benefitsdepot.net Open in urlscan Pro
209.212.148.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://voluptateqrgts.cartyr.de/rd/u3981FYdOs1188952gAIL54549ERY2499wtAX988
Effective URL:
https://benefitsdepot.net/unsubscribe.php
Submission: On January 25 via api (January 25th 2021, 1:02:09 am UTC) from BE

Summary HTTP 90 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 49 IPs in 7 countries across 44 domains to perform 90 HTTP transactions. The main IP is 209.212.148.3, located in Arlington Heights, United States and belongs to ASN-GIGENET, US. The main domain is benefitsdepot.net.
TLS certificate: Issued by R3 on January 21st 2021. Valid for: 3 months.

This is the only time benefitsdepot.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	78.47.101.54 78.47.101.54	24940 (HETZNER-AS) (HETZNER-AS)
1 1	45.148.9.118 45.148.9.118	396073 (MAJESTIC-...) (MAJESTIC-HOSTING-01)
9	209.212.148.3 209.212.148.3	32181 (ASN-GIGENET) (ASN-GIGENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:8a00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
2	13.224.102.66 13.224.102.66	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:4f22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:9200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:3c00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2	3.124.48.224 3.124.48.224	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:c800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	52.13.149.62 52.13.149.62	16509 (AMAZON-02) (AMAZON-02)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	44.228.200.13 44.228.200.13	16509 (AMAZON-02) (AMAZON-02)
3	13.224.103.105 13.224.103.105	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
4	34.200.78.134 34.200.78.134	14618 (AMAZON-AES) (AMAZON-AES)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
1	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	18.184.181.235 18.184.181.235	16509 (AMAZON-02) (AMAZON-02)
2	54.166.112.225 54.166.112.225	14618 (AMAZON-AES) (AMAZON-AES)
2	34.195.162.181 34.195.162.181	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.22.15.148 52.22.15.148	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.224.102.117 13.224.102.117	16509 (AMAZON-02) (AMAZON-02)
1 2	18.158.74.203 18.158.74.203	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:3e00:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.225.136.82 3.225.136.82	14618 (AMAZON-AES) (AMAZON-AES)
4	208.100.17.181 208.100.17.181	32748 (STEADFAST) (STEADFAST)
90	49

2 78.47.101.54 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.54.101.47.78.clients.your-server.de

voluptateqrgts.cartyr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.148.9.118 (None, ) 1 redirects

ASN396073 (MAJESTIC-HOSTING-01, US)

www.fopiwino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 209.212.148.3 (Arlington Heights, United States)

ASN32181 (ASN-GIGENET, US)
PTR: ip-209.212.148.3.hosted.by.gigenet.com

benefitsdepot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:8a00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

benefitsdepot-net.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.102.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-66.zrh50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:9200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:3c00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.48.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.13.149.62 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-149-62.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.228.200.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-200-13.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.103.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.200.78.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-78-134.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.90 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.181.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-181-235.eu-central-1.compute.amazonaws.com

pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.112.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-112-225.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.162.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-162-181.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.15.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-15-148.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.50.124 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.117 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-117.zrh50.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.74.203 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-74-203.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:3e00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.136.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-136-82.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.100.17.181 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip181.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	benefitsdepot.net benefitsdepot.net	165 KB
7	googlesyndication.com e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	14 KB
6	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io	87 KB
6	pushnami.com api.pushnami.com trc.pushnami.com psp.pushnami.com	12 KB
5	advertising.com adserver-us.adtech.advertising.com	715 B
4	tynt.com de.tynt.com
4	33across.com ssc.33across.com	3 KB
4	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
3	3lift.com 2 redirects ib.3lift.com eb2.3lift.com	640 B
3	amazon-adsystem.com c.amazon-adsystem.com	34 KB
3	doubleclick.net securepubads.g.doubleclick.net	130 KB
2	pubmatic.com ads.pubmatic.com
2	justpremium.com pre.ads.justpremium.com	253 B
2	adnxs.com ib.adnxs.com acdn.adnxs.com	715 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com	1 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	38 KB
2	cartyr.de 1 redirects voluptateqrgts.cartyr.de	594 B
1	bfmio.com sync.bfmio.com
1	undertone.com cdn.undertone.com
1	teads.tv sync.teads.tv
1	rubiconproject.com eus.rubiconproject.com
1	brealtime.com biddr.brealtime.com
1	districtm.io cdn.districtm.io
1	mantisadnetwork.com mantodea.mantisadnetwork.com
1	indexww.com js-sec.indexww.com
1	googletagservices.com www.googletagservices.com	29 KB
1	google.com adservice.google.com	803 B
1	google.nl adservice.google.nl	803 B
1	lijit.com ap.lijit.com	729 B
1	sonobi.com apex.go.sonobi.com	794 B
1	omnitagjs.com hb-api.omnitagjs.com	866 B
1	criteo.com bidder.criteo.com	147 B
1	1rx.io tag.1rx.io	274 B
1	casalemedia.com as-sec.casalemedia.com	2 KB
1	quantcount.com rules.quantcount.com	348 B
1	consensu.org c.sharethis.mgr.consensu.org
1	gstatic.com fonts.gstatic.com	42 KB
1	disqus.com benefitsdepot-net.disqus.com	2 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	fopiwino.com 1 redirects www.fopiwino.com	187 B
90	44

