savingsandbenefitsdaily.com Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://savingsandbenefitsdaily.com/
Submission: On May 24 via automatic, source certstream-suspicious (May 24th 2023, 4:08:31 am UTC) — Scanned from DE

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 45 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is savingsandbenefitsdaily.com.
TLS certificate: Issued by R3 on May 24th 2023. Valid for: 3 months.

This is the only time savingsandbenefitsdaily.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:8600:11:8138:9040:93a1	16509 (AMAZON-02) (AMAZON-02)
4	107.20.166.130 107.20.166.130	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.112.97 18.66.112.97	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	35.193.123.107 35.193.123.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.112.28 18.66.112.28	16509 (AMAZON-02) (AMAZON-02)
1	99.83.173.21 99.83.173.21	16509 (AMAZON-02) (AMAZON-02)
4	184.86.103.20 184.86.103.20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	75.2.80.99 75.2.80.99	16509 (AMAZON-02) (AMAZON-02)
45	14

19 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

savingsandbenefitsdaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:30 (United States)

ASN13335 (CLOUDFLARENET, US)

load.capigt.hmnavigators.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.stape.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8600:11:8138:9040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dist.routingapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.20.166.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-166-130.compute-1.amazonaws.com

api.routingapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-97.fra56.r.cloudfront.net

opencdn.fpjs.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.193.123.107 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.123.193.35.bc.googleusercontent.com

capigt.hmnavigators.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-28.fra56.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.173.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a64bed9ff5004f5b3.awsglobalaccelerator.com

use1.fptls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.86.103.20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-20.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.80.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: a99634ef21f205589.awsglobalaccelerator.com

fides.hmnavigators.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	savingsandbenefitsdaily.com savingsandbenefitsdaily.com	122 KB
6	hmnavigators.com load.capigt.hmnavigators.com capigt.hmnavigators.com fides.hmnavigators.com	168 KB
5	routingapi.com dist.routingapi.com — Cisco Umbrella Rank: 356836 api.routingapi.com — Cisco Umbrella Rank: 249269	16 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 715	102 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6080	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	3 KB
1	fptls.com use1.fptls.com — Cisco Umbrella Rank: 10334	335 B
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 10445	44 KB
1	stape.io cdn.stape.io — Cisco Umbrella Rank: 76577	6 KB
1	fpjs.sh opencdn.fpjs.sh — Cisco Umbrella Rank: 484040	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 885	46 KB
45	12

	Domain	Requested by
19	savingsandbenefitsdaily.com	savingsandbenefitsdaily.com
4	analytics.tiktok.com	savingsandbenefitsdaily.com analytics.tiktok.com
4	api.routingapi.com	dist.routingapi.com
3	capigt.hmnavigators.com	cdn.stape.io load.capigt.hmnavigators.com
2	www.google.de	savingsandbenefitsdaily.com
2	www.google.com	savingsandbenefitsdaily.com
2	googleads.g.doubleclick.net	load.capigt.hmnavigators.com
2	load.capigt.hmnavigators.com	savingsandbenefitsdaily.com load.capigt.hmnavigators.com
1	fides.hmnavigators.com	fpnpmcdn.net
1	use1.fptls.com	fpnpmcdn.net
1	fpnpmcdn.net	opencdn.fpjs.sh
1	cdn.stape.io	load.capigt.hmnavigators.com
1	opencdn.fpjs.sh	load.capigt.hmnavigators.com
1	www.googleoptimize.com	load.capigt.hmnavigators.com
1	dist.routingapi.com	savingsandbenefitsdaily.com
45	15

This site contains links to these domains. Also see Links.

Domain
www.g2llc.com

Subject Issuer	Validity	Valid
savingsandbenefitsdaily.com R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
load.capigt.hmnavigators.com GTS CA 1P5	`2023-03-28` - `2023-06-26`	3 months	crt.sh
dist.routingapi.com Amazon RSA 2048 M02	`2023-01-24` - `2024-02-21`	a year	crt.sh
api.routingapi.com Amazon RSA 2048 M02	`2023-02-13` - `2024-03-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.fpjs.sh Amazon RSA 2048 M01	`2023-02-23` - `2024-01-06`	10 months	crt.sh
stape.io Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
capigt.hmnavigators.com R3	`2023-04-01` - `2023-06-30`	3 months	crt.sh
fpcdn.io Amazon RSA 2048 M01	`2022-11-09` - `2023-12-08`	a year	crt.sh
use1.fptls.com R3	`2023-04-27` - `2023-07-26`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
fides.numberonehealth.com Amazon RSA 2048 M02	`2022-12-30` - `2024-01-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://savingsandbenefitsdaily.com/
Frame ID: A2F948A77D0368B66EC3E765621B18F4
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Healthcare Marketplace Navigators

