:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Sep 2024 12:00:46 GMT

Redirect headers

date
Wed, 06 Sep 2023 12:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://tpc.googlesyndication.com/simgad/938868486417794075?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pathfora.min.js
c.lytics.io/static/
102 KB
22 KB
Script
General
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 10:55:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3933
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMmaGQ418vJI6p4C1PB185RDv99vcUlnFSIAY5T9eBNcFCOe7kXDBY0XVK8KltTlL6yYBVIW00M0v2diapHX8INDN7F%2BJxESAnwobnxCn%2BTFgaLmSVijxd7yWCup"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
80268db21a3d2d96-YVR
view
securepubads.g.doubleclick.net/pcs/ Frame 451E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkDqNGuPEob40Op3JlECF8Y7U5ONSXLmQanJl7_SrKtQU0Pb4cqTLbE830Iq9BR61V4PIYcC7_f9dO_k2zPRlrH7CkUyjweP9WW4jQ83c_2-4nI1w4QIK6Ut51N-CSvcDhYIhIM015CYE1wqLMADD4HOHH-xL9RAvTYDmkocJtdjd-MA0bM-yUicb1p-zyA6SFSJTUUthorOTmekd8r1A4Bar4HRJEEYr8RKREZzASx4_kqRsHsf-bcDptluIgPi4mlWMhr0xLPh6hZVc9C8mFk8kG5nEv9J53pOUr_Co617OfxSGDrj9hkjfwrmsqpNBv3ab6wEqLpWV5E8JqSFqp9BLs0qQLnPZd7h8-bQ&sai=AMfl-YSYC0RPvihBpiS4CH8FsW_o3MztT9LE7ZweU64YNxLeTRtkZd0G9iGts8lV3Xo2rYzEl4B-Y4hijYdYUA2sBMHJYPwiE9_fPyjfANKvV72sUolQaRNMFR0ntJfzplCfugWKktxgiUDQFZaKUdNe&sig=Cg0ArKJSzGVfEitWDu7KEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:46 GMT
truncated
/ Frame 3981
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2996e8f68de4c395c4a0d4aa6ebc97f59a743b9744834b8bae9276d5722a63f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 36E8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqmRomHTcaQn4CLSvVelmBvkO_5n7_bulPHMvkuAnuZcbfJ_zFeneBqsa3Cro_Vre6mg2MeI4zmhYvXg-Lb0O23jibGGNL_YQXUZwVxYTwE8AfWn6FXbz-lClW_KpnNP43YOuu_nD5ctPGVu8i6qqcpfqOJRc2KnonEePEb9ZC6vjkZhSbpPWZWGO_Y-UPuUTigDwW-ca5L3pZriCPBgI7XpjcYCdwq-2OF1ekdoswqa_vY0WDBQiOEGZ4g9knSNx0-rvrzAemzJ7ofpmo1ElNlhIXAsekgVRxsmt_g7EdMbwct98n7dvJRKAlFKbgnCTdHTRua7k7_96MTxE4fmPASrzGKTzca9SI9bc6-ZkY3g&sai=AMfl-YStsJWO0_rY9XdxeybFs1zyrR__F-8y7k238K6AU--tVD9_mABEvfys3vg1W6wDIEB5qqDcKL3uwDWpkB8bmapDuhAaHqYPGWRtAjfvzcBiIcjE0fOAIsIJoyNO9_1xWA1r4X5Px42pnuS9RY1A&sig=Cg0ArKJSzF1R0F8dyG8TEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A8E5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBZI_QmjjCaNqpcaVFAtHhR_AYhWjtyGOWzc-oj3uc3P6BnEPeGYLpaKhQVeqoZdznGVY-8JY0niewqW2QiYWjLj-BXiol3Jda_leLhcrmxF1xSvvula4B1be3hMZj2zdTdD6iQZQZbTq8swliFIEv4MBryXToR-04G7APbcRI8ka5qCB986GsRQ332VnjbDZOpqkz3RhcvvUQil0IdxkxVWlmdP9YVvU69-YVN46i0GDeM-qpKGdUYj6eIg6Xa7QMt8oqvfK8yl_3pTv0Qp4Vh7DeIXA9GgwQ4BET2oatQnqUbelckFgPFJqtiNYdaMVqDAubyzWx4eOy0pEYmUDWDpG6C0FgzTVETqtosVEVX8nN0MclqIL6&sai=AMfl-YTa0r0TMDO7y655guP04gGEO2amWblfLT6fcpxVTLP7PvMpAKzFMoAOzsAQrkALRR6b-jbMQt4oWXjNRMRXwa52bBgW59t6GwYoerdZgwy1l1eePDxZp6ozx_XL3Q4okj01mFk4NQJfAJX5n6AY&sig=Cg0ArKJSzHfS1Y59HOmOEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D185
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF1OCSEApNOZBg0ndIycI60ghjU-zXalBRz3ByV8Uw5x6s3ROqrN-rZ6vNt6RXblGzA7AAeS3ZFeJdCWmWRwhapCO8zaKtz8YwCjRQPr3etWgJ440TP4NO8iCriRmDObKIF4mghZZ0-k1To7V3SPNpyyvzJb2Dt9DCDJkTOObZcnamFvHfArc9NG0_NwiuNU3QFwVjxcQLa_pTRdCnjllgVudsy5JNN43N-P3KNRgudR063vYWPJJ0qI6f-9aX7A-6jjt66PdjL7rzu03rQk_WJIcB9xnDIYTXrThvMXlXlsE4mc7Fnx7rxPfBdGJ8dMy2PKt6fckwOGY0hUH16GaMUDxA1wpCujQvzbKvjw&sai=AMfl-YSDFbfOEfl-PewBsPlIFrN6jL2SYaZF9ABuKhYjE7QinHboOjafiNx9H8OYpRzQ-Xjqo4XBQsg85zWeTLBszJGIiDeRpjGd05SHxUTl8VqTqbq6pcCcaHc88DOBpv9iXRD6Ud2IUbAfrDgb6Al6&sig=Cg0ArKJSzHVeQaj_OMMzEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:46 GMT
