edustaffbenefits.com Open in urlscan Pro
173.236.164.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.edustaffbenefits.com/
Effective URL:
https://edustaffbenefits.com/
Submission: On July 19 via manual (July 19th 2021, 1:18:12 pm UTC) from US

Summary HTTP 65 Redirects Links 211 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 22 domains to perform 65 HTTP transactions. The main IP is 173.236.164.104, located in United States and belongs to DREAMHOST-AS, US. The main domain is edustaffbenefits.com.
TLS certificate: Issued by R3 on June 7th 2021. Valid for: 3 months.

This is the only time edustaffbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	173.236.164.104 173.236.164.104	26347 (DREAMHOST-AS) (DREAMHOST-AS)
15	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	63.249.66.205 63.249.66.205	11994 (CZIO-ASN) (CZIO-ASN)
1	13.224.101.72 13.224.101.72	16509 (AMAZON-02) (AMAZON-02)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
2	52.119.198.1 52.119.198.1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.16.107.72 2.16.107.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
8	18.210.58.72 18.210.58.72	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:42d... 2600:1f18:42df:3a01:e98f:cdd0:4c16:e538	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.103.72 13.224.103.72	16509 (AMAZON-02) (AMAZON-02)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	35.156.223.207 35.156.223.207	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.197.81 18.185.197.81	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
3	2.16.186.43 2.16.186.43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 5	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2.16.186.66 2.16.186.66	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	185.29.135.233 185.29.135.233	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
65	26

4 173.236.164.104 (United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-udder.screven.dreamhost.com

www.edustaffbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edustaffbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.249.66.205 (Boulder Creek, United States)

ASN11994 (CZIO-ASN, US)
PTR: freefind.com

inc.freefind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.101.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-101-72.zrh50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.119.198.1 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

aax-us-east.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.107.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-72.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.210.58.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-58-72.compute-1.amazonaws.com

dt.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:42df:3a01:e98f:cdd0:4c16:e538 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt6.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.103.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-72.zrh50.r.cloudfront.net

wms-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.223.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-223-207.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.197.81 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-43.deploy.static.akamaitechnologies.com

res-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.66 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-66.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.233 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	media.net contextual.media.net lg3.media.net prebid.media.net c21lg-d.media.net cs.media.net	171 KB
12	rubiconproject.com 6 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	16 KB
9	clnmde.com dt.clnmde.com dt6.clnmde.com	3 KB
6	akamaihd.net pxlclnmdecom-a.akamaihd.net res-a.akamaihd.net qsearch-a.akamaihd.net	98 KB
5	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
5	addthis.com s7.addthis.com api-public.addthis.com	191 KB
4	amazon-adsystem.com z-na.amazon-adsystem.com aax-us-east.amazon-adsystem.com wms-na.amazon-adsystem.com	66 KB
4	edustaffbenefits.com 1 redirects www.edustaffbenefits.com edustaffbenefits.com	45 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
2	yahoo.com 1 redirects ads.yahoo.com pr-bh.ybp.yahoo.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	631 B
2	rlcdn.com id.rlcdn.com	108 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	criteo.com gum.criteo.com	745 B
2	google-analytics.com www.google-analytics.com	19 KB
2	freefind.com inc.freefind.com	4 KB
1	mathtag.com 1 redirects sync.mathtag.com	611 B
1	turn.com 1 redirects ad.turn.com	493 B
1	bidswitch.net x.bidswitch.net	146 B
1	rfihub.com 1 redirects p.rfihub.com	689 B
1	addthisedge.com v1.addthisedge.com	1 KB
1	moatads.com z.moatads.com	1 KB
65	22

	Domain	Requested by
9	contextual.media.net	edustaffbenefits.com contextual.media.net eus.rubiconproject.com
8	dt.clnmde.com	pxlclnmdecom-a.akamaihd.net edustaffbenefits.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
4	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
4	cm.g.doubleclick.net	2 redirects eus.rubiconproject.com
3	api-public.addthis.com	s7.addthis.com
3	res-a.akamaihd.net	edustaffbenefits.com
3	match.adsrvr.org	2 redirects eus.rubiconproject.com
3	lg3.media.net	edustaffbenefits.com contextual.media.net
3	edustaffbenefits.com	edustaffbenefits.com
2	sync-tm.everesttech.net	2 redirects
2	id.rlcdn.com	contextual.media.net eus.rubiconproject.com
2	rtb.mfadsrvr.com	2 redirects
2	cs.media.net	contextual.media.net
2	eus.rubiconproject.com	contextual.media.net eus.rubiconproject.com
2	gum.criteo.com	contextual.media.net
2	pxlclnmdecom-a.akamaihd.net	contextual.media.net pxlclnmdecom-a.akamaihd.net
2	aax-us-east.amazon-adsystem.com	z-na.amazon-adsystem.com
2	www.google-analytics.com	edustaffbenefits.com www.google-analytics.com
2	s7.addthis.com	edustaffbenefits.com s7.addthis.com
2	inc.freefind.com	edustaffbenefits.com inc.freefind.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ads.yahoo.com	eus.rubiconproject.com
1	qsearch-a.akamaihd.net	edustaffbenefits.com
1	ad.turn.com	1 redirects
1	x.bidswitch.net	contextual.media.net
1	c21lg-d.media.net	contextual.media.net
1	p.rfihub.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	wms-na.amazon-adsystem.com	edustaffbenefits.com
1	dt6.clnmde.com	edustaffbenefits.com
1	prebid.media.net	contextual.media.net
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	z-na.amazon-adsystem.com	edustaffbenefits.com
1	www.edustaffbenefits.com	1 redirects
65	38

This site contains links to these domains. Also see Links.

Domain
www.myeducationdiscount.com
www.amazon.com
www.addthis.com

Subject Issuer	Validity	Valid
www.edustaffbenefits.com R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.freefind.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
z-na.amazon-adsystem.com Amazon	`2020-12-12` - `2022-01-10`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
aax-us-east.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-17`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.clnmde.com Amazon	`2021-05-06` - `2022-06-04`	a year	crt.sh
dt6.clnmde.com Amazon	`2021-03-29` - `2022-04-27`	a year	crt.sh
wms-na.assoc-amazon.com Amazon	`2020-12-25` - `2021-12-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-08` - `2021-08-25`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://edustaffbenefits.com/
Frame ID: 540B2AA24D04EFCFA97E6B9E390C57D9
Requests: 35 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&hb=1&cv=37&cs=22&cid=8HB1IT8E4&usp_status=0&usp_consent=1&itype=HB-CM
Frame ID: 2AF84D05DA9F6AF487695065AF2F992A
Requests: 1 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: 0C8DFBBF9FB0654E477EFE80C6BBBE35
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM
Frame ID: 0499992160C34ECB378B9057E5FC3025
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 1AD2A8E22CD26AD23C040495B66A59D4
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2697022737152494000V10&type=rkt&refUrl=&vid=67006730552697022737152494000V10&ovsid=1871316021721164838
Frame ID: 8D66BB076406C31D16C10F753F8153F6
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV10582.js
Frame ID: DE58FF6B7E7188E65E42A0B781D03620
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.edustaffbenefits.com/ HTTP 302
https://edustaffbenefits.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

65
Requests

100 %
HTTPS

22 %
IPv6

22
Domains

38
Subdomains

26
IPs

6
Countries

615 kB
Transfer

1764 kB
Size

7
Cookies

211 Outgoing links

These are links going to different origins than the main page.

URL: https://www.myeducationdiscount.com/

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/contact.htm
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/signup.htm
Title: Sign Up for Discounts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/classroom.htm
Title: Books/Classroom

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/house.htm
Title: Home/Auto

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/clothing.htm
Title: Clothing/Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/travel.htm
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/electronics.htm
Title: Electronics

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/financial.htm
Title: Finances/Utilities

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/health.htm
Title: Health/Beauty

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/food.htm
Title: Food/Drink

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gifts.htm
Title: Gifts

Search URL Search Domain Scan URL

URL: https://www.amazon.com/tryAB?ref_=assoc_tag_ph_1524210604088&_encoding=UTF8&camp=1789&creative=9325&linkCode=pf4&tag=myeducationdi-20&linkId=70e17a40810c6751488199304c4535ce
Title:

Search URL Search Domain Scan URL

URL: https://www.amazon.com/adprefs
Title:

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/1800baskets.htm
Title: 1800Baskets.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/1800flowers.htm
Title: 1800Flowers.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/1ink.htm
Title: 1ink.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/23andme.htm
Title: 23andMe

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/adobe.htm
Title: Adobe

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/alfa.htm
Title: Alfa Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/marriott.htm
Title: Aloft Hotels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/amazon.htm
Title: Amazon

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/attractions.htm
Title: Amusement Parks

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ancestry.htm
Title: Ancestry.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/anntaylor.htm
Title: Ann Taylor

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/anytimefitness.htm
Title: Anytime Fitness