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Page Statistics

45
Requests

100 %
HTTPS

43 %
IPv6

12
Domains

15
Subdomains

14
IPs

2
Countries

512 kB
Transfer

1486 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.g2llc.com/approved-health-insurance-provider/?pdb=1770
Title: Health Insurance Provider:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
savingsandbenefitsdaily.com/ 6 KB
3 KB 211ms
146ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3b8afb500ae6e23473f3a50258d81483a1740841423f17f56d745ea8824c59b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html
date: Wed, 24 May 2023 04:08:26 GMT
etag: W/"1hvvaqg"
link: <./_app/immutable/assets/_layout-4efe454e.css>; rel="preload";as="style"; nopush, <./_app/immutable/assets/Footer-4d3863ca.css>; rel="preload";as="style"; nopush, <./_app/immutable/start-716c3c08.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/singletons-8ad57757.js>; rel="modulepreload"; nopush, <./_app/immutable/components/pages/_layout.svelte-86e164ef.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/site.config-29e48b22.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/RetreaverScript-9dbfe6d4.js>; rel="modulepreload"; nopush, <./_app/immutable/components/pages/_page.svelte-55259ead.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/PhoneNumberButton-b7fb81bb.js>; rel="modulepreload"; nopush
server: Vercel
strict-transport-security: max-age=63072000
x-sveltekit-page: true
x-vercel-cache: MISS
x-vercel-id: fra1::iad1::9qp4f-1684901306354-b2a3c14a179f

GET
H2 200 _layout-4efe454e.css
savingsandbenefitsdaily.com/_app/immutable/assets/ 45 KB
8 KB 27ms
27ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/assets/_layout-4efe454e.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4efe454e8f23ed0c78398ea65ad5252b566d70c380b50c04074fc6d8f7e114ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::s8xvp-1684901306503-793de06eadf1
age: 621579
etag: W/"3ab35075bd36b9fc309e9317016c9f0f"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="_layout-4efe454e.css"

GET
H2 200 Footer-4d3863ca.css
savingsandbenefitsdaily.com/_app/immutable/assets/ 497 B
637 B 149ms
149ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/assets/Footer-4d3863ca.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4d3863cae9aae947ae90a0d9e19b91144db36f5fb23e38262943163be2d0fdda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::g2lnk-1684901306600-0f1acbaabdc0
age: 621580
etag: "d08f6286255e38cf9c821e1ab8720a75"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="Footer-4d3863ca.css"
accept-ranges: bytes
content-length: 497

GET
H2 200 start-716c3c08.js Show response
savingsandbenefitsdaily.com/_app/immutable/ 51 KB
12 KB 29ms
27ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/start-716c3c08.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0964033b6e115791c5cd81cc9f927599c520b5459db1803653efb0cd80a015d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::4vp5b-1684901306519-870aa85fd25d
age: 621579
etag: W/"c51784dfd6a326d4708dc09677724797"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="start-716c3c08.js"

GET
H2 200 singletons-8ad57757.js Show response
savingsandbenefitsdaily.com/_app/immutable/chunks/ 13 KB
6 KB 29ms
27ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/chunks/singletons-8ad57757.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5b0d5cc89521055c37dc4ecabf5e3fe8b1fdce7ea0b5d5cf16e5d17008d0cbc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::gj7fb-1684901306520-48fda2c70d0d
age: 621579
etag: W/"60e459aae3ae3f9beab03c238d0de4d3"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="singletons-8ad57757.js"

GET
H2 200 _layout.svelte-86e164ef.js Show response
savingsandbenefitsdaily.com/_app/immutable/components/pages/ 7 KB
3 KB 54ms
51ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/components/pages/_layout.svelte-86e164ef.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a19ae5303c89bc02c364975b2007f71242b68e9ae60f45a21384ff93e814fbd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::jgm79-1684901306521-12e45a3f1083
age: 621579
etag: W/"a918cf8921638dc71bdb93e0e3ec1b4f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="_layout.svelte-86e164ef.js"

GET
H2 200 site.config-29e48b22.js Show response
savingsandbenefitsdaily.com/_app/immutable/chunks/ 153 KB
46 KB 31ms
29ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/chunks/site.config-29e48b22.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ac3679d64649e753d74a90e753a58d438abcb750fa7a27a8476cc56aa1cbcf0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::znn74-1684901306520-a847622d9675
age: 621579
etag: W/"dfbd1f3647d9a16c992181a6b57c65ad"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="site.config-29e48b22.js"

GET
H2 200 RetreaverScript-9dbfe6d4.js Show response
savingsandbenefitsdaily.com/_app/immutable/chunks/ 2 KB
1002 B 68ms
66ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/chunks/RetreaverScript-9dbfe6d4.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

99d35d317a4e3140fb451085f30d12f118ca88bfda6f292afaf92b11cd5eb663

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::g44tf-1684901306520-dba06edbfdd1
age: 621579
etag: W/"f58d86f9ab4ce5174804fcfd57000ea6"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="RetreaverScript-9dbfe6d4.js"

GET
H2 200 _page.svelte-55259ead.js Show response
savingsandbenefitsdaily.com/_app/immutable/components/pages/ 8 KB
4 KB 48ms
47ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/components/pages/_page.svelte-55259ead.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f0fe790dcae807135cc6c05d132162fac490db9db4d4a9e3a4ea2da719826bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7j24w-1684901306520-83b33d90a299
age: 621579
etag: W/"23d9dcce36aa1b9150dbb6ec3c6b0e26"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="_page.svelte-55259ead.js"

GET
H2 200 PhoneNumberButton-b7fb81bb.js Show response
savingsandbenefitsdaily.com/_app/immutable/chunks/ 4 KB
2 KB 27ms
26ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/chunks/PhoneNumberButton-b7fb81bb.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3fb7bc2fc273169fe1ff02f63882ffc6fd4eae18c83cbb8a408625d99385450b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::rrz72-1684901306520-1bb745fa1f31
age: 621579
etag: W/"5d7e8fe312d67be20e15f7cf82639bf8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="PhoneNumberButton-b7fb81bb.js"