	Domain	Requested by
9	benefitsdepot.net	voluptateqrgts.cartyr.de benefitsdepot.net
5	adserver-us.adtech.advertising.com	global.proper.io
4	de.tynt.com	global.proper.io
4	ssc.33across.com	global.proper.io
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	c.amazon-adsystem.com	global.proper.io c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	global.proper.io securepubads.g.doubleclick.net
2	eb2.3lift.com	1 redirects global.proper.io
2	ads.pubmatic.com	global.proper.io
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	psp.pushnami.com	api.pushnami.com
2	trc.pushnami.com	api.pushnami.com
2	pre.ads.justpremium.com	global.proper.io
2	bids.proper.io	global.proper.io
2	ups.analytics.yahoo.com	2 redirects
2	l.sharethis.com	platform-api.sharethis.com benefitsdepot.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	global.proper.io	benefitsdepot.net global.proper.io
2	api.pushnami.com	benefitsdepot.net api.pushnami.com
2	maxcdn.bootstrapcdn.com	benefitsdepot.net
2	voluptateqrgts.cartyr.de	1 redirects
1	sync.bfmio.com	global.proper.io
1	cdn.undertone.com	global.proper.io
1	ib.3lift.com	1 redirects
1	sync.teads.tv	global.proper.io
1	eus.rubiconproject.com	global.proper.io
1	biddr.brealtime.com	global.proper.io
1	cdn.districtm.io	global.proper.io
1	mantodea.mantisadnetwork.com	global.proper.io
1	js-sec.indexww.com	global.proper.io
1	acdn.adnxs.com	global.proper.io
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	eb.proper.io	global.proper.io
1	ib.adnxs.com	global.proper.io
1	ap.lijit.com	global.proper.io
1	apex.go.sonobi.com	global.proper.io
1	hb-api.omnitagjs.com	global.proper.io
1	bidder.criteo.com	global.proper.io
1	tag.1rx.io	global.proper.io
1	as-sec.casalemedia.com	global.proper.io
1	usync.proper.io	benefitsdepot.net
1	pixel.quantserve.com	benefitsdepot.net
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	global.proper.io
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	benefitsdepot-net.disqus.com	benefitsdepot.net
1	platform-api.sharethis.com	benefitsdepot.net
1	www.googletagmanager.com	benefitsdepot.net
1	fonts.googleapis.com	benefitsdepot.net
1	cdnjs.cloudflare.com	benefitsdepot.net
1	ajax.googleapis.com	benefitsdepot.net
1	www.fopiwino.com	1 redirects
90	57

This site contains links to these domains. Also see Links.

Domain
proper.io

Subject Issuer	Validity	Valid
benefitsdepot.net R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.pushnami.com Amazon	`2020-05-16` - `2021-06-16`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2021-06-18`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
tracking.justpremium.com Amazon	`2020-11-26` - `2021-12-25`	a year	crt.sh
*.google.nl GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
*.mantisadnetwork.com Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-11-19` - `2021-02-17`	3 months	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.undertone.com Amazon	`2020-12-11` - `2022-01-09`	a year	crt.sh
*.bfmio.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://benefitsdepot.net/unsubscribe.php
Frame ID: 72617CF9AA3F6A6EEAF28E72E09964D1
Requests: 67 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 3555BD70C3DDB47B489AE66C5D6085FE
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 77B2FA83B92C50AF7F7F8B81420FD752
Requests: 1 HTTP requests in this frame