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/apple.htm
Title: Apple

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ashleystewart.htm
Title: Ashley Stewart

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/atandt.htm
Title: AT&T

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/b&h.htm
Title: B&H Photo Video

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/caesars.htm
Title: Bally's Hotels & Casinos

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bananarepublic.htm
Title: Banana Republic

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/barnesandnoble.htm
Title: Barnes & Noble

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/wyndham.htm
Title: Baymont Inn & Suites

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/benfranklincrafts.htm
Title: Ben Franklin Crafts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bestbuy.htm
Title: Best Buy

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bestwestern.htm
Title: Best Western

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bonobos.htm
Title: Bonobos

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/booksamillion.htm
Title: Books-A-Million

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/bose.htm
Title: Bose

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/tdf.htm
Title: Broadway

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/brooklynbedding.htm
Title: Brooklyn Bedding

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/budget.htm
Title: Budget Car & Truck Rental

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/buick.htm
Title: Buick

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/californiacasualty.htm
Title: California Casualty

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/calvinklein.htm
Title: Calvin Klein

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ihg.htm
Title: Candlewood Suites

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/canon.htm
Title: Canon

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/autoinsurance.htm
Title: Car Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/cars.htm
Title: Cars and Trucks

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/cellphonediscount.htm
Title: Cell Phone Discounts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/champion.htm
Title: Champion

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/chevy.htm
Title: Chevrolet

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/christopherandbanks.htm
Title: Christopher & Banks

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/chrysler.htm
Title: Chrysler

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/cicis.htm
Title: CiCi's Pizza

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/classichotels.htm
Title: Classic Hotels & Resorts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/colehaan.htm
Title: Cole Haan

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/university.htm
Title: Colleges and Universities

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/columbia.htm
Title: Columbia Sportswear

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hilton.htm
Title: Conrad Hotels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/contiki.htm
Title: Contiki

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/studentaid.htm
Title: Continuing Education

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/coolframes.htm
Title: CoolFrames

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/corel.htm
Title: Corel

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/countryinn.htm
Title: Country Inn & Suites

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/creditcards.htm
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/curiouschef.htm
Title: Curious Chef

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dagnedover.htm
Title: Dagne Dover

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dcshoes.htm
Title: DC Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/debtwave.htm
Title: DebtWave

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dell.htm
Title: Dell

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dibsies.htm
Title: Dibsies

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/discountdancesupply.htm
Title: Discount Dance Supply

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/orlandoemployeediscounts.htm
Title: Disney World

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dji.htm
Title: DJI

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dominos.htm
Title: Domino's Pizza

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/dooney&bourke.htm
Title: Dooney & Bourke

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/drscholls.htm
Title: Dr. Scholl's Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/earq.htm
Title: EarQ Hearing Aids

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/eddiebauer.htm
Title: Eddie Bauer

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/educatormortgageprogram.htm
Title: Educator Mortgage Program

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/eduporium.htm
Title: Eduporium

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/equityresidential.htm
Title: Equity Residential Apartments

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/eyemartexpress.htm
Title: Eyemart Express

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/farfaria.htm
Title: FarFaria

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/farmersinsurance.htm
Title: Farmers Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ford.htm
Title: Ford

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/free.htm
Title: Free for Teachers

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/fulbright.htm
Title: Fulbright Program

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/fundforteachers.htm
Title: Fund for Teachers

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gap.htm
Title: Gap

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/geico.htm
Title: Geico

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gelpro.htm
Title: GelPro

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gm.htm
Title: General Motors

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/giftscom.htm
Title: Gifts.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/glassesusa.htm
Title: GlassesUSA

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/globein.htm
Title: GlobeIn

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/gmc.htm
Title: GMC Automotive

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/coupons.htm
Title: Grocery Coupons

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/handrblock.htm
Title: H&R Block

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/halfpricebooks.htm
Title: Half Price Books

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hanes.htm
Title: Hanes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/quote.htm
Title: Health Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/heroeshomeadvantage.htm
Title: Heroes Home Advantage

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hewlettpackard.htm
Title: Hewlett Packard

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/historychannel.htm
Title: History Channel

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/homedepot.htm
Title: Home Depot

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/homeinsurance.htm
Title: Home Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/homesforheroes.htm
Title: Homes for Heroes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/honda.htm
Title: Honda

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/horacemann.htm
Title: Horace Mann

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hotels.htm
Title: Hotels.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/housing.htm
Title: Housing

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hudhomes.htm
Title: HUD Homes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/hyundai.htm
Title: Hyundai

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/insurance.htm
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/jcrew.htm
Title: J.Crew

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/jetbrains.htm
Title: JetBrains

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/joannfabrics.htm
Title: JOANN Fabric & Craft Stores

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/jotform.htm
Title: JotForm

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/justmysize.htm
Title: Just My Size

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/karenkane.htm
Title: Karen Kane

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/kia.htm
Title: Kia Motors

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/laquinta.htm
Title: La Quinta Inns & Suites

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lakeshorelearning.htm
Title: Lakeshore Learning

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/landsend.htm
Title: Lands' End

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lasikplus.htm
Title: LasikPlus

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/leesa.htm
Title: Leesa Mattresses

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lenovo.htm
Title: Lenovo

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/libertymutual.htm
Title: Liberty Mutual

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lifeinsurance.htm
Title: Life Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/loft.htm
Title: LOFT

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/louandgrey.htm
Title: Lou & Grey

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/lowes.htm
Title: Lowe's

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/madewell.htm
Title: Madewell

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/magazines.htm
Title: Magazines.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/mcafee.htm
Title: McAfee

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/meemic.htm
Title: Meemic Insurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/michaels.htm
Title: Michaels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/microsoft.htm
Title: Microsoft

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/mightyskins.htm
Title: MightySkins

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/monstermovers.htm
Title: Monster Movers

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/motel6.htm
Title: Motel 6

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/musiciansfriend.htm
Title: Musician's Friend

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/musicnotes.htm
Title: Musicnotes.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/vmb.htm
Title: Myrtle Beach Resorts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/newyorkandcompany.htm
Title: New York & Company

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/officedepot.htm
Title: Office Depot / OfficeMax

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/onehanesplace.htm
Title: OneHanesPlace

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/overstock.htm
Title: Overstock

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/partycity.htm
Title: Party City

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/pencils.htm
Title: Pencils.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/peoplesbank.htm
Title: Peoples Bank

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/petco.htm
Title: Petco

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/petsmart.htm
Title: PetSmart

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/petsintheclassroom.htm
Title: Pets in the Classroom

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/pizzahut.htm
Title: Pizza Hut

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/plymouthrock.htm
Title: Plymouth Rock Assurance

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/quiksilver.htm
Title: Quiksilver

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/radisson.htm
Title: Radisson Hotels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/rationale.htm
Title: Rationale

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/residentialhomefunding.htm
Title: Residential Home Funding

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/restaurant.htm
Title: Restaurant.com

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/rhone.htm
Title: Rhone Activewear

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/rothys.htm
Title: Rothy's Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/roxy.htm
Title: Roxy

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/samsung.htm
Title: Samsung

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/saucony.htm
Title: Saucony

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/schooltheatreticketprogram.htm
Title: School Theatre Tix Program

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/silhouette.htm
Title: Silhouette

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/sixflags.htm
Title: Six Flags Theme Parks

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/sixt.htm
Title: Sixt Rent-A-Car

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/southmoonunder.htm
Title: South Moon Under

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/sperry.htm
Title: Sperry Shoes

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/tmobile.htm
Title: Sprint / T-Mobile

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/staysky.htm
Title: StaySky Orlando Hotels

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/stitchfix.htm
Title: Stitch Fix

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/studentloanconsolidation.htm
Title: Student Loan Consolidation

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/studentuniverse.htm
Title: StudentUniverse

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/surveys.htm
Title: Surveys

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/swananddolphinresort.htm
Title: Swan & Dolphin Resort

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/talbots.htm
Title: Talbots

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/teacherstravelweb.htm
Title: Teachers Travel Web

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/techsmith.htm
Title: TechSmith

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/texasinstruments.htm
Title: Texas Instruments

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/thecontainerstore.htm
Title: The Container Store

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/newyorktimes.htm
Title: The New York Times

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/thewallstreetjournal.htm
Title: The Wall Street Journal

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/thewashingtonpost.htm
Title: The Washington Post

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ticktick.htm
Title: TickTick

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/tilghman.htm
Title: Tilghman Resort

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/tommyhilfiger.htm
Title: Tommy Hilfiger

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/tommyjohn.htm
Title: Tommy John

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/turbotax.htm
Title: TurboTax

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/uscellular.htm
Title: U.S. Cellular

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/usatoday.htm
Title: USA Today

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/verizonwireless.htm
Title: Verizon

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/vineyardvines.htm
Title: Vineyard Vines

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/vipkid.htm
Title: VIPKID

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/walmart.htm
Title: Walmart

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/westerndigital.htm
Title: Western Digital