GET
H2 200 rrxdeutp.js Show response
load.capigt.hmnavigators.com/ 259 KB
86 KB 294ms
209ms Script
application/javascript 2606:4700::6812:30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://load.capigt.hmnavigators.com/rrxdeutp.js?id=GTM-NBCG9WP

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ee3a9114279867ff303f39b1e599e898dcca57538f027c26337dcfdf81790d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 May 2023 03:00:00 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cf-ray: 7cc2ad6e4ed69a0c-FRA
access-control-allow-headers: Cache-Control
x-robots-tag: noindex
expires: Wed, 24 May 2023 04:08:26 GMT

GET
H2 200 retreaver.min.js Show response
dist.routingapi.com/jsapi/v1/ 23 KB
8 KB 127ms
22ms Script
application/javascript 2600:9000:2057:8600:11:8138:9040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.routingapi.com/jsapi/v1/retreaver.min.js
Requested by: Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:11:8138:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 839f63d033dfd21de09c4988883163007373934a9f96cc159e42b35d6e5837de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 01:31:23 GMT
content-encoding: gzip
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 23:57:50 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 9423
etag: W/"646d52fe-5a59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: yn4mjYaxpU8QkVIxxzcaIK_S76Q9hCLo1QXjh8FkqVsEGt1YjoZxvA==

POST
H2 200 numbers Show response
api.routingapi.com/api/v1/ 4 KB
4 KB 221ms
221ms XHR
application/json 107.20.166.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.routingapi.com/api/v1/numbers?&campaign_key=7457b1f38aaeb23cdf66a097b4af26cd

Requested by

Host: dist.routingapi.com
URL: https://dist.routingapi.com/jsapi/v1/retreaver.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.20.166.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-20-166-130.compute-1.amazonaws.com

Software

nginx/1.18.0 + Phusion Passenger(R) 6.0.17 / Phusion Passenger(R) Enterprise 6.0.17

Resource Hash

df116a6098cf739faf4a80d252595f290f3c8d0e1d8cf0927b916fb8d087c8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Referer: https://savingsandbenefitsdaily.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 May 2023 04:08:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) Enterprise 6.0.17
status: 200 OK
x-xss-protection: 0
x-request-id: 283a3678-f09e-48ff-880f-85866016422c
x-runtime: 0.106572
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17
etag: W/"df116a6098cf739faf4a80d252595f29"
x-download-options: noopen
vary: Origin
access-control-max-age: 1728000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://savingsandbenefitsdaily.com
access-control-allow-methods: GET, POST, OPTIONS
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: ALLOWALL

OPTIONS
H2 200 numbers
api.routingapi.com/api/v1/ 0
0 369ms
115ms Preflight
text/plain 107.20.166.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.routingapi.com/api/v1/numbers?&campaign_key=7457b1f38aaeb23cdf66a097b4af26cd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.20.166.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-20-166-130.compute-1.amazonaws.com

Software

nginx/1.18.0 + Phusion Passenger(R) 6.0.17 / Phusion Passenger(R) Enterprise 6.0.17

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://savingsandbenefitsdaily.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://savingsandbenefitsdaily.com
access-control-max-age: 1728000
cache-control: no-cache
content-type: text/plain
date: Wed, 24 May 2023 04:08:26 GMT
server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17
status: 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Phusion Passenger(R) Enterprise 6.0.17
x-request-id: ac036767-5aa4-4551-ab0d-925ae792a792
x-runtime: 0.000871

OPTIONS
H2 200 numbers
api.routingapi.com/api/v1/ 0
0 366ms
114ms Preflight
text/plain 107.20.166.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.routingapi.com/api/v1/numbers?&campaign_key=7457b1f38aaeb23cdf66a097b4af26cd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.20.166.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-20-166-130.compute-1.amazonaws.com

Software

nginx/1.18.0 + Phusion Passenger(R) 6.0.17 / Phusion Passenger(R) Enterprise 6.0.17

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://savingsandbenefitsdaily.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://savingsandbenefitsdaily.com
access-control-max-age: 1728000
cache-control: no-cache
content-type: text/plain
date: Wed, 24 May 2023 04:08:26 GMT
server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17
status: 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: Phusion Passenger(R) Enterprise 6.0.17
x-request-id: 95616353-f283-4dc5-afe9-3f7915d4bc34
x-runtime: 0.000659

POST
H2 200 numbers Show response
api.routingapi.com/api/v1/ 4 KB
4 KB 221ms
220ms XHR
application/json 107.20.166.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.routingapi.com/api/v1/numbers?&campaign_key=7457b1f38aaeb23cdf66a097b4af26cd

Requested by

Host: dist.routingapi.com
URL: https://dist.routingapi.com/jsapi/v1/retreaver.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.20.166.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-20-166-130.compute-1.amazonaws.com

Software

nginx/1.18.0 + Phusion Passenger(R) 6.0.17 / Phusion Passenger(R) Enterprise 6.0.17