Frame: https://e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 2424EDBCC40940F0E18C518FC0526C39
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 01FBBDD36AA23AD8C380D53EF0F4DCEA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D94E964DE4FBF1E13E535891A27622A2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2EEFF21B80D8CAA9B4DFCC6C8E6FADEF
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?referrer=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988&tz=-60&buster=1611536507832&secure=true&version=9&mobile=false&title=BenefitsDepot&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php
Frame ID: 66CAEA33A9443906376F47316F9FB7B4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 260828AFC13AAFA3825BC12E25136646
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: F079C4378DDBFC56C12495270D2AE30F
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a17j521611536507921
Frame ID: CD56A8D4E4C173A3C652B782BF4B16A5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 31B36E2DE16EA7CF0C37DC2D75B70B08
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C4166634BFBBE2FEE90AD95522D7AF84
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Frame ID: DA0216D52A5F4B0E4A72223076004C73
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 3BD3C2B8BD2EB301525AD97AB490566B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 9395E31B23D080C6B734586E4E1218B7
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Frame ID: 8A275B76D352CDC95FB73821127C1E6D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 376C3F0D32C3FA6274B9E7CF0D3E7966
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cofIPsicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 4AE41F6EFCA1DEB6BFE7E9A99FA75143
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cyKUv-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: ECFA0C90DE19643F46B854ED07384F16
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=crfUxYicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 2D541029CF756B52F1185D406CC83F02
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=chtZg-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 96EF881B1542D6F267C56D70688E3218
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://voluptateqrgts.cartyr.de/rd/u3981FYdOs1188952gAIL54549ERY2499wtAX988 Page URL
http://voluptateqrgts.cartyr.de/track/u3981FYdOs1188952gAIL54549ERY2499wtAX988 HTTP 302
https://www.fopiwino.com/HbHYo6iEPSK5N_GOn50kIAFxksiccJ3E35jqyE1J2Is1Zm2PrVx01GeKUz0fSligH68_w4S0iOzf... HTTP 302
https://benefitsdepot.net/unsubscribe.php Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

90
Requests

99 %
HTTPS

37 %
IPv6

44
Domains

57
Subdomains

49
IPs

7
Countries

699 kB
Transfer

1942 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://proper.io/?from=sticky

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://voluptateqrgts.cartyr.de/rd/u3981FYdOs1188952gAIL54549ERY2499wtAX988 Page URL
http://voluptateqrgts.cartyr.de/track/u3981FYdOs1188952gAIL54549ERY2499wtAX988 HTTP 302
https://www.fopiwino.com/HbHYo6iEPSK5N_GOn50kIAFxksiccJ3E35jqyE1J2Is1Zm2PrVx01GeKUz0fSligH68_w4S0iOzfM5gwGWsNsw~~/ HTTP 302
https://benefitsdepot.net/unsubscribe.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_ba588206_1f401e22_1 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_ba588206_1f401e22_1&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-7yslKH91l2bztLT2xiqCP5UdEEmmb38h

Request Chain 81

https://ib.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK u3981FYdOs1188952gAIL54549ERY2499wtAX988 Show response
voluptateqrgts.cartyr.de/rd/ 231 B
348 B 62ms
42ms Document
text/html 78.47.101.54
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://voluptateqrgts.cartyr.de/rd/u3981FYdOs1188952gAIL54549ERY2499wtAX988
Protocol: HTTP/1.1
Server: 78.47.101.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.54.101.47.78.clients.your-server.de
Software: /
Resource Hash: 713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420

Request headers

Host: voluptateqrgts.cartyr.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Mon, 25 Jan 2021 01:01:43 GMT
Content-Length: 231

GET
H/1.1

200
OK

Primary Request unsubscribe.php Show response
benefitsdepot.net/
Redirect Chain

http://voluptateqrgts.cartyr.de/track/u3981FYdOs1188952gAIL54549ERY2499wtAX988
https://www.fopiwino.com/HbHYo6iEPSK5N_GOn50kIAFxksiccJ3E35jqyE1J2Is1Zm2PrVx01GeKUz0fSligH68_w4S0iOzfM5gwGWsNsw~~/
https://benefitsdepot.net/unsubscribe.php

8 KB
3 KB

590ms
120ms

Document
text/html

209.212.148.3
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefitsdepot.net/unsubscribe.php
Requested by: Host: voluptateqrgts.cartyr.de
URL: http://voluptateqrgts.cartyr.de/rd/u3981FYdOs1188952gAIL54549ERY2499wtAX988
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: ip-209.212.148.3.hosted.by.gigenet.com
Software: Apache /
Resource Hash: 1ca297fe6f6f7d45f34c83d936bda5ddd7b73f7e19d694abbe6dbf0365caa5b4

Request headers

Host: benefitsdepot.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://voluptateqrgts.cartyr.de/rd/u3981FYdOs1188952gAIL54549ERY2499wtAX988
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://voluptateqrgts.cartyr.de/rd/u3981FYdOs1188952gAIL54549ERY2499wtAX988