pathfora.min.css
c.lytics.io/static/
20 KB
4 KB
Stylesheet
General
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 10:26:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5634
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7snErp3FZvSQsYpIEWy6AxJ5bbTxLy9G916p2x5IiKzgrK3eYm5A3L3uKjQw%2BpK%2Fc0TzJ0apZwR7hbEJf9GFxLWCjwcGAw2Uxjd7Q62GlkjO4aTMzfYQ8xfSPVt1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
80268db36a8a2d96-YVR
keymedia-overrides.css
s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-keymedia/
58 KB
59 KB
Stylesheet
General
Full URL
https://s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-keymedia/keymedia-overrides.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.249.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
60af7613cf5b70b4cd558546dd7ecab78792b7ed6b8effa9545dac4d3aa1fed3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:00:47 GMT
x-amz-version-id
RoULxZLa8MySYtKed9nogc1kMebkcN9D
Last-Modified
Tue, 27 Jun 2023 19:28:34 GMT
Server
AmazonS3
x-amz-request-id
M85QX5X6MEHB5W4S
ETag
"f8c3b423a6979b406e7c46d98bf9680f"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
59588
x-amz-id-2
e0/4LvHqXKYpIRUzvEtq6aYnttHoXuhctIWaA03rcKcegTmWC5an+p61yoDtktwYrYZo3hkpCj0=
view
securepubads.g.doubleclick.net/pcs/ Frame E340
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssI_ZUj3JP4WK7cD_x5VF_kXDsJ9vmEYXe2UPCaCB450NIVfoFh6cmQ5wBhwIMPKliEkocRz8iRwcNeEuVTedLbL-4l6qry61wTp6FpSXuvzcqShLcBosZjIkkwmh1toMSitAjbioe41c30BkXusOIH1_N9hL3mzKu4IhrDVsXmaKDR4IfeQNlFrsa2zryHTBgvYeLWxrA8fycDoTP0E_4q3UZFCjgm3J1fofh-OEbfQgGTtaC2yDgDzEljk48Fy3T2W12v1vWVXjvelhOUZPG50Bh5ZCOmwhomyCnHFc4M93KP7qG5nTTNsKRaMN5rOu1WiRDYo0ib2PjwCo39vDNoUjVKW2GdqXUACllAvA&sai=AMfl-YR1gNv3tm2-zSEAIuaiygR0A25AhKeNosrLjoqk3oFlQr0-mP9fm8X0S3OCHQ_zvNafl5IT4UVUiUDCdy5BhvWIWLeSjnx7L9jlUHvPHkOfiAGCWZOmDhepCTMJoW3XGPXcC7xhRCtggTvwPk9h&sig=Cg0ArKJSzIiF_qx_xAg-EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3AAC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKaNOJ_5VhzxT8ArWt81cyVkUPo9X0oXFdtx6H0edC5d83gSE64R7t7vRjPaWrR2n43EYOrvnFA_h820yTdJbiBpzzeRDahHnCF7ZIBDh36bw8fXEz0uN2ZuMYCNAnM8bsY4miVWUTn-5E-3_JcaVAoYS6nzlxyYfmP0tsUOpt2pP75Mh_ZB8vwj0nqyfz3BDdd3PRMiYh2Hgm11-AcN31H534HrR7JEBdf5hLdjYIfPr_55QAvdHzSoi0jL2rvASJDXM7PfISA5ox0XskELR18UlaMohEyM4CBf149oxQkhTuXQJdKhAFj0mk39twV4T-uILcJJghkRRoX2VkCckSmXtSF40fEDzMIevcSw&sai=AMfl-YSVSj3SohnW_i7LVK7_db2dxbDz8Ce4XLop7lN82LTvc97HHBMYJlJ8_zqenCV2HD7W0yabNX6Zeq9K9rR3pvJXGD7PFdfuzGStqXoZfB4gokJqp0dCLRy_JfIH-0y77erdEZqFkXcRzRwKnpiR&sig=Cg0ArKJSzCfZqsWHNFOOEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:00:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
53b5f6eb10f48f9b9203a032c298974c3470faf2f13487a0102921f20d4bc450
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12059
x-xss-protection
0
config.js
c.lytics.io/api/program/campaign/config/04efff7793bfc7d9b702b19cc7b0db31/
399 B
678 B
Script
General
Full URL