Resource Hash

d1a2cc23462b99672126bd009b55ab1d8b50e0b574bbd1f5d986bddd3f8b0d91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Referer: https://savingsandbenefitsdaily.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 May 2023 04:08:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) Enterprise 6.0.17
status: 200 OK
x-xss-protection: 0
x-request-id: ae8b5c1a-24a2-4056-b8e4-bec3d3140f36
x-runtime: 0.105794
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17
etag: W/"d1a2cc23462b99672126bd009b55ab1d"
x-download-options: noopen
vary: Origin
access-control-max-age: 1728000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://savingsandbenefitsdaily.com
access-control-allow-methods: GET, POST, OPTIONS
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: ALLOWALL

GET
H2 200 0-8007c771.js Show response
savingsandbenefitsdaily.com/_app/immutable/chunks/ 97 B
252 B 29ms
28ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/chunks/0-8007c771.js

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/_app/immutable/start-716c3c08.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4c113138df8083753420482ec60d307a617124b0dd15401289422fdbf71fa677

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::wb6m8-1684901306659-1b20bc46f7ee
age: 621573
etag: "c258faa273734337a34b405198ccfb7b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="0-8007c771.js"
accept-ranges: bytes
content-length: 97

GET
H2 200 1-d6148938.js Show response
savingsandbenefitsdaily.com/_app/immutable/chunks/ 96 B
228 B 28ms
27ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/chunks/1-d6148938.js

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/_app/immutable/start-716c3c08.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7aef1975734634ab2d1cf6f6d196563ac06be4cd0072d7606b12fe17f708ef8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::4g4d7-1684901306659-d8784db05741
age: 621574
etag: "cea810f5d97eba47280cfbfd0ba075f1"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="1-d6148938.js"
accept-ranges: bytes
content-length: 96

GET
H2 200 _error.svelte-ffea8b03.js Show response
savingsandbenefitsdaily.com/_app/immutable/components/pages/ 2 KB
1 KB 42ms
41ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/components/pages/_error.svelte-ffea8b03.js

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/_app/immutable/start-716c3c08.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c97b9e3fcbae36fca836ea04e6b49e9dfd4c63dabb0e3bdfcd08f3dd1c748cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::s8xvp-1684901306659-2abfa4149abc
age: 621574
etag: W/"394062e7f312c6da898ffca6b1ba8e8d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="_error.svelte-ffea8b03.js"

GET
H2 200 NavigationBar-5db9afeb.js Show response
savingsandbenefitsdaily.com/_app/immutable/chunks/ 8 KB
3 KB 48ms
48ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/chunks/NavigationBar-5db9afeb.js

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/_app/immutable/start-716c3c08.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4b7e6c27e57f1cef3c4063018371b27d206124785d8a07f7a717db1faf81a154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::s8xvp-1684901306663-3c1f596845bf
age: 621574
etag: W/"d8aba6ba6c72dac36b6c15c5e33bde15"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="NavigationBar-5db9afeb.js"

GET
H2 200 3-17285b0a.js Show response
savingsandbenefitsdaily.com/_app/immutable/chunks/ 95 B
238 B 36ms
36ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/chunks/3-17285b0a.js

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/_app/immutable/start-716c3c08.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

986f6d585567b1c8cb2e6e607a8382d6c11e2fce2bdefc40cd014f4052a55816

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::67sg8-1684901306660-a4716d66011e
age: 621574
etag: "adf6ebbd561191fc50ad50c7a2d1a2a8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="3-17285b0a.js"
accept-ranges: bytes
content-length: 95

GET
H2 200 poppins-latin-700-normal-9338e65f.woff2
savingsandbenefitsdaily.com/_app/immutable/assets/ 8 KB
8 KB 29ms
28ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/assets/poppins-latin-700-normal-9338e65f.woff2

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/_app/immutable/assets/_layout-4efe454e.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://savingsandbenefitsdaily.com/_app/immutable/assets/_layout-4efe454e.css
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::wb6m8-1684901306664-a4c95ed405d3
age: 621575
etag: "25b0e113ca7cce3770d542736db26368"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="poppins-latin-700-normal-9338e65f.woff2"
accept-ranges: bytes
content-length: 7816

GET
H2 200 poppins-latin-600-normal-f4e80d9d.woff2
savingsandbenefitsdaily.com/_app/immutable/assets/ 8 KB
8 KB 35ms
34ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/assets/poppins-latin-600-normal-f4e80d9d.woff2

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/_app/immutable/assets/_layout-4efe454e.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://savingsandbenefitsdaily.com/_app/immutable/assets/_layout-4efe454e.css
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::jg8ph-1684901306665-e16c0f79eae2
age: 621575
etag: "72993dddf88a63e8f226656f7de88e57"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="poppins-latin-600-normal-f4e80d9d.woff2"
accept-ranges: bytes
content-length: 8000

GET
H2 200 poppins-latin-400-normal-7d93459d.woff2
savingsandbenefitsdaily.com/_app/immutable/assets/ 8 KB
8 KB 44ms
44ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/assets/poppins-latin-400-normal-7d93459d.woff2

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/_app/immutable/assets/_layout-4efe454e.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://savingsandbenefitsdaily.com/_app/immutable/assets/_layout-4efe454e.css
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::dkr2l-1684901306668-6686d88342a1
age: 621575
etag: "9212f6f9860f9fc6c69b02fedf6db8c3"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="poppins-latin-400-normal-7d93459d.woff2"
accept-ranges: bytes
content-length: 7884