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/westgate.htm
Title: Westgate Resorts

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/whitehouseblackmarket.htm
Title: White House Black Market

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/woodwindandbrasswind.htm
Title: Woodwind & Brasswind

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/ymca.htm
Title: YMCA

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/zappos.htm
Title: Zappos

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/zerovacancy.htm
Title: Zero Vacancy

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/zipcar.htm
Title: Zipcar

Search URL Search Domain Scan URL

URL: https://www.myeducationdiscount.com/privacy.htm
Title: Advertising Disclosure and Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.edustaffbenefits.com/ HTTP 302
https://edustaffbenefits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 30

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2697022737152494000V10%26type%3Drkt%26refUrl%3D%26vid%3D67006730552697022737152494000V10%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=2697022737152494000V10&type=rkt&refUrl=&vid=67006730552697022737152494000V10&ovsid=1871316021721164838

Request Chain 32

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjY5NzAyMjczNzE1MjQ5NDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjY5NzAyMjczNzE1MjQ5NDAwMFYxMA%3D%3D&google_sc=1&google_tc= HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBctMHcyivAW-B1N7P-nKh8&google_cver=1

Request Chain 34

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2697022737152494000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2697022737152494000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=2a3aee1e-3af9-4152-a552-ec7098c19cfa&cs=1

Request Chain 36

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=757003a2-cef1-4059-b38a-6fee78bf19b2

Request Chain 37

https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2697022737152494000V10%26type%3Damb%26refUrl%3D%26vid%3D67006730552697022737152494000V10%26ovsid%3D%23USER_ID%23 HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=2697022737152494000V10&type=amb&refUrl=&vid=67006730552697022737152494000V10&ovsid=4595787571206130927

Request Chain 47

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet HTTP 302
https://contextual.media.net/cksync.php?type=rbcn&ovsid=KRANKWMY-N-2A58

Request Chain 50

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YPV7gQAC4qAUVAAC HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YPV7gQAC4qAUVAAC&_test=YPV7gQAC4qAUVAAC

Request Chain 51

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRANKWMY-N-2A58&sigv=1&esig=2~8d5a533caa8a87cf78a7cad2db2793b99355efd1

Request Chain 52

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JBTktXTVktTi0yQTU4

Request Chain 53

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=343960f5-7b81-4f00-8073-b63436322e2e

Request Chain 54

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTRiMzE0NzAxMTllZTgwZWUyYzYwM2FiNTM3MTVhMzE5MGVlNWZjMg

Request Chain 55

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/-DOVREL4JjwnK7VDmxN0qA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6477644734622314209

65 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
edustaffbenefits.com/
Redirect Chain

http://www.edustaffbenefits.com/
https://edustaffbenefits.com/

33 KB
7 KB

487ms
127ms

Document
text/html

173.236.164.104
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.236.164.104 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-udder.screven.dreamhost.com
Software: Apache /
Resource Hash: ae33c241507c6ae07dc16dabfaeb6300c7ca03f247ee063c0aeaab20752e67c5

Request headers

:method: GET
:authority: edustaffbenefits.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:52 GMT
server: Apache
last-modified: Tue, 13 Apr 2021 18:25:20 GMT
etag: "857d-5bfdec0b125d7-gzip"
accept-ranges: bytes
cache-control: max-age=0, public
expires: Mon, 19 Jul 2021 13:17:52 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6906
content-type: text/html

Redirect headers

Date: Mon, 19 Jul 2021 13:17:51 GMT
Server: Apache
Location: https://edustaffbenefits.com/
Cache-Control: max-age=0
Expires: Mon, 19 Jul 2021 13:17:51 GMT
Content-Length: 213
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 275 KB
92 KB 136ms
63ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

68c5d01e60ed7bb3ae99f784fdfc85b6f439d9983c35fe418f13e809efc83fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h: 8-33
content-encoding: gzip
server: Apache
etag: "a5a04fffe508abfd91f1b9d80e4ec8d1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Mon, 19 Jul 2021 13:17:52 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-18
expires: Mon, 19 Jul 2021 13:22:52 GMT

GET
H/1.1 200
OK ffse-overlay.min.js Show response
inc.freefind.com/inc/ 9 KB
3 KB 722ms
172ms Script
text/javascript 63.249.66.205
CZIO-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inc.freefind.com/inc/ffse-overlay.min.js
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.249.66.205 Boulder Creek, United States, ASN11994 (CZIO-ASN, US),
Reverse DNS: freefind.com
Software: unknown /
Resource Hash: a839fd8c9525049492e5bedbaf3b7dbd63d7b324059c412936366d4e69c76cf1

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:17:52 GMT
content-encoding: gzip
Last-Modified: Tue, 10 Apr 2018 20:55:47 GMT
Server: unknown
Content-Type: text/javascript; charset=utf-8
Cache-control: max-age=300
Content-Length: 3202
Expires: Mon, 19 Jul 2021 13:22:52 GMT

GET
H2 200 My_EducationDiscount.gif
edustaffbenefits.com/images/ 19 KB
19 KB 139ms
133ms Image
image/gif 173.236.164.104
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edustaffbenefits.com/images/My_EducationDiscount.gif
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.236.164.104 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-udder.screven.dreamhost.com
Software: Apache /
Resource Hash: 0a4f6713e204ad529e8d6b1699b0652c11071747293b118c3eeee19dc48e5425

Request headers

:path: /images/My_EducationDiscount.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: edustaffbenefits.com
referer: https://edustaffbenefits.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:52 GMT
last-modified: Tue, 30 Aug 2016 18:56:15 GMT
server: Apache
etag: "4a41-53b4e88f811c0"
vary: User-Agent
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19009
expires: Wed, 18 Aug 2021 13:17:52 GMT

GET
H2 200 amazon_education.jpg
edustaffbenefits.com/images/ 19 KB
19 KB 160ms
155ms Image
image/jpeg 173.236.164.104
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edustaffbenefits.com/images/amazon_education.jpg
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.236.164.104 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-udder.screven.dreamhost.com
Software: Apache /
Resource Hash: 59d7a5d8cb73fa97b431b48162c6b225756579aee785a9fd6dbcef6fa0bd11c0

Request headers

:path: /images/amazon_education.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: edustaffbenefits.com
referer: https://edustaffbenefits.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:52 GMT
last-modified: Sun, 21 Jun 2020 20:38:15 GMT
server: Apache
etag: "4b27-5a89e1b0dce45"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19239
expires: Wed, 18 Aug 2021 13:17:52 GMT

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 64ms
19ms Script
application/javascript 13.224.101.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.101.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-101-72.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: bdf3745583154b2ed00b1603145f9f0f4f8ae6c073f930fe67c6833bb966b692

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: Public
date: Mon, 19 Jul 2021 05:08:22 GMT
content-encoding: gzip
server: Server
age: 29369
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
x-amz-cf-pop: ZRH50-C1
content-length: 7936
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
x-amz-cf-id: 9RhJU0MH-Af6rll0Fagqf_AGhgJi5SQT9QSTd72C8NxwoHMSTv7oLQ==
expires: Tue, 20 Jul 2021 05:08:22 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 87ms
31ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 19 Jul 2021 13:17:52 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 20
date: Mon, 19 Jul 2021 13:17:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 19 Jul 2021 15:17:32 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1061016612&t=pageview&_s=1&dl=https%3A%2F%2Fedustaffbenefits.com%2F&ul=en-us&de=UTF-8&dt=My%20Education%20Discount%20-%20My%20Teacher%20Discount%20-%20Discounts%20for%20Educators%20and%20Staff!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1962064600&gjid=967014884&cid=109951115.1626700672&tid=UA-8780677-1&_gid=733856373.1626700672&_r=1&_slc=1&z=852419805

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-8780677-1&cid=109951115.1626700672&jid=1962064600&gjid=967014884&_gid=733856373.1626700672&_u=IEBAAEAAAAAAAC~&z=245162631

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Jul 2021 13:17:52 GMT
content-type: text/plain
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ 138 KB
27 KB 437ms
201ms Script
text/javascript 52.119.198.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22size%22%3A%22300x600%22%2C%22placement%22%3A%22adunit0%22%2C%22search_bar%22%3A%22true%22%2C%22tracking_id%22%3A%22myeducationdi-20%22%2C%22search_bar_position%22%3A%22top%22%2C%22ad_mode%22%3A%22search%22%2C%22ad_type%22%3A%22smart%22%2C%22marketplace%22%3A%22amazon%22%2C%22region%22%3A%22US%22%2C%22title%22%3A%22Search%20Amazon%20For%20Teacher%20Discounts%22%2C%22linkid%22%3A%222820c00a62b6203e1be4c81c6ee96222%22%2C%22default_search_phrase%22%3A%22Teach%22%2C%22default_category%22%3A%22All%22%2C%22rows%22%3A%221%22%2C%22viewerCountry%22%3A%22CH%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22myeducationdi-20%22%2C%22slotNum%22%3A0%2C%22ead%22%3A4%7D&u=https%3A%2F%2Fedustaffbenefits.com%2F&jscb=amzn_assoc_jsonp_callback_adunit0_0
Requested by: Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.198.1 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 388aa4ea8d4c5a2e69c32dc9e97b65a317b0f96544561c15c27be1634718f969