https://c.lytics.io/api/program/campaign/config/04efff7793bfc7d9b702b19cc7b0db31/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3944e77604c3af0b15334cfddc46ab697ef0bf9c323f50b7186c90e8b5c13b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:47 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 11:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
203
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yow1i0Db%2BxiAiiEOw14MNzMraK%2FMnu25AhQcYDJoOdH0ecpRZJzla9QdUu8mmxbqSWROapLtHBZ2fKfuOY3eaocWrhoXCGgtod%2Fv1KEaPF5L2jjEPT70hokdjOai"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
content-encoding
br
cache-control
max-age=7200
cf-ray
80268db5fb462d96-YVR
track
eastus-8.in.applicationinsights.azure.com//v2/ Frame
0
0
Preflight
General
Full URL
https://eastus-8.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.41 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.benefitsandpensionsmonitor.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 06 Sep 2023 12:00:46 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-request-id
305980fb-f5b2-4494-ac6a-005c8fab2ae7
track
eastus-8.in.applicationinsights.azure.com//v2/
49 B
159 B
XHR
General
Full URL
https://eastus-8.in.applicationinsights.azure.com//v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.41 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 06 Sep 2023 12:00:47 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
x-request-id
3ea17d86-eedf-4319-ace1-3667202f13dc
content-type
application/json; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 12:00:47 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A8E5
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFfZC5xbXxGDtBTcnWTDDurNqpFYM5M8SHIbDpJqnsHW5V8ndt8FUkZKkvByR1NJQbzOU3stA3E0AESkbHvkKmWCCvwXGX4YwEAFRSPr3qodm8Ub5JoL_9iVzj5P-t&sig=Cg0ArKJSzMEu-YGfmxKcEAE&id=lidar2&mcvt=1000&p=296,480,776,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1254194993&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694001645742&rpt=811&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3AAC
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSuK65IsMkpMCMYU4yK9vrEMrwxe9FmSc-QZryAEaHuuuxKXqiFaa1Cbql1Vake6woUlJ6a3xZV7sBI6pZBmJbfA5oIyAUF5jfFhvp6WZfNO07UIlWLkcSGd-Hska_&sig=Cg0ArKJSzAs6ETGp2fqHEAE&id=lidar2&mcvt=1000&p=120,315,370,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=641058633&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694001645760&rpt=838&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:00:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57A0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
489228
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 20:06:59 GMT
expires
Fri, 30 Aug 2024 20:06:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1F92
829 B
976 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f147.1e100.net
Software
GSE /
Resource Hash
47038c9f35babad09491c4f2e6e8c3881330418285735049132912fbd3562d4f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hqugCNf0G2l374mnz8CpoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-hqugCNf0G2l374mnz8CpoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:00:47 GMT
expires
Wed, 06 Sep 2023 12:00:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 57A0
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 08:21:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