GET
H2 200 poppins-latin-800-normal-60bf0aba.woff2
savingsandbenefitsdaily.com/_app/immutable/assets/ 8 KB
8 KB 34ms
33ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsandbenefitsdaily.com/_app/immutable/assets/poppins-latin-800-normal-60bf0aba.woff2

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/_app/immutable/assets/_layout-4efe454e.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://savingsandbenefitsdaily.com/_app/immutable/assets/_layout-4efe454e.css
Origin: https://savingsandbenefitsdaily.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::4g4d7-1684901306666-b618ef834a7d
age: 621575
etag: "af4d371a10271dafeb343f1eace762bc"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="poppins-latin-800-normal-60bf0aba.woff2"
accept-ranges: bytes
content-length: 7824

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 117 KB
46 KB 86ms
35ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NLJDLQX

Requested by

Host: load.capigt.hmnavigators.com
URL: https://load.capigt.hmnavigators.com/rrxdeutp.js?id=GTM-NBCG9WP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3a06765c63c9a1dfdcd1b85b12abcce454542d27a5c7c6870d05633a809df10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46755
x-xss-protection: 0
last-modified: Wed, 24 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 May 2023 04:08:26 GMT

GET
H2 200 iife.min.js Show response
opencdn.fpjs.sh/fingerprintjs-pro-gtm/v0/ 3 KB
2 KB 147ms
23ms Script
text/javascript 18.66.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://opencdn.fpjs.sh/fingerprintjs-pro-gtm/v0/iife.min.js

Requested by

Host: load.capigt.hmnavigators.com
URL: https://load.capigt.hmnavigators.com/rrxdeutp.js?id=GTM-NBCG9WP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-97.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

b5ed823557283db9ff4fee21d90036d966f27666c064408b79c748bfab9a8e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 02:52:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4545
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server: CloudFront
etag: W/"dyXymmTAUh0Zqhw7eEzwm0ylG5U"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=578994, s-maxage=10961
x-amz-cf-id: fUOmyGQ-xfLbPbA7M20s7uf1-ASrjfeeLK3AT_mpjFloI5-3SmVU2w==

GET
H2 200 v5.js Show response
cdn.stape.io/dtag/ 14 KB
6 KB 92ms
30ms Script
application/javascript 2606:4700::6812:30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.stape.io/dtag/v5.js

Requested by

Host: load.capigt.hmnavigators.com
URL: https://load.capigt.hmnavigators.com/rrxdeutp.js?id=GTM-NBCG9WP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7657eea272b62c540e89a651d3ce05555e18062e77e4734247e5458908d1773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 580815
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 23 May 2022 07:46:57 GMT
server: cloudflare
etag: W/"628b3bf1-39c0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7cc2ad704a469136-FRA
expires: Thu, 23 May 2024 04:08:26 GMT

GET
H2 200 gtrrxdeutp.js Show response
load.capigt.hmnavigators.com/ 232 KB
81 KB 201ms
200ms Script
application/javascript 2606:4700::6812:30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://load.capigt.hmnavigators.com/gtrrxdeutp.js?id=G-3HRTF81JLQ&l=dataLayer&cx=c

Requested by

Host: load.capigt.hmnavigators.com
URL: https://load.capigt.hmnavigators.com/rrxdeutp.js?id=GTM-NBCG9WP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58b6f6d468d12b88388206413d6c0c024a1099cf2c4cde546298aadaa58408c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 May 2023 04:08:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cf-ray: 7cc2ad6ff8319a0c-FRA
access-control-allow-headers: Cache-Control
x-robots-tag: noindex
expires: Wed, 24 May 2023 04:08:27 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10936957035/ 3 KB
2 KB 79ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10936957035/?random=1684901306866&cv=11&fst=1684901306866&bg=ffffff&guid=ON&async=1&gtm=45He35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsavingsandbenefitsdaily.com%2F&hn=www.googleadservices.com&frm=0&tiba=Healthcare%20Marketplace%20Navigators&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: load.capigt.hmnavigators.com
URL: https://load.capigt.hmnavigators.com/rrxdeutp.js?id=GTM-NBCG9WP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f98d4a1795f1456cf2552118f0682123d948b4d8fd8e1229d494fbff2c80ccab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 04:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10936957035/ 42 B
455 B 89ms
33ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10936957035/?random=1684901306866&cv=11&fst=1684900800000&bg=ffffff&guid=ON&async=1&gtm=45He35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsavingsandbenefitsdaily.com%2F&frm=0&tiba=Healthcare%20Marketplace%20Navigators&fmt=3&is_vtc=1&random=3571646437&rmt_tld=0&ipr=y

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 04:08:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10936957035/ 42 B
455 B 90ms
34ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10936957035/?random=1684901306866&cv=11&fst=1684900800000&bg=ffffff&guid=ON&async=1&gtm=45He35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsavingsandbenefitsdaily.com%2F&frm=0&tiba=Healthcare%20Marketplace%20Navigators&fmt=3&is_vtc=1&random=3571646437&rmt_tld=1&ipr=y

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 04:08:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
capigt.hmnavigators.com/ 68 B
437 B 604ms
155ms XHR
application/json 35.193.123.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capigt.hmnavigators.com/data?v=2&event_name=page_view
Requested by: Host: cdn.stape.io
URL: https://cdn.stape.io/dtag/v5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.123.193.35.bc.googleusercontent.com
Software: /
Resource Hash: 011f7cf764206394357daca41dbd08a0a84bdf3e2cefb2b6690d201ae4924fba