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:17:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Server
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ 127 KB
26 KB 439ms
198ms Script
text/javascript 52.119.198.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22size%22%3A%22300x300%22%2C%22placement%22%3A%22adunit0%22%2C%22search_bar%22%3A%22true%22%2C%22tracking_id%22%3A%22myeducationdi-20%22%2C%22ad_mode%22%3A%22manual%22%2C%22ad_type%22%3A%22smart%22%2C%22marketplace%22%3A%22amazon%22%2C%22region%22%3A%22US%22%2C%22title%22%3A%22Top%20Amazon%20Picks%20for%20Educators%22%2C%22linkid%22%3A%2236967262e116eaeab27801320f0a33dd%22%2C%22rows%22%3A%221%22%2C%22asins%22%3A%22B01DFKC2SO%2CB00ZV9RDKK%2CB004LLIKVU%2CB008A0GNA8%2CBT00LN946S%22%2C%22viewerCountry%22%3A%22CH%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22myeducationdi-20%22%2C%22slotNum%22%3A1%2C%22ead%22%3A4%7D&u=https%3A%2F%2Fedustaffbenefits.com%2F&jscb=amzn_assoc_jsonp_callback_adunit0_1
Requested by: Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.198.1 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 8cf66df9117d27549ebca2b54134b93ab9298708c6056c0fa082a867adef729e

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:17:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Server
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 88ms
29ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:52 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=33539
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4d88980229d47f9a/ 3 KB
1 KB 54ms
51ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4d88980229d47f9a/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3061571fe495b1ee4e7545643a3ac6f949c36766134f48a3fec77a1cabeb02a8

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:52 GMT
content-encoding: gzip
etag: -2036131162--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=15, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 941

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ 109 KB
34 KB 119ms
51ms Script
text/javascript 2.16.107.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUPUJ3VT
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-72.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: e9026c4a03160cd4ea668bd1b5109ed25162050c6a3f07b3810576729162c088

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:17:52 GMT
Content-Encoding: gzip
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 34334
Expires: Mon, 19 Jul 2021 13:47:52 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 36ms
29ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CUPUJ3VT&crid=548524866&vi=1626700672151699212&ugd=4&lf=6&cc=CH&sc=ZH&wsip=2886781335&r=1626700672508&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1626700672118964107&vgd_rpth=%2Fdmedianet.js&vgd_pbcm=1&vgd_pgid=p1927950618t202107191317&vgd_pgids=1&vgd_uspa=0&hvsid=00001626700672493032874715244724&gdpr=0&vgd_end=1

Requested by

Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Mon, 19 Jul 2021 13:17:52 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 19 Jul 2021 13:17:52 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2AF8 22 KB
8 KB 209ms
208ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&hb=1&cv=37&cs=22&cid=8HB1IT8E4&usp_status=0&usp_consent=1&itype=HB-CM

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b4a009ec1e0bab6596ca0a0db6d0b6ab57263e2b752930b19b8c98be11c7c127

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&hb=1&cv=37&cs=22&cid=8HB1IT8E4&usp_status=0&usp_consent=1&itype=HB-CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edustaffbenefits.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edustaffbenefits.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Thu, 20 Jan 2022 13:17:52 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 21 Jul 2021 13:17:52 GMT
date: Mon, 19 Jul 2021 13:17:52 GMT
content-length: 7991

GET
H2 200 sync Show response
gum.criteo.com/ 62 B
374 B 41ms
13ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&j=window.hbCMBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

949a74d5c9b30adeb638aed4ee5d24f5249c15761f8e82451fe0e9966a978324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 19 Jul 2021 13:17:51 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1876
content-length: 177
expires: 60

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 38ms
37ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 19 Jul 2021 13:17:52 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 hb-cm Show response
prebid.media.net/rtb/ 819 B
671 B 203ms
164ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/hb-cm?cid=8HB1IT8E4
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4bd5074ead31b9c690bfd9ba83b1beafc18ec5e32e786048a98ba31a261bdff1

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:52 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK bfp_ssn.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 0C8D 12 KB
4 KB 21ms
21ms Document
text/html 2.16.107.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUPUJ3VT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-72.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 508a8b73dfefe6e9998cca8a66aef5f7b9b5a8b24b35ae0e6e8a02f37d4a2c93

Request headers

Host: pxlclnmdecom-a.akamaihd.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://edustaffbenefits.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edustaffbenefits.com/

Response headers

Content-Type: text/html; charset=utf-8
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Mon, 19 Jul 2021 13:47:52 GMT
Date: Mon, 19 Jul 2021 13:17:52 GMT
Content-Length: 3752
Connection: keep-alive

POST
H2 200 ptmdP
dt.clnmde.com/ 7 B
329 B 344ms
113ms Ping
text/html 18.210.58.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUPUJ3VT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.58.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-58-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 13:17:52 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

GET
H2 200 cenw.js Show response
dt.clnmde.com/ 36 B
361 B 337ms
111ms XHR
text/html 18.210.58.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/cenw.js?identifier=bafp
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUPUJ3VT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.58.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-58-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: aa4e8f3d6dbdbfd02a45605217ed4ed48caa17c3e48c9719e94f4b26ff22a653

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:52 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"24-yhJXBZJYlVXvoq2GgRZMVw"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36

GET
H2 200 ptmdDual
dt6.clnmde.com/ 70 B
331 B 294ms
95ms Image
image/gif 2600:1f18:42df:3a01:e98f:cdd0:4c16:e538
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22162670067265233270560445%22%2C%22za%22%3A1%2C%22gcd%22%3A1626700672684%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:42df:3a01:e98f:cdd0:4c16:e538 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Jul 2021 13:17:52 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 cenw.js Show response
dt.clnmde.com/ Frame 0C8D 36 B
360 B 309ms
110ms XHR
text/html 18.210.58.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/cenw.js
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.58.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-58-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6671fa8cf241b8e6c9b970b52cf37e423553d54b98f1d1f4e65d44aebec61807

Request headers

Referer: https://pxlclnmdecom-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:52 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"24-hqisMnPuctEEhorZmbnSew"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 79 KB
25 KB 421ms
418ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUPUJ3VT&cpcd=fH60FJQFzgZHNuNx1tMg0A%3D%3D&crid=548524866&size=300x600&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&nse=5&vi=1626700672151699212&lw=1&ugd=4&rtbs=1&nb=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ec30c2263d49853b498b70a5e5e07e2f052b723181b866df7116f43d018a6d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 12-10
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
date: Mon, 19 Jul 2021 13:17:53 GMT
x-mnt-w: 10-4
content-length: 24932
expires: Mon, 19 Jul 2021 13:17:53 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 0499 34 KB
12 KB 244ms
242ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0fb7ccd65fa2b49bef07b5b719088da006aafcaa9d5a566cbc2b8614811cf9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edustaffbenefits.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edustaffbenefits.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Thu, 20 Jan 2022 13:17:52 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2697022737152494000V10; Expires=Tue, 19 Jul 2022 13:17:53 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 21 Jul 2021 13:17:53 GMT
date: Mon, 19 Jul 2021 13:17:53 GMT
content-length: 11693

GET
H2 200 amzn-nsa-sprite-2x.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ 4 KB
5 KB 61ms
14ms Image
image/png 13.224.103.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/amzn-nsa-sprite-2x.png
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-72.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 3d363721e733cd455560f59c74cffdb28148623c7c716a23403bd6b85696b4fa

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 22:30:44 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 09:07:08 GMT
server: Server
age: 2558829
etag: "10ef-5c077e3299c74"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 4335
x-amz-cf-id: 7p7XE5Avljn7XVAXRUSxC4Ld3XaEv-yMkHIMOp19shGETHyfAHecmw==
expires: Sat, 26 Jun 2021 22:30:44 GMT

GET
H/1.1 200
OK ffse-overlay.min.css
inc.freefind.com/inc/ 2 KB
862 B 172ms
172ms Stylesheet
text/css 63.249.66.205
CZIO-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inc.freefind.com/inc/ffse-overlay.min.css
Requested by: Host: inc.freefind.com
URL: https://inc.freefind.com/inc/ffse-overlay.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.249.66.205 Boulder Creek, United States, ASN11994 (CZIO-ASN, US),
Reverse DNS: freefind.com
Software: unknown /
Resource Hash: df74e422956fa90c9bce29777a9b815e170a468b485c19f704e14f38e93a895b