Response headers

date: Mon, 25 Jan 2021 01:01:44 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=c054165b9df2ff0869a2eeccf10d6ab8; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 2741
content-type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 25 Jan 2021 01:01:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Server: Apache
Location: https://benefitsdepot.net/unsubscribe.php

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
23 KB 28ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:50 GMT
etag: "1550076050"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23237

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 17:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26632
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jan 2022 17:37:52 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 18ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2581453
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
cf-request-id: 07d8a8ae660000d6b5e00e7000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=irrPvYKxmdecbRYrYv3N8s3Nf6EU9Xi8AoBNA5fIGC4LzHxgZ%2FPGWgZTy%2Fun5YRhDxOMHFrLyUK77gFtjfNXDDeaLnrM5UWEgo96ICv4gMX41RUjfLSB0wv5F92DfblDNg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 616e1090ae6bd6b5-FRA
expires: Sat, 15 Jan 2022 01:01:44 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
15 KB 32ms
13ms Script
text/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:57 GMT
etag: "1550076057"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15434

GET
H2 200 css
fonts.googleapis.com/ 11 KB
768 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:200,300,400,500,600,700,800

Requested by

Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f9a3ff3d381edd73e8898ddb7d5c705a5adb948e867e5121e4b662729b44805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 01:01:44 GMT
server: ESF
date: Mon, 25 Jan 2021 01:01:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jan 2021 01:01:44 GMT

GET
H/1.1 200
OK styles.css
benefitsdepot.net/templates/benefitsdepot.net/css/ 20 KB
4 KB 117ms
114ms Stylesheet
text/css 209.212.148.3
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefitsdepot.net/templates/benefitsdepot.net/css/styles.css
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: ip-209.212.148.3.hosted.by.gigenet.com
Software: Apache /
Resource Hash: b7b8981cb6f6936f083e3fa8007621bbf153e4c095f11881fa2014bd4a93b518

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:44 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 17:43:48 GMT
server: Apache
etag: "4ebb-5b0f00655ced2-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4335

GET
H/1.1 200
OK validationEngine.jquery.css
benefitsdepot.net/templates/benefitsdepot.net/css/ 3 KB
1 KB 231ms
113ms Stylesheet
text/css 209.212.148.3
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefitsdepot.net/templates/benefitsdepot.net/css/validationEngine.jquery.css
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: ip-209.212.148.3.hosted.by.gigenet.com
Software: Apache /
Resource Hash: 6d2aa54ef6bb1e80e434d3f3e6deb04a463a35e651b9403f8a80445289281d98

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:44 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 16:32:28 GMT
server: Apache
etag: "c50-5aa7d783e1313-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 772

GET
H/1.1 200
OK jquery.validationEngine-en.js Show response
benefitsdepot.net/templates/benefitsdepot.net/js/ 10 KB
3 KB 341ms
114ms Script
application/javascript 209.212.148.3
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefitsdepot.net/templates/benefitsdepot.net/js/jquery.validationEngine-en.js
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: ip-209.212.148.3.hosted.by.gigenet.com
Software: Apache /
Resource Hash: 1dea0bd907087e7d6b4ae0622fa75ee4e9ae8ff7cc7e77a163b172a0125b1775

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:44 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 16:32:28 GMT
server: Apache
etag: "2910-5aa7d783975ec-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2419

GET
H/1.1 200
OK jquery.validationEngine.js Show response
benefitsdepot.net/templates/benefitsdepot.net/js/ 69 KB
17 KB 345ms
118ms Script
application/javascript 209.212.148.3
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefitsdepot.net/templates/benefitsdepot.net/js/jquery.validationEngine.js
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: ip-209.212.148.3.hosted.by.gigenet.com
Software: Apache /
Resource Hash: 6d90c9d8fbe47d5b256ed4de4bc18965b9f817c7436f94cba20bf56fc41b754a

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:44 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 16:32:28 GMT
server: Apache
etag: "114cf-5aa7d783a4ef2-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 17387

GET
H/1.1 200
OK tipped.js Show response
benefitsdepot.net/templates/benefitsdepot.net/js/ 74 KB
19 KB 1187ms
960ms Script
application/javascript 209.212.148.3
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefitsdepot.net/templates/benefitsdepot.net/js/tipped.js
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: ip-209.212.148.3.hosted.by.gigenet.com
Software: Apache /
Resource Hash: 7b0fc94d83150b73dc566b933bc5c823621e210de6d45621d1101207202d0a15

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:45 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 16:16:27 GMT
server: Apache
etag: "12680-5aa7d3ef66442-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 19556