Request headers

Referer: https://savingsandbenefitsdaily.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 24 May 2023 04:08:27 GMT
access-control-max-age: 600
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: https://savingsandbenefitsdaily.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: content-type,set-cookie,x-robots-tag,x-gtm-server-preview,x-stape-preview
content-length: 68

GET
H2 200 loader_v3.6.0.js Show response
fpnpmcdn.net/v3/Ar3RdPATr5wBOCyTPmx3/ 121 KB
44 KB 98ms
29ms Script
text/javascript 18.66.112.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/Ar3RdPATr5wBOCyTPmx3/loader_v3.6.0.js

Requested by

Host: opencdn.fpjs.sh
URL: https://opencdn.fpjs.sh/fingerprintjs-pro-gtm/v0/iife.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-28.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

226977580ae259401e2b2da8d940453da9c8f22e12435692ff5bbd117de32499

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 09:57:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 151849
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"lc2EDl/rt+oYdu5ZimYHBmcRtVo"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3644, s-maxage=588611
x-amz-cf-id: wskLqNQpyz-INoQXsJrA2O_xIL42oknaG0Yzeuls9GB7ehJaEUunWg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11002637105/ 3 KB
2 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11002637105/?random=1684901307043&cv=11&fst=1684901307043&bg=ffffff&guid=ON&async=1&gtm=45He35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsavingsandbenefitsdaily.com%2F&hn=www.googleadservices.com&frm=0&tiba=Healthcare%20Marketplace%20Navigators&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: load.capigt.hmnavigators.com
URL: https://load.capigt.hmnavigators.com/rrxdeutp.js?id=GTM-NBCG9WP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d3a64ae42017bba1c1f321e0fc7199af72a498a3aa4b0a2142f4cddf94e86b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 04:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
capigt.hmnavigators.com/g/ 65 B
156 B 470ms
169ms XHR
text/plain 35.193.123.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://capigt.hmnavigators.com/g/collect?v=2&tid=G-3HRTF81JLQ&gtm=45je35m0&_p=314516841&cid=1749924509.1684901307&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gcsub=region1&ngs=1&_s=1&sid=1684901307&sct=1&seg=0&dl=https%3A%2F%2Fsavingsandbenefitsdaily.com%2F&dt=Healthcare%20Marketplace%20Navigators&en=page_view&_fv=1&_nsi=1&_ss=1&ep.eventID=1684901913276_16849014465291&richsstsse

Requested by

Host: load.capigt.hmnavigators.com
URL: https://load.capigt.hmnavigators.com/gtrrxdeutp.js?id=G-3HRTF81JLQ&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

107.123.193.35.bc.googleusercontent.com

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:27 GMT
x-content-type-options: nosniff
content-type: text/plain
access-control-allow-origin: https://savingsandbenefitsdaily.com
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-accel-buffering: no

GET
H2 200 /
www.google.com/pagead/1p-user-list/11002637105/ 42 B
108 B 34ms
32ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11002637105/?random=1684901307043&cv=11&fst=1684900800000&bg=ffffff&guid=ON&async=1&gtm=45He35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsavingsandbenefitsdaily.com%2F&frm=0&tiba=Healthcare%20Marketplace%20Navigators&fmt=3&is_vtc=1&random=152568018&rmt_tld=0&ipr=y

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 04:08:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11002637105/ 42 B
108 B 31ms
31ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11002637105/?random=1684901307043&cv=11&fst=1684900800000&bg=ffffff&guid=ON&async=1&gtm=45He35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsavingsandbenefitsdaily.com%2F&frm=0&tiba=Healthcare%20Marketplace%20Navigators&fmt=3&is_vtc=1&random=152568018&rmt_tld=1&ipr=y

Requested by

Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 04:08:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
use1.fptls.com/ 208 B
335 B 344ms
111ms XHR
text/plain 99.83.173.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://use1.fptls.com/

Requested by

Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/Ar3RdPATr5wBOCyTPmx3/loader_v3.6.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.83.173.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a64bed9ff5004f5b3.awsglobalaccelerator.com

Software

Resource Hash

20d73ac785d8028dcbf3f14f3374d62e98ce476e5cb1ca8009316c8cb0a9172b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=2592000, immutable, private
date: Wed, 24 May 2023 04:08:27 GMT
content-length: 208
content-type: text/plain; charset=utf-8

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 180ms
122ms Script
application/javascript 184.86.103.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE2O6JJC77U5MOB97QIG&lib=ttq
Requested by: Host: savingsandbenefitsdaily.com
URL: https://savingsandbenefitsdaily.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-20.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 447c6eb7b3bf25831a4820f47f8df741d71200205034d29b0575aa0317b498d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 56a1f63a.907dd0ee
date: Wed, 24 May 2023 04:08:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 98,184.86.102.20
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=14, inner; dur=5
content-length: 1211
pragma: no-cache
server: nginx
x-tt-logid: 202305240408273AC17FCADA4DAF2BE5A0
x-cache-remote: TCP_MISS from a23-194-131-15.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.194.131.15
x-tt-trace-host: 01176b51d7392c1fa000bd81347ecbc731e0e7ff4229215fd9ef40f57cc50a863a16d0c0f795b362612f530b8ca28e4de0a3e7bd4b28a2695823c7218b7ece7f475851bd2e5f6f6e1f109ae9dd41ca68ad9ecb4a611d3da79597029857c931d4be91d9a6b93985c9a8f263b7b2bdeda0f4
expires: Wed, 24 May 2023 04:08:27 GMT