13167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 08:21:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F92
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=3865592945472694&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 57A0
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?4GUGqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:00:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=3865592945472694&bg=!oqGloe7NAAYHwnCgJ8I7ADQBe5WfOCUFX4jHo9yv6PznH8OIWq6XX0upvozW8uYE-GvZIEF0-Xruf-0HlNlX7J_wOF6IAgAAAEpSAAAAEWgBB5kCvGt8TGcvi8tZt6UHTSsW9J2TMBI_T3PQyaZb5_0O5eS0zYT_V4GW1HC3oFJlp-mSxuTZNZgon-4dP_bZyfVsit2wnUV5dJq44PL0_JVpCIei0KdEFw1uCVoe_vEy81gyoxTk3mldPaOpYDOQfph1lVQmScpAXgH5h3ozr6dgRIJeZ7rGGSqEqUCoP3MUueXHWXKXVEqaZl0yqtGgnuOrcKSZkM8Q6SOJKGBc7wS1ZsLsOg1_zR2cIszm0NgAsTGtbO4zb-OSkwOZVVw4E2D0Lz65B-i57IKulVTcinYa7dgVZAYDDFtpBA4IRALqPLf0nu74B2Q1VksMPIGCDGMdnaVXIKlApZDVsISMU1bNN8zii-Gw6wjNk8UK2D1VSGfCmYEsm3XPt4f8tz2-x0gK8ilrBcuZJBiLtWlQX8DQ8BXY-tck5mT9NU_ScPknHdJVtAizQBuSJRExSUHbGWiH9_qBxbZz_ltUL_x1-A7hJ9VZyAUy_Yj5uCZpzNF2x3FR2xzSY-byQFH36YDfXcPgYNkS4yK3qvQqKQiDi861QWiLyvJ8L_eh3CwaGhwtdCvJUS5fuKR9hc3mURqrOr47EJf-CzxwQWLM7TqBrK40ZBRp3WDbkLRSXaesq9drqjr-MGWE8sTBIAY4Nxnp-96aoS6i0DQseLnSPPqOy7hGssPzX0hsoYzOMhuz9SJY4vI-a8yp-SX0cFG_TcAbkvHhqs9QbR6Ah11NxUoJGEfinQHn8xdeAWhqgns4kr-HBKjQ9kh4Qil_K_KY3REJoRx_4DUbL1xBV-71pBPOvQq6xrGJtlw1d1fYlENYKeyECeBVilbD1aXAz7L6NVSUB4Wcw1boMjdzXafMpyjK_WTJm1yC_4cUEhepB1Kz55CNeqPXd7MbbYbj8-oFiY5oapIF8yJz2HRgVH67mhJ1QDY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| googletag object| dataLayer object| appInsights function| whichTransitionEndEvent function| dismissIntromercial function| _ function| ListPager function| requestPostitialOnScroll function| e object| n string| t object| r object| o object| a string| u object| c object| s object| f object| d object| Microsoft object| __dynProto$Gbl object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| GooglebQhCsO object| jstag object| _ml object| regeneratorRuntime undefined| google_measure_js_timing function| onYouTubeIframeAPIReady object| gaGlobal number| google_unique_id object| __lytics__jstag__ undefined| u_719086869719574700 undefined| u_3991777184129796 object| pathfora object| GoogleGcLKhOms object| google_image_requests

26 Cookies

Domain/Path Name / Value
.www.benefitsandpensionsmonitor.com/ Name: ARRAffinity
Value: 768c1fa6b7720d25880d38a03dc6c18f0fede13efd5b31224530feefe6996987
.www.benefitsandpensionsmonitor.com/ Name: ARRAffinitySameSite
Value: 768c1fa6b7720d25880d38a03dc6c18f0fede13efd5b31224530feefe6996987
www.benefitsandpensionsmonitor.com/ Name: ai_user
Value: MbITcBgNOyUmL/uL5nAHjv|2023-09-06T12:00:44.875Z
.benefitsandpensionsmonitor.com/ Name: cf_clearance
Value: o4WeQzlwxxNF8XGOuZ1PdDWr1C.PKcdOHv0bGBJSTrk-1694001644-0-1-29f07466.9fc32f65.7ef12b86-0.2.1694001644
.benefitsandpensionsmonitor.com/ Name: _gcl_au
Value: 1.1.1740518731.1694001645
.benefitsandpensionsmonitor.com/ Name: _ga_6PGJWLVE01
Value: GS1.1.1694001645.1.0.1694001645.0.0.0
.benefitsandpensionsmonitor.com/ Name: _ga
Value: GA1.1.503697323.1694001645
.ml314.com/ Name: u
Value: aHR0cHM6Ly93d3cuYmVuZWZpdHNhbmRwZW5zaW9uc21vbml0b3IuY29tLw==
.ml314.com/ Name: pi
Value: 3638329944546738185
.ml314.com/ Name: tp
Value: 4%3b9%2f6%2f2023+8%3a00%3a45+AM%3b0