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:17:53 GMT
content-encoding: gzip
Last-Modified: Tue, 10 Apr 2018 20:54:25 GMT
Server: unknown
Content-Type: text/css; charset=utf-8
Cache-control: max-age=300
Content-Length: 591
Expires: Mon, 19 Jul 2021 13:22:53 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 0499 60 B
371 B 13ms
13ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 19 Jul 2021 13:17:52 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1519
content-length: 174
expires: 60

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1AD2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
554 B

67ms
22ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://contextual.media.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://contextual.media.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Jul 2021 13:17:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=medianet
Date: Mon, 19 Jul 2021 13:17:53 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame 8D66
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2697022737152494000V10%26type%3Drkt%26refUrl%3D%26vid%3D670067305526970227371524940...
https://contextual.media.net/cksync.html?cs=8&vsid=2697022737152494000V10&type=rkt&refUrl=&vid=67006730552697022737152494000V10&ovsid=1871316021721164838

220 B
731 B

63ms
61ms

Document
text/html

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=2697022737152494000V10&type=rkt&refUrl=&vid=67006730552697022737152494000V10&ovsid=1871316021721164838

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

421192a006149c26292f6690c2cb34bf0425ab74ae9ae0a47f8d3cd7a8c7c765

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /cksync.html?cs=8&vsid=2697022737152494000V10&type=rkt&refUrl=&vid=67006730552697022737152494000V10&ovsid=1871316021721164838
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://contextual.media.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1; visitor-id=2697022737152432000V10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://contextual.media.net/

Response headers

server: Apache
content-length: 220
content-type: text/html;charset=UTF-8
set-cookie: gdpr_status=1; Expires=Thu, 20 Jan 2022 13:17:53 GMT; domain=.media.net; Path=/; sameSite=none; secure=true data-rk=1871316021721164838~~8;Expires=Wed, 31 Dec 1969 23:59:59 GMT;path=/;domain=.media.net; sameSite=none; secure=true
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E
expires: Mon, 19 Jul 2021 13:17:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT

Redirect headers

Date: Mon, 19 Jul 2021 13:17:53 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjQ3MjQ0M7EwthDiM9SN0M0IDvbxicwIrMyQ4jU0MzIzNzAwMzc2tDAEAF-EHQo0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 13 Aug 2022 13:17:53 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjQ3MjQ0M7EwthDiM9SN0M0IDvbxicwIrMwAACOs8TclAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://contextual.media.net/cksync.html?cs=8&vsid=2697022737152494000V10&type=rkt&refUrl=&vid=67006730552697022737152494000V10&ovsid=1871316021721164838
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2 200 log
c21lg-d.media.net/ Frame 0499 35 B
194 B 184ms
176ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=2697022737152494000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 19 Jul 2021 13:17:53 GMT

GET
H2

200

cksync
cs.media.net/ Frame 0499
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjY5NzAyMjczNzE1MjQ5NDAwMFYxMA%3D%3D&google_sc=1
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjY5NzAyMjczNzE1MjQ5NDAwMFYxMA%3D%3D&google_sc=1&google_tc=
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBctMHcyivAW-B1N7P-nKh8&google_cver=1

46 B
528 B

87ms
80ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBctMHcyivAW-B1N7P-nKh8&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Mon, 19 Jul 2021 13:17:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBctMHcyivAW-B1N7P-nKh8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 0499 43 B
146 B 78ms
22ms Image
image/gif 35.156.223.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.223.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-223-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cksync.php
contextual.media.net/ Frame 0499
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2697022737152494000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2697022737152494000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=2a3aee1e-3af9-4152-a552-ec7098c19cfa&cs=1

46 B
544 B

84ms
83ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=2a3aee1e-3af9-4152-a552-ec7098c19cfa&cs=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 19 Jul 2021 13:17:53 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Mon, 19 Jul 2021 13:17:53 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=2a3aee1e-3af9-4152-a552-ec7098c19cfa&cs=1
Date: Mon, 19 Jul 2021 13:17:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 451 710489.gif
id.rlcdn.com/ Frame 0499 0
66 B 62ms
28ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/710489.gif
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:53 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

cksync
cs.media.net/ Frame 0499
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=757003a2-cef1-4059-b38a-6fee78bf19b2

46 B
533 B

46ms
46ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=757003a2-cef1-4059-b38a-6fee78bf19b2
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB1IT8E4&prvid=77%2C99%2C192%2C193%2C184%2C251%2C175%2C188%2C178%2C222%2C233%2C3008%2C201%2C246%2C4%2C203%2C214%2C236%2C226%2C10000%2C80%2C9%2C97&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=HB-CM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Mon, 19 Jul 2021 13:17:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=757003a2-cef1-4059-b38a-6fee78bf19b2
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H2

200

cksync.php
contextual.media.net/ Frame 0499
Redirect Chain

https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2697022737152494000V10%26type%3Damb%26refUrl%3D%26vid%3D67006730552697022737152494000V10%26ov...
https://contextual.media.net/cksync.php?cs=8&vsid=2697022737152494000V10&type=amb&refUrl=&vid=67006730552697022737152494000V10&ovsid=4595787571206130927

46 B
534 B

65ms
65ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=2697022737152494000V10&type=amb&refUrl=&vid=67006730552697022737152494000V10&ovsid=4595787571206130927

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 19 Jul 2021 13:17:53 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Mon, 19 Jul 2021 13:17:53 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=8&vsid=2697022737152494000V10&type=amb&refUrl=&vid=67006730552697022737152494000V10&ovsid=4595787571206130927
pragma: no-cache
date: Mon, 19 Jul 2021 13:17:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 115ms
115ms Image
image/gif 18.210.58.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=162670067265233270560445_N4IgxmAWDWIFwG0QFYAsAOZAmDA2XIAugDQgAOAlgCYAu8SADEaQE4CmAZgKosA2diEMxABnFmB796ISDRpkRAUgDMAQUVYAYhs1sqAVxE0Ahhw4AjNgDtOFGiIB0YAPYBbHcIBuIgPrUBCFb6vLwkMt5+tNIMMQwAjLhYuADsMSk4AJzKDMpY6MmoyXHYqIU4wmCGNJEBIOgAwlwAClwAUsoAagAqFSye0sAAOigYJej4w3BDIDQAnmRsk8NgLJHDxMOeFGvwwwlJqQzpxQkZGVhxWOvDkBHUSyCx8YkpacmZ2bn5hcU4ZajDAC+gOEVmM9FQWAyqAy6VwqGIcWUqAY+RyGWIyGyqIw2TCYJE8ChpAoxlc9AYYVJhLg6BJ-TgDAcyFIRmMNEMEOIymU3IRyhZylw3OS3LpygxxLiGTCAC9wXA4qQyABzeAgfqkawM8ggUgqyDq-avI7vXDYHlYVLIXAMUrIPUzGkgOKQjLoBgFRLIZDoR3edW4BxM1DZR3GXjwXkgDhgeAAWiVIDYNAo8GNh3SrJoasZrNgcBdL0z7x8yWSyGtkIYWCSjrYFDIRoyyAcOCwbaRDgSqHr+gVSf0abzyc8kcQoDBrjY6vM1CobFW1EdVHZCtAc6oC6XVHVyX922XhYzbwuyFO50uIGBYTIcZHIgZidZvCMRuLp-hTFIvA46dIWyRO+BynicuBnBcWCOpURhAYWDTNG0nQ9Pq94nqayjSiyIAAI4zoqpAcMOWCAkAA
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.58.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-58-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Jul 2021 13:17:53 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1AD2 31 KB
10 KB 23ms
23ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:17:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52976
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Tue, 20 Jul 2021 04:00:49 GMT

GET
H2 200 nrrV10582.js Show response
contextual.media.net/4a/ Frame DE58 90 KB
29 KB 45ms
44ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV10582.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUPUJ3VT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5eeb4719a243d9428276b487842f5e3ad6c9ee50d9f693453ce42cb4da8971c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "106fac81e07001e1825eadbb39fcde11"
vary: Accept-Encoding
x-mnet-h: 12-8
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Mon, 19 Jul 2021 13:17:53 GMT
content-length: 29808
expires: Mon, 02 Aug 2021 13:17:53 GMT

GET
H/1.1 200
OK 1x1.gif
res-a.akamaihd.net/__media__/pics/800028474/ Frame DE58 42 B
350 B 112ms
29ms Image
image/gif 2.16.186.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res-a.akamaihd.net/__media__/pics/800028474/1x1.gif
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:17:53 GMT
Last-Modified: Mon, 04 Jun 2018 10:04:19 GMT
Server: nginx
ETag: "5b150ea3-2a"
Content-Type: image/gif
Cache-Control: public, max-age=817784
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 29 Jul 2021 00:27:37 GMT

GET
DATA 200
OK truncated
/ Frame DE58 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DE58 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bullet3.woff
res-a.akamaihd.net/__media__/fonts/bullet3/ Frame DE58 2 KB
2 KB 121ms
38ms Font
application/font-woff 2.16.186.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet3/bullet3.woff
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f