GET
H2 200 main.MWI2MzlmMWJmMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 257 KB
69 KB 24ms
24ms Script
application/javascript 184.86.103.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE2O6JJC77U5MOB97QIG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-20.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c8d3905b5c13d0c0e32c412ae45710365b71b1c9931b9c4ed44596e557be9d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 907dd196
date: Wed, 24 May 2023 04:08:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305081131431BC8658F943969841DEE
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-86-102-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016467a348457d69e5f07ad5b46d773bfb53cc41c7edfcba04a25c855387c79e0667e684803b5a06e01034c4e993366b283bc3f3981303f342a24d07b134dc3264df4fdef74a26eb3c71c3d908d0c3d33d120c679cde3459fd87c562de133197d8
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 69873

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 24ms
24ms Script
application/javascript 184.86.103.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-20.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 907dd20d
date: Wed, 24 May 2023 04:08:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305081131385BAEFB481AF882881A3A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-86-102-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01be8a0784f99db1d58d1b5380bb7a6896266963762a46d696a618a70d83430d6dbcb396f0c3b75aca499802f7ee6426ab10949cc651a6e49ed46565a812cfedf4aa293017c622f7a1131581e38d49c92e799907b151e887de220de4218c12be30
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30759

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
700 B 247ms
247ms Ping
text/plain 184.86.103.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-20.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://savingsandbenefitsdaily.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 36fc76dc.907dd232
date: Wed, 24 May 2023 04:08:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 219,184.86.102.20
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=135, inner; dur=129
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230524040827F1D4E74371B5E92CCD4B
x-cache-remote: TCP_MISS from a23-194-131-87.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 135,23.194.131.87
x-tt-trace-host: 01176b51d7392c1fa000bd81347ecbc731e0e7ff4229215fd9ef40f57cc50a863a526cd29c880352f0ad4225599933d7fa41386795ef64bc6e2e0db1388ad02e1ac87f87df86ea2c435f8a8ef65dd53d2399726233b5d2d57b431ed5726fca87818fa08e5aeeb84cba563b4eed23607431
expires: Wed, 24 May 2023 04:08:27 GMT

POST
H2 403 / Show response
fides.hmnavigators.com/ 287 B
640 B 348ms
120ms XHR
text/plain 75.2.80.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fides.hmnavigators.com/?ci=js/3.8.13&ii=fingerprintjs-pro-gtm/0.3.0&ii=fingerprintjs-pro-gtm-template/0.0.1

Requested by

Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/Ar3RdPATr5wBOCyTPmx3/loader_v3.6.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.80.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a99634ef21f205589.awsglobalaccelerator.com

Software

nginx/1.22.1 /

Resource Hash

7570591aed9cefdac323821fb320342e873c5c83a5edd0196aa5ac052797d6e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://savingsandbenefitsdaily.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 May 2023 04:08:28 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
server: nginx/1.22.1
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://savingsandbenefitsdaily.com
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
content-length: 287

GET
H2 200 collect Show response
capigt.hmnavigators.com/g/ 65 B
124 B 155ms
155ms XHR
text/plain 35.193.123.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://capigt.hmnavigators.com/g/collect?v=2&tid=G-3HRTF81JLQ&gtm=45je35m0&_p=314516841&cid=1749924509.1684901307&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gcsub=region1&ngs=1&_s=2&sid=1684901307&sct=1&seg=0&dl=https%3A%2F%2Fsavingsandbenefitsdaily.com%2F&dt=Healthcare%20Marketplace%20Navigators&en=gtm.scroll&ep.eventID=1684901913276_168490144652910&_et=377&up.userID=1684901913276_168490144652910&richsstsse

Requested by

Host: load.capigt.hmnavigators.com
URL: https://load.capigt.hmnavigators.com/gtrrxdeutp.js?id=G-3HRTF81JLQ&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

107.123.193.35.bc.googleusercontent.com

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savingsandbenefitsdaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:08:28 GMT
x-content-type-options: nosniff
content-type: text/plain
access-control-allow-origin: https://savingsandbenefitsdaily.com
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-accel-buffering: no

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
savingsandbenefitsdaily.com/	1969-12-31 23:59:59	Name: CallPixels-ou Value: aHR0cHM6Ly9zYXZpbmdzYW5kYmVuZWZpdHNkYWlseS5jb20v
.savingsandbenefitsdaily.com/	1969-12-31 23:59:59	Name: stape Value: %7B%22event_id%22%3A%221684901913276_16849014465291%22%7D
.doubleclick.net/	1970-01-20 21:23:17	Name: IDE Value: AHWqTUl0cx2Gp1j8vANtWcpA8S8R48THwPsvpkGeyveD9SfIk-SPoFkhCm_u-syc
.savingsandbenefitsdaily.com/	1970-01-20 21:37:41	Name: _ga Value: GA1.1.1749924509.1684901307
savingsandbenefitsdaily.com/	1969-12-31 23:59:59	Name: CallPixels-vid Value: ea7233006447e23c24f7e647535500b1
.tiktok.com/	1970-01-20 21:23:17	Name: _ttp Value: 2QDw9PFsY2gEBYtxfbMKK7xhaS4
.savingsandbenefitsdaily.com/	1970-01-20 21:23:17	Name: _tt_enable_cookie Value: 1
.savingsandbenefitsdaily.com/	1970-01-20 21:23:17	Name: _ttp Value: s7eMa0syOBZGxP1P-69U3G9aWkq
.savingsandbenefitsdaily.com/	1970-01-20 21:37:41	Name: _ga_3HRTF81JLQ Value: GS1.1.1684901307.1.0.1684901307.0.0.0
.hmnavigators.com/	1970-01-20 21:37:41	Name: _dcid Value: dcid.1.1684901307492.845827159