www.benefitsandpensionsmonitor.com/ Name: ai_session
Value: K3rKkVNC9rdQ7SnsCkgisn|1694001645373|1694001645373
.www.benefitsandpensionsmonitor.com/ Name: seerses
Value: e
.www.benefitsandpensionsmonitor.com/ Name: seerid
Value: 9139cc1e-3c02-458e-8bdb-f4fe0559de1f
.adsrvr.org/ Name: TDID
Value: 50e58a3f-1878-4992-aed7-3e6303b2976b
.rlcdn.com/ Name: rlas3
Value: qdEfyqIcj6TEeH42N70yYgbkWBiTOElklFoLsQKhuEU=
.benefitsandpensionsmonitor.com/ Name: __gads
Value: ID=a1e71a4efdfe3adf:T=1694001645:RT=1694001645:S=ALNI_MbddOZMxBmv4j2qK2e6A1qVryGjUQ
.benefitsandpensionsmonitor.com/ Name: __gpi
Value: UID=00000d9057c93dd3:T=1694001645:RT=1694001645:S=ALNI_MbHMeLWHnm4tlewMdtBrzVu0vTzUg
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHZDB0cm8xahILCKDO1_bdtpc8EAUYBSABKAIyCwjm0PKi9LaXPBAFOAE.
.lytics.io/ Name: seerid
Value: 9139cc1e-3c02-458e-8bdb-f4fe0559de1f
.rlcdn.com/ Name: pxrc
Value: CO3T4acGEgUI6AcQABIFCNtOEAA=
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.eyeota.net/ Name: mako_uid
Value: 18a6a5dc949-31df0000010a4db7
.eyeota.net/ Name: SERVERID
Value: 19895~DM
.doubleclick.net/ Name: IDE
Value: AHWqTUm3MxvBai8aEwylhzWFDi-UUK_MsBVuaATldGTwNmo7Svb8VtgOaDPoxuaL2Hc
.demdex.net/ Name: demdex
Value: 52913029787190726360796220296787844698
.dpm.demdex.net/ Name: dpm
Value: 52913029787190726360796220296787844698

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.lytics.io
c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com
cdn-res.keymedia.com
cdn.sajari.com
cdnjs.cloudflare.com
dpm.demdex.net
eastus-8.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
in.ml314.com
js.monitor.azure.com
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
ps.eyeota.net
s3.us-west-2.amazonaws.com
securepubads.g.doubleclick.net
sync.crwdcntrl.net
tpc.googlesyndication.com
use.fontawesome.com
www.benefitsandpensionsmonitor.com
www.bpmmagazine.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.17.24.14
104.26.15.213
104.26.9.198
13.107.253.40
142.250.31.155
142.251.16.113
142.251.16.132
142.251.16.157
142.251.16.94
142.251.163.147
172.253.115.95
172.253.122.97
172.253.62.157
172.253.63.132
172.253.63.94
172.64.103.11
172.67.215.24
172.67.73.236
3.212.173.20
3.33.220.150
34.111.234.236
34.231.251.31
35.190.50.98
35.190.60.146
50.17.27.28
52.179.73.41
52.218.249.224
52.22.242.75
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
0b2b5c06d11b49f1a09b3c617f06d571638820619a918df7141e86d0157a996c
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0d31a69f7ae0d174b9e6054ebedb533ffa1c85de012409db3fc16fcdf9cc525b
0df756c4dfce2d3233196f3d1ed13159bb17810dd98e66e5864125692fd7288d
155d083e71e7ab6e2eb5da29b26f8913c992b80198db9664167bce6808af23b9
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed
21d602532420938af2a411770f1a39123381a9ac669c4b0c43eeea5dccab76ae
22ef2c9b07673319f2329cbc48e5ef3b7e93c14ed51ee4df87b0a798ec70ac09
22f7d96cec1bb8460edaad31832a5a5eb464d5fea528118c7ac2de337dafc2e1
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
2649f11884cfff9c190cfc497510a92aeded35edd11a47a70360c08c6c9add1f
28b2bc91a3209441b556bdca6cb42dc2755a10662a51b5aea914a459d1d169ae
2996e8f68de4c395c4a0d4aa6ebc97f59a743b9744834b8bae9276d5722a63f0
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32fb60eb9aa33c378b3f22656450ab566b63e51d2cf0b9b1d0d3caad7524e831