Request headers

Origin: https://edustaffbenefits.com
Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:17:53 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-698"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1688

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1AD2 284 B
921 B 105ms
31ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1 200
OK Lato-Bold.woff
res-a.akamaihd.net/__media__/fonts/Lato-Bold/ Frame DE58 57 KB
58 KB 102ms
41ms Font
application/font-woff 2.16.186.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/Lato-Bold/Lato-Bold.woff
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7d7789a468cb12a69ea6ed9d4cff64be0b5b2803ef3af8fba4554b462ccb1624

Request headers

Origin: https://edustaffbenefits.com
Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 13:17:53 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-e538"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58680

GET
H2

200

cksync.php
contextual.media.net/ Frame 1AD2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet
https://contextual.media.net/cksync.php?type=rbcn&ovsid=KRANKWMY-N-2A58

46 B
531 B

96ms
96ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=rbcn&ovsid=KRANKWMY-N-2A58

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 19 Jul 2021 13:17:53 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Mon, 19 Jul 2021 13:17:53 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://contextual.media.net/cksync.php?type=rbcn&ovsid=KRANKWMY-N-2A58
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2 200 bql.php Show response
lg3.media.net/ Frame DE58 15 B
216 B 33ms
32ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001626700672493032874715244724&geo=47.37|8.55&dlper=25&lper=100&bdrid=7&fp=FnZYo7G4iSf4wHuiuigYwIB818wjQB9Nznu0yQC3zeA4JVdg9oI5RowFFvkV2srOTDc4Iobv2FHqFTNnKa8aCypTV2LKPcfCv5FJHlbWt9vdP6Tnx9KK1_NWJJDh6_kH&lpid=&tsid=18&q=&prv=&type=&ps=&cme=Uj69AdSMD7uIp_u868Bpx33Ro3oqihPCWFaYGb7BafZeGxVYzUCdN90og_ZKgRbMI7WwnFFxukswFTJt1sM_oj9RxYLQDjCs8OMgHZ-nBJ5rVkuRxgIkCjkbrnO8TBz156tP3QKy3Hihn-B449t0Q5aM0i8F-QDGY9IEo1g8z4g0O2r2dV1xrAPC2nYRO84Url7Y7ihe1d4%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ%3D%3D%7CN7fu2vKt8_s%3D%7CJ2Q8L7Evo4iENg-a37mMPBA7Jcjcu0GI5nMWYWH3ZsY6n8BdmijOFOg03d_zY4_HGBxdjIlI9_I8H3b0Cjm1UfyKXDWjf7ghxle78VZU43h2MKA6jPdoD2nT9xOLLeUqI6Ft9bANz3jepQF7RMuKe9BNeSN5-gUsCgYyJ1bSTZRWgbwkqYxQotc6HYV_cZrYzgwydK5canVRBCHabrGPBf2Tdik_A6QE%7C&hint=&td=&cc=CH&wsip=2887305230&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=0&vgde_kbbh=u9oNu9&vgde_setid=Nu9&&rc=0&ksu=207&vgd_opp_id=159011606999184651626700672513&fdkt=232&kwd[]=Free%20Certificate%20Courses&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=1&kid[]=217710609&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.22%7C%7Clvl%3D1.57&ktd[]=274911854848&kwd[]=Apple%20Discounts%20for%20Teachers&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=2&kid[]=329713238&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.09%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=HP%20Laptop%20Deals&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=3&kid[]=209320643&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.21%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Best%20Laptops%20for%20Sale&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=4&kid[]=48897800&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.06%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=College%20Loans%20for%20Students&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=5&kid[]=6419210&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D1.09%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Best%20Cellphone%20Plans%202021&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=6&kid[]=329918347&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.41%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Online%20Master%27s%20Degrees&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=7&kid[]=21247768&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.95%7C%7Clvl%3D1.47&ktd[]=274911854848&rand=1626700673276&cid=8CUPUJ3VT&vwid=1626700672151699212&vi=1626700672151699212&l3ch=0&slnkp=no&bdrct=0.00&vgd_rt=263&bto=102&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1626700672118964107&vgd_lhl=757&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1626700672493&upk=1626700672.20286&hvsid=00001626700672493032874715244724&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1626698786C8S34U39&vgd_isiolc=1&rtbsd=10&vgd_pgid=p1927950618t202107191317&matm=1626700673287&vgd_ltime=926&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_altbql=get&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2887305230&vgd_nrrsf=nrr&vgd_nrrv=10582&vgd_nrrs=10582&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-548524866%7CDIV&vgd_x_pos=315&vgd_y_pos=470&vgd_ren_page_h=2005&vgd_cty=ZURICH&vgd_l1hcsd=A33%7C4719&vgd_sethcsd=C10%7C4657&vgd_cfud=200615&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_pbcm=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=1&oRurl=http%3A%2F%2Fcdng%2Ffcmain.js%3F%26esi%3D1%26%26fvips%3D0%26vpf%3D000%26chost%3Dcontextual.media.net%26cb%3Dwindow._mNDetails.initAd%26%26gdpr%3D0%26cid%3D8CUPUJ3VT%26cpcd%3DfH60FJQFzgZHNuNx1tMg0A%253D%253D%26crid%3D548524866%26size%3D300x600%26cc%3DCH%26https%3D1%26vif%3D1%26requrl%3Dhttps%253A%252F%252Fedustaffbenefits.com%252F%26nse%3D5%26vi%3D1626700672151699212%26lw%3D1%26ugd%3D4%26rtbs%3D1%26nb%3D1%26blacpfl%3D1%26baeFlag%3D0%26blapd%3D0%26isOffice%3D0&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A600%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A7&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV10582.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Mon, 19 Jul 2021 13:17:53 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Mon, 19 Jul 2021 13:17:53 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame DE58 35 B
329 B 107ms
29ms Image
image/gif 2.16.186.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=altbql&flt=0&&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001626700672493032874715244724&geo=47.37|8.55&dlper=25&lper=100&bdrid=7&fp=FnZYo7G4iSf4wHuiuigYwIB818wjQB9Nznu0yQC3zeA4JVdg9oI5RowFFvkV2srOTDc4Iobv2FHqFTNnKa8aCypTV2LKPcfCv5FJHlbWt9vdP6Tnx9KK1_NWJJDh6_kH&lpid=&tsid=18&q=&prv=&type=&ps=&cme=Uj69AdSMD7uIp_u868Bpx33Ro3oqihPCWFaYGb7BafZeGxVYzUCdN90og_ZKgRbMI7WwnFFxukswFTJt1sM_oj9RxYLQDjCs8OMgHZ-nBJ5rVkuRxgIkCjkbrnO8TBz156tP3QKy3Hihn-B449t0Q5aM0i8F-QDGY9IEo1g8z4g0O2r2dV1xrAPC2nYRO84Url7Y7ihe1d4%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ%3D%3D%7CN7fu2vKt8_s%3D%7CJ2Q8L7Evo4iENg-a37mMPBA7Jcjcu0GI5nMWYWH3ZsY6n8BdmijOFOg03d_zY4_HGBxdjIlI9_I8H3b0Cjm1UfyKXDWjf7ghxle78VZU43h2MKA6jPdoD2nT9xOLLeUqI6Ft9bANz3jepQF7RMuKe9BNeSN5-gUsCgYyJ1bSTZRWgbwkqYxQotc6HYV_cZrYzgwydK5canVRBCHabrGPBf2Tdik_A6QE%7C&hint=&td=&cc=CH&wsip=2887305230&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=0&vgde_kbbh=u9oNu9&vgde_setid=Nu9&&rc=0&ksu=207&vgd_opp_id=159011606999184651626700672513&fdkt=232&kwd[]=Free%20Certificate%20Courses&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=1&kid[]=217710609&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.22%7C%7Clvl%3D1.57&ktd[]=274911854848&kwd[]=Apple%20Discounts%20for%20Teachers&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=2&kid[]=329713238&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.09%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=HP%20Laptop%20Deals&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=3&kid[]=209320643&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.21%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Best%20Laptops%20for%20Sale&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=4&kid[]=48897800&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.06%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=College%20Loans%20for%20Students&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=5&kid[]=6419210&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D1.09%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Best%20Cellphone%20Plans%202021&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=6&kid[]=329918347&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.41%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Online%20Master%27s%20Degrees&kwt[]=232&kbc[]=32f4f128beafb67307844bf354ab5bac.d2s&kwp[]=7&kid[]=21247768&kbc2[]=0%7C%7Cps%3D0.990%7C%7Crpc%3D0.95%7C%7Clvl%3D1.47&ktd[]=274911854848&rand=1626700673276&cid=8CUPUJ3VT&vwid=1626700672151699212&vi=1626700672151699212&l3ch=0&slnkp=no&bdrct=0.00&vgd_rt=263&bto=102&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1626700672118964107&vgd_lhl=757&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1626700672493&upk=1626700672.20286&hvsid=00001626700672493032874715244724&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1626698786C8S34U39&vgd_isiolc=1&rtbsd=10&vgd_pgid=p1927950618t202107191317&matm=1626700673287&vgd_ltime=926&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_altbql=get&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2887305230&vgd_nrrsf=nrr&vgd_nrrv=10582&vgd_nrrs=10582&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-548524866%7CDIV&vgd_x_pos=315&vgd_y_pos=470&vgd_ren_page_h=2005&vgd_cty=ZURICH&vgd_l1hcsd=A33%7C4719&vgd_sethcsd=C10%7C4657&vgd_cfud=200615&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_pbcm=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=1&r=1626700673411
Requested by: Host: edustaffbenefits.com
URL: https://edustaffbenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-66.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 13:17:53 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 19 Jul 2021 13:17:53 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1AD2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YPV7gQAC4qAUVAAC
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YPV7gQAC4qAUVAAC&_test=YPV7gQAC4qAUVAAC