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fides.hmnavigators.com/?ci=js/3.8.13&ii=fingerprintjs-pro-gtm/0.3.0&ii=fingerprintjs-pro-gtm-template/0.0.1 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.routingapi.com
capigt.hmnavigators.com
cdn.stape.io
dist.routingapi.com
fides.hmnavigators.com
fpnpmcdn.net
googleads.g.doubleclick.net
load.capigt.hmnavigators.com
opencdn.fpjs.sh
savingsandbenefitsdaily.com
use1.fptls.com
www.google.com
www.google.de
www.googleoptimize.com
107.20.166.130
18.66.112.28
18.66.112.97
184.86.103.20
2600:9000:2057:8600:11:8138:9040:93a1
2606:4700::6812:30
2a00:1450:4001:803::2004
2a00:1450:4001:808::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
35.193.123.107
75.2.80.99
76.76.21.21
99.83.173.21
011f7cf764206394357daca41dbd08a0a84bdf3e2cefb2b6690d201ae4924fba
0964033b6e115791c5cd81cc9f927599c520b5459db1803653efb0cd80a015d4
16ee3a9114279867ff303f39b1e599e898dcca57538f027c26337dcfdf81790d
20d73ac785d8028dcbf3f14f3374d62e98ce476e5cb1ca8009316c8cb0a9172b
226977580ae259401e2b2da8d940453da9c8f22e12435692ff5bbd117de32499
3b8afb500ae6e23473f3a50258d81483a1740841423f17f56d745ea8824c59b6
3fb7bc2fc273169fe1ff02f63882ffc6fd4eae18c83cbb8a408625d99385450b
447c6eb7b3bf25831a4820f47f8df741d71200205034d29b0575aa0317b498d8
4b7e6c27e57f1cef3c4063018371b27d206124785d8a07f7a717db1faf81a154
4c113138df8083753420482ec60d307a617124b0dd15401289422fdbf71fa677
4d3863cae9aae947ae90a0d9e19b91144db36f5fb23e38262943163be2d0fdda
4efe454e8f23ed0c78398ea65ad5252b566d70c380b50c04074fc6d8f7e114ba
58b6f6d468d12b88388206413d6c0c024a1099cf2c4cde546298aadaa58408c5
5b0d5cc89521055c37dc4ecabf5e3fe8b1fdce7ea0b5d5cf16e5d17008d0cbc8
5c8d3905b5c13d0c0e32c412ae45710365b71b1c9931b9c4ed44596e557be9d9
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
7570591aed9cefdac323821fb320342e873c5c83a5edd0196aa5ac052797d6e4
76d3a64ae42017bba1c1f321e0fc7199af72a498a3aa4b0a2142f4cddf94e86b
7aef1975734634ab2d1cf6f6d196563ac06be4cd0072d7606b12fe17f708ef8a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
839f63d033dfd21de09c4988883163007373934a9f96cc159e42b35d6e5837de
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
986f6d585567b1c8cb2e6e607a8382d6c11e2fce2bdefc40cd014f4052a55816
99d35d317a4e3140fb451085f30d12f118ca88bfda6f292afaf92b11cd5eb663
a19ae5303c89bc02c364975b2007f71242b68e9ae60f45a21384ff93e814fbd4
ac3679d64649e753d74a90e753a58d438abcb750fa7a27a8476cc56aa1cbcf0c
b5ed823557283db9ff4fee21d90036d966f27666c064408b79c748bfab9a8e30
c3a06765c63c9a1dfdcd1b85b12abcce454542d27a5c7c6870d05633a809df10
c97b9e3fcbae36fca836ea04e6b49e9dfd4c63dabb0e3bdfcd08f3dd1c748cf9
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d1a2cc23462b99672126bd009b55ab1d8b50e0b574bbd1f5d986bddd3f8b0d91
d7657eea272b62c540e89a651d3ce05555e18062e77e4734247e5458908d1773
df116a6098cf739faf4a80d252595f290f3c8d0e1d8cf0927b916fb8d087c8fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fe790dcae807135cc6c05d132162fac490db9db4d4a9e3a4ea2da719826bfd
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f98d4a1795f1456cf2552118f0682123d948b4d8fd8e1229d494fbff2c80ccab

savingsandbenefitsdaily.com Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

43 %IPv6

12 Domains

15 Subdomains

14 IPs

2 Countries

512 kBTransfer

1486 kBSize

10 Cookies

1 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

savingsandbenefitsdaily.com Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

43 %
IPv6

12
Domains

15
Subdomains

14
IPs

2
Countries

512 kB
Transfer

1486 kB
Size

10
Cookies

45 HTTP transactions
0 data transactions