3d9139eb008a6920449b04b7f2d0f7a2695867ca922bb43436f48c2eb88a9f70
3db368eb2198fb7fabd18447ec5818684af2d37c2d278147e382dd9091908f49
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47038c9f35babad09491c4f2e6e8c3881330418285735049132912fbd3562d4f
47d83c0acf73a546b785d0da2b2b824486d5b55f64efc2fa1845904d92b67f20
49d6c574090ada709342451c0e04a9d39d8bc5a9c3d5728bbac20d5c0577c366
53068c5816e04a1a43f4a68f816c36a3e71153c3885eeed61efc4ac454306d43
53b5f6eb10f48f9b9203a032c298974c3470faf2f13487a0102921f20d4bc450
54f001f120914a2d4a2b2ab39931fd524a7080bf532f13bd5547fc1255ca5c76
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57831e5d0327296d6be29fdbff260ba2d9293e42046ec3dba7b47237c8121bba
57b46083bf169d918156d580b3af7774c131ffcdcdf414a5cec8e12396d1ddb0
585e747e0701153996b912f68aaa3b61cac294ecd4a8f2628b7ce5c5a370aa4c
5b11731cad9b522e095aa57c5323bc4e60bf5c5ec3ca537507708dc6e4c6596a
60af7613cf5b70b4cd558546dd7ecab78792b7ed6b8effa9545dac4d3aa1fed3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
785c1f4b0f336168b4c4a5a048fbdb936d8b0c2c2eac51aed8413c143c41ac37
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
81b2a42fe9601870364f23ee6cfb94073cfdd6a03a70802a54bd242b88cce769
81f3524a047e935982417031e51ea8b28a6bb30e47d65a65d0c94b88178453ab
8d4a6f33753ec2e106e224956e81cc673fdb24c509b4810190b0581951539247
927cc5c445c1abef2c2001e0f7033214a6e070288a1068c81da7256d59a3dbce
960c012bcf69ab90fcc37dc9486afce242eba29d635f7e6c8b8d243fedac6d7c
986234269574843718b280cee20a2027b06a5a4d4ed4a2109e4702c91980ee81
99ae26c1a22048b879b145ace32446b3b92cae268ade305cd6e89bb885b5bcc4
a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958
a3944e77604c3af0b15334cfddc46ab697ef0bf9c323f50b7186c90e8b5c13b0
a6d28ffb69942f92338293495ef8ace117ed2f884c2199d9dd28149d7b9de99f
aebf9956840a795c31489aa11afd8f9ae40e6b39805e04b6e43c9b57165dca8c
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
aff5c482161de24d68eaddba9e083af6a0c933fbfe8a019e8cd9a84fbe5d4786
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3672e8f53d4cd14250c0d76315fa94c7311da3ce7235696d1aa6fa39388dcb6
b699d040f844f5292148ec99302b5af19624782ca5ccdce5e94af26f69da4cd8
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bef2c56ac4dc5ac6175e313afae36e5ea0f1a1a4e5f717ec0ff66a6f5c8fb74f
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
cd3d6fadce0e149d87d8ce7bc663da01a78ce8c033d121ab6a138786f632f956
cefdf0990471243717a17f03abe0063905b1652cd184d74c7773553f9a0ffb71
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d3c92d38448399407f04004ea8b0ff7ac54b416f7456f2e5bb2a04d800d0e27b
dc765890aaaca37c31fb572ff9db7356e17cb243265b78533e19d97f32752b42
ddfeaf0efdaa34256996947c01bdf15ba8de5992eea07fe97a3aee57b57e2711
de5cd45cccf973d02676e44e13c0209769eb7d8cfce2fcf8139238ee982f47ab
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e2817396ee137855e41a860c821d9eecae5115cba06efdbcb5b272789a7047ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e688e1bc932473d750753b26c0ea05f7b6d6609ae4fbd4635eb48d430bee3705
e697712ea46fc718f86b1f6cac883a81f5e15a0f5e8565117c8f974abeec2196
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ecc48c5d07bc999ce015cb02d037832476425803ebb65d21392c34f8c827121c
ed88c46660034c43015d10f6267203692a277a5bcb4f130a8175f4f0828d53c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1