42 B
678 B

21ms
21ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YPV7gQAC4qAUVAAC&_test=YPV7gQAC4qAUVAAC
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626700674.625464,VS0,VE0
x-served-by: cache-fra19142-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YPV7gQAC4qAUVAAC&_test=YPV7gQAC4qAUVAAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 1AD2
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRANKWMY-N-2A58&sigv=1&esig=2~8d5a533caa8a87cf78a7cad2db2793b99355efd1

0
446 B

21ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRANKWMY-N-2A58&sigv=1&esig=2~8d5a533caa8a87cf78a7cad2db2793b99355efd1

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:53 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRANKWMY-N-2A58&sigv=1&esig=2~8d5a533caa8a87cf78a7cad2db2793b99355efd1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1AD2
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JBTktXTVktTi0yQTU4

170 B
188 B

29ms
29ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JBTktXTVktTi0yQTU4

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JBTktXTVktTi0yQTU4
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1AD2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=343960f5-7b81-4f00-8073-b63436322e2e

42 B
678 B

26ms
25ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=343960f5-7b81-4f00-8073-b63436322e2e
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Date: Mon, 19 Jul 2021 13:20:42 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=343960f5-7b81-4f00-8073-b63436322e2e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 19 Jul 2021 13:20:41 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1AD2
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTRiMzE0NzAxMTllZTgwZWUyYzYwM2FiNTM3MTVhMzE5MGVlNWZjMg

170 B
188 B

31ms
31ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTRiMzE0NzAxMTllZTgwZWUyYzYwM2FiNTM3MTVhMzE5MGVlNWZjMg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTRiMzE0NzAxMTllZTgwZWUyYzYwM2FiNTM3MTVhMzE5MGVlNWZjMg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1AD2
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/-DOVREL4JjwnK7VDmxN0qA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6477644734622314209

42 B
678 B

21ms
21ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6477644734622314209
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Mon, 19 Jul 2021 13:17:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6477644734622314209
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 1AD2 0
42 B 29ms
28ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:17:53 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1AD2 70 B
264 B 41ms
40ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 13:17:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
261 B 175ms
174ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fedustaffbenefits.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://edustaffbenefits.com/
last-modified: Mon, 19 Jul 2021 13:00:00 GMT
server: nginx/1.15.8
date: Mon, 19 Jul 2021 13:17:53 GMT
content-type: application/json
access-control-allow-origin: https://edustaffbenefits.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
285 B 186ms
185ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fedustaffbenefits.com%2F&callback=_ate.cbs.rcb_2pam0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e00dc262b5685687993dbe69cb9338bc0e1f7e02a85d47cdb2be2f2c53a3b588

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: edustaffbenefits.com/
last-modified: Mon, 19 Jul 2021 13:17:53 GMT
server: nginx/1.15.8
date: Mon, 19 Jul 2021 13:17:53 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
285 B 205ms
204ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fedustaffbenefits.com%2F&callback=_ate.cbs.rcb_49n50

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7f9fb283ebd744fbd7fc336ccbfb4d518bc707181822618336d75f7642c4d3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: edustaffbenefits.com/
last-modified: Mon, 19 Jul 2021 13:17:53 GMT
server: nginx/1.15.8
date: Mon, 19 Jul 2021 13:17:53 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 32ms
32ms Image
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO8Z5EB3&cme=Uj69AdSMD7uIp_u868Bpx33Ro3oqihPCWFaYGb7BafZeGxVYzUCdN90og_ZKgRbMI7WwnFFxukswFTJt1sM_oj9RxYLQDjCs8OMgHZ-nBJ5rVkuRxgIkCjkbrnO8TBz156tP3QKy3Hihn-B449t0Q5aM0i8F-QDGY9IEo1g8z4g0O2r2dV1xrAPC2nYRO84Url7Y7ihe1d4=||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|YdjFvixrVaFGTYwb1iS4VC2U6-GTEKUunTXDyEXc7dpB8LLJ43mFRQ==|N7fu2vKt8_s=|J2Q8L7Evo4iENg-a37mMPBA7Jcjcu0GI5nMWYWH3ZsY6n8BdmijOFOg03d_zY4_HGBxdjIlI9_I8H3b0Cjm1UfyKXDWjf7ghxle78VZU43h2MKA6jPdoD2nT9xOLLeUqI6Ft9bANz3jepQF7RMuKe9BNeSN5-gUsCgYyJ1bSTZRWgbwkqYxQotc6HYV_cZrYzgwydK5canVRBCHabrGPBf2Tdik_A6QE|&vgd_pbcm=1&gdpr=0&prid=8PRHGG6T9&cid=8CUPUJ3VT&crid=548524866&requrl=https%3A%2F%2Fedustaffbenefits.com%2F&vi=1626700672151699212&ugd=4&cc=CH&sc=ZH&bdrid=7&startTime=1626700672483&l2type=setting&vgd_l1rakh=1626700672118964107&l1ch=1&sttm=1626700672493&upk=1626700672.20286&hvsid=00001626700672493032874715244724&verid=3121199&vgd_sc=ZH&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&vgd_hbReqId=T1626698786C8S34U39&l1hcsd=l1!A33|4719&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&cl=%7B%7D&rtbsd=10&l2ch=0&l2wsip=2887305230&sethcsd=set!C10%7C4657&vgd_pgid=p1927950618t202107191317&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Mon, 19 Jul 2021 13:17:54 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Mon, 19 Jul 2021 13:17:54 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 116ms
115ms Image
image/gif 18.210.58.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=162670067265233270560445_N4Ig1ghiBcIEYE4DMBGAHAgLABgLQFMMlcUV85cIA2CBXAEwFYAmQgdgDNGU3OQAacHBgpBAYwBuMEMAA6IAM74FCgJYB7AHYB9BQBd1AJwgBzfPOjzEqDDgJESZCtVoMW7Lj07z+8sevUwVXxtegg9CAsrZHQsPEJkR3JKGjomVjRObl4OeQBfARATPQ4YAG1sfkrRSuwAXUFihXLaqv4ahsU9ZugKtsq2Ks78MT0AW2kqbGZC-AAPaWxChX9pFCpmKjZsbC3mbV5GbcZMZmnN5f9S6FFFfz01ja2dvYO2I+wTs+ZN7TQ4M6ZOAoaZiBD4JD4RgcDj4egoMQoTBsNBw-4oy7qEoiQQrLH0R6bba7Nj7Q7HU7nKjaZhoEEIBDYKEQNBiNhiHBINBIYH4GiYFBwTCMbBiGa4+70a63fCQaTWZgICBweIOUjJCAgqgkJD0DAYTZoWGzMDCG7iCQ9GTyJQqDQ6fRGUzmGDRJCK5WqxLq5xanV6hAGqhGl2+ED+QLBULhSKu+DID0q+zepyUP0oXX6hCG2H5WYQAA25WGEAADuUQCgEIwAHTMU51jM19aYECdMYAT3KZVEqEY-CoKH7yOq2G2dU6AHcAI7FwSdwxz8NjMRmkAnNAsTBoKhUQpiQxjcu9StPYl7IfrBnMFD7MYQVQ6FBtwSFh69eq49Q4kCqKTQZhcQiPQAFcejKBB+GYJB2jQfgYKrToAC8oHNEBSxMaQpEEfBNH-dDChMAALQlnhJTYWCQd1jimTBhUKbo1lOQMx0wDZGEYNBCktSYa2wGtMCQJZXyLaAYJADgxBgEgcL0VQRDPF5SSAzDoEqRQwFI89STeD4vipWZVGPStqzrBsbyQZsqFbHCQNQ24QPktScIkUSylATQIDGfB5VUeh6HwQxtD8wowgiGBQDgPyAqCkLYDYbjVGCglYHWIklJvbgqGvW8QDyPJOlLKTnMUf8ZMUAt9C0jLrOEkAC2lQQJCSuLT3S8jL2y7NcvEMC9GS6Q0AAYQAVQABRGgApJAADUABVCOKtKyK2Njq0EacfLQjgnKQPIgA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.58.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-58-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Jul 2021 13:17:54 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 1969ms
1968ms Image
image/gif 18.210.58.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=162670067265233270560445_N4IgHgZiBcIAwDYIEYDGAmAnAEwEbowHYBWADnQFNcBmXUuAFhXWIWvULhABpwIAXGCFLUKCCpky4IDOLkIME6ahFTViyFdjipimOOmw8QASwBuMBrwDO-AIb8ArtZgBtanG7JMAXV4AvOxhkXgAHAHMhC14KADsLWFDjcIALIWQlBE5EQnQEYmV2TlZGBmJjfhdYZAYsegUlYjJjMyqQBAA6OA6GD2M7ABsYal5VGABaEJAKfhNgzOys9Bt+SOhPEGsAa3SFuBz0AH1CEmLagzzjChMk6sxiDvRax80OjIYrxyDoKcc59ZiZiG0FcoFidgAthQhLgTNhsBQAE6HOHGbAOb6gWHwpEooywQgtEx43Z5Ra5ZAaBCSdDIdAgAC+DL8IFCqBgG2sCUmNgGtlJWX2SwQsmMAygP14ZmJqOqewOlIyNLpxlQzn4JNgpAAwgBVAAKuoAUtQAGoAFWS7J+8qyWSavAAjtDJSAIP8GAygA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.58.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-58-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Jul 2021 13:17:58 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 114ms
114ms Image
image/gif 18.210.58.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=162670067265233270560445_N4IgZghiBcDaDMB2AbADgAzIJzwEyoBoBGdQ9A8yi6q5AFhsfQF0DwIBnGZNgC15iwiBXAFZW4MDHIgArrJhFR6YeABuMECDYAXAA5Q4sIRWZm2ASw3RCIDjog7ZXOGIJ1cxLBIBeh1XoA5poabACmAHbWIHraIIEC0CBEyLjIiOiYiGmiuPB4GaLI6HR0onE6LskeWBiIdKmioqhxalXIAHToHXTw6HEQADYw8GxgAMYwALSqYToWiqnpmemedjrB0DIcANaaKWkZWbgA+oiIooUe6LhpcWEWsUlEWKIduB7vRPAdKXT3sn8bFkCy24TUwzgoAiEAAtmFNAAjCwAExRYQATidUXEUY5DKBkWjMdiUZpEK0LKT9ksjqslCksFhcERcCAAL7siR6SZguzWGZsDiDew0w4rbL0fpsQZSaCqNRUnHPWkSlmiRnM1lxcbOHTUpKoADCAFUAAomgBS8AAagAVOKBXkHZaYDDYURsACOCPlY1B6HZQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.58.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-58-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Jul 2021 13:18:00 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

POST
H2 200 ptmdP
dt.clnmde.com/ 7 B
328 B 114ms
114ms Ping
text/html 18.210.58.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUPUJ3VT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.58.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-58-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://edustaffbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 13:18:02 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eus.rubiconproject.com/	1970-01-19 22:01:16	Name: pux Value: 1512%3D101222%262307%3D101222%262974%3D101222%263778%3D101222%26brx%3D101222%26goog%3D101222%262249-DV360-Hosted%3D101222%26idl%3D101222%26
.media.net/	1970-01-20 04:37:16	Name: visitor-id Value: 2697022737152432000V10
.pxlclnmdecom-a.akamaihd.net/	1970-01-23 06:41:45	Name: bafp_t Value: b9329ab0-e893-11eb-a106-13d8989268fe
.media.net/	1970-01-20 00:18:04	Name: gdpr_status Value: 1
.rubiconproject.com/	1970-01-20 04:37:16	Name: audit Value: 1\|Hz+xbASz6l3twpNM3wyoyJ8JzcPy+kwET2MKhRv5jHnqEs4nBYeUVHqx1LIqCdb5/oNO+FwSHiwiZ07GJqnMno4BjqNRGrmz
.rubiconproject.com/	1970-01-20 04:37:16	Name: khaos Value: KRANKWMY-N-2A58
.edustaffbenefits.com/	1970-01-23 06:41:45	Name: bafp Value: b9318940-e893-11eb-a6a9-d52e87f5177f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-us-east.amazon-adsystem.com
ad.turn.com
ads.yahoo.com
api-public.addthis.com
c21lg-d.media.net
cm.g.doubleclick.net
contextual.media.net
cs.media.net
dt.clnmde.com
dt6.clnmde.com
edustaffbenefits.com
eus.rubiconproject.com
gum.criteo.com
id.rlcdn.com
inc.freefind.com
lg3.media.net
match.adsrvr.org
p.rfihub.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.media.net
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
res-a.akamaihd.net
rtb.mfadsrvr.com
s7.addthis.com
secure-assets.rubiconproject.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
token.rubiconproject.com
v1.addthisedge.com
wms-na.amazon-adsystem.com
www.edustaffbenefits.com
www.google-analytics.com
x.bidswitch.net
z-na.amazon-adsystem.com
z.moatads.com
104.109.78.125
104.75.88.126
13.224.101.72
13.224.103.72
13.248.242.197
151.101.14.49
172.217.18.98
173.236.164.104
18.185.197.81
18.210.58.72
185.29.135.233
193.0.160.129
2.16.107.72
2.16.186.43
2.16.186.66
2.18.235.40
2.18.235.93
2.19.35.65
2001:678:cb4:bbbb::11
2600:1f18:42df:3a01:e98f:cdd0:4c16:e538
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:828::200e
2a00:1450:400c:c04::9a
2a02:2638:1::13
34.107.148.139
35.156.223.207
35.244.174.68
52.119.198.1
63.249.66.205
69.173.144.138
69.173.144.165
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a4f6713e204ad529e8d6b1699b0652c11071747293b118c3eeee19dc48e5425
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f
0fb7ccd65fa2b49bef07b5b719088da006aafcaa9d5a566cbc2b8614811cf9b6
3061571fe495b1ee4e7545643a3ac6f949c36766134f48a3fec77a1cabeb02a8
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
388aa4ea8d4c5a2e69c32dc9e97b65a317b0f96544561c15c27be1634718f969
3d363721e733cd455560f59c74cffdb28148623c7c716a23403bd6b85696b4fa
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421192a006149c26292f6690c2cb34bf0425ab74ae9ae0a47f8d3cd7a8c7c765
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4bd5074ead31b9c690bfd9ba83b1beafc18ec5e32e786048a98ba31a261bdff1
508a8b73dfefe6e9998cca8a66aef5f7b9b5a8b24b35ae0e6e8a02f37d4a2c93
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
59d7a5d8cb73fa97b431b48162c6b225756579aee785a9fd6dbcef6fa0bd11c0
5eeb4719a243d9428276b487842f5e3ad6c9ee50d9f693453ce42cb4da8971c7
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6671fa8cf241b8e6c9b970b52cf37e423553d54b98f1d1f4e65d44aebec61807
68c5d01e60ed7bb3ae99f784fdfc85b6f439d9983c35fe418f13e809efc83fdc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7d7789a468cb12a69ea6ed9d4cff64be0b5b2803ef3af8fba4554b462ccb1624
7f9fb283ebd744fbd7fc336ccbfb4d518bc707181822618336d75f7642c4d3a8
8cf66df9117d27549ebca2b54134b93ab9298708c6056c0fa082a867adef729e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
949a74d5c9b30adeb638aed4ee5d24f5249c15761f8e82451fe0e9966a978324
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
a839fd8c9525049492e5bedbaf3b7dbd63d7b324059c412936366d4e69c76cf1
aa4e8f3d6dbdbfd02a45605217ed4ed48caa17c3e48c9719e94f4b26ff22a653
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae33c241507c6ae07dc16dabfaeb6300c7ca03f247ee063c0aeaab20752e67c5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b4a009ec1e0bab6596ca0a0db6d0b6ab57263e2b752930b19b8c98be11c7c127
bdf3745583154b2ed00b1603145f9f0f4f8ae6c073f930fe67c6833bb966b692
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
df74e422956fa90c9bce29777a9b815e170a468b485c19f704e14f38e93a895b
e00dc262b5685687993dbe69cb9338bc0e1f7e02a85d47cdb2be2f2c53a3b588
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9026c4a03160cd4ea668bd1b5109ed25162050c6a3f07b3810576729162c088
ec30c2263d49853b498b70a5e5e07e2f052b723181b866df7116f43d018a6d7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

edustaffbenefits.com Open in urlscan Pro 173.236.164.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

22 %IPv6

22 Domains

38 Subdomains

26 IPs

6 Countries

615 kBTransfer

1764 kBSize

7 Cookies

211 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

edustaffbenefits.com Open in urlscan Pro
173.236.164.104 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

22 %
IPv6

22
Domains

38
Subdomains

26
IPs

6
Countries

615 kB
Transfer

1764 kB
Size

7
Cookies

65 HTTP transactions
3 data transactions