GET
H/1.1 200
OK tipped.css
benefitsdepot.net/templates/benefitsdepot.net/css/ 13 KB
3 KB 3296ms
3070ms Stylesheet
text/css 209.212.148.3
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefitsdepot.net/templates/benefitsdepot.net/css/tipped.css
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: ip-209.212.148.3.hosted.by.gigenet.com
Software: Apache /
Resource Hash: aa892a3e8ae2d858596e031c41aa9c5368d94d5da554a4dd4cf10ae942df4377

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:45 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 16:16:24 GMT
server: Apache
etag: "3508-5aa7d3ec1e56a-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2833

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-149686528-2

Requested by

Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4ba508d250f496d94821e970ca0d869e34c177f3946b15b1e69115391090aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39651
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Jan 2021 01:01:45 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 100 KB
32 KB 43ms
14ms Script
text/javascript 2600:9000:2190:8a00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8a00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: df35edbdf585ab9f21871115b309fb4cde4be9d754c210dfd27ccec1e0ada438

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 00:59:46 GMT
content-encoding: gzip
age: 119
etag: W/"191bd-bQk8hnBWEQ7QwKDv8KfmtTJHF7U"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: lWOHEDueXefowxxWOkkc7p5EkP-ZfQ5EGitzfJG8YlNFCk3JfD39Jg==

GET
H/1.1 200
OK site-logo.svg
benefitsdepot.net/templates/benefitsdepot.net/images/svg/ 5 KB
5 KB 115ms
114ms Image
image/svg+xml 209.212.148.3
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefitsdepot.net/templates/benefitsdepot.net/images/svg/site-logo.svg
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: ip-209.212.148.3.hosted.by.gigenet.com
Software: Apache /
Resource Hash: 8a93db4b3a7d15238afd1eb9ead3c0240331aa89319992be45229491642043c8

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:45 GMT
last-modified: Wed, 15 Jul 2020 16:32:31 GMT
server: Apache
accept-ranges: bytes
etag: "1351-5aa7d786843e9"
content-length: 4945
content-type: image/svg+xml

GET
H/1.1 200
OK count.js Show response
benefitsdepot-net.disqus.com/ 1 KB
2 KB 69ms
21ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsdepot-net.disqus.com/count.js

Requested by

Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 01:01:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1135003
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 08 Jan 2021 01:56:33 GMT
Server: nginx
ETag: "5ff7bbd1-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: O70auFTO4xj8Ki2t6Qc9G9ep4fHtfIpxtF9FeE5lVC5lVrLocvcYRQ==

GET
H2 200 5f5bf03e705e760013ae6eb6 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 53 KB
12 KB 293ms
215ms Script
application/javascript 13.224.102.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-66.zrh50.r.cloudfront.net
Software: /
Resource Hash: f1dbffd2dc606444293988544c0d43edd5f2f538c89bc2b7484ea06e42af172c

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:47 GMT
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: WaT4ePCsKe8gtG1hCzjCJk1lBDfxWnhTaVRJsFc_idA78aujNotORg==

GET
H2 200 benefitsdepot.min.js Show response
global.proper.io/ 15 KB
5 KB 40ms
18ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/benefitsdepot.min.js
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95fac9ed03caf2a7e9204389aacf59c252f499c19c025358f68c96dd4da74483

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 16:00:04 GMT
server: cloudflare
age: 257647
etag: W/"5fff1904-3a83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 616e10a559af2b16-FRA
cf-request-id: 07d8a8bb5a00002b16e083b000000001
expires: Mon, 25 Jan 2021 01:06:47 GMT

GET
H/1.1 200
OK banner_bg1.jpg
benefitsdepot.net/templates/benefitsdepot.net/images/ 109 KB
109 KB 215ms
214ms Image
image/jpeg 209.212.148.3
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefitsdepot.net/templates/benefitsdepot.net/images/banner_bg1.jpg
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/templates/benefitsdepot.net/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.212.148.3 Arlington Heights, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: ip-209.212.148.3.hosted.by.gigenet.com
Software: Apache /
Resource Hash: b805694cd109a1a60f45b70d8afbaa5a38d4cacd290a6633175efa95559b1de4

Request headers

Referer: https://benefitsdepot.net/templates/benefitsdepot.net/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:47 GMT
last-modified: Wed, 15 Jul 2020 16:32:31 GMT
server: Apache
accept-ranges: bytes
etag: "1b3c4-5aa7d78650550"
content-length: 111556
content-type: image/jpeg

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v18/ 41 KB
42 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v18/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:200,300,400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://benefitsdepot.net
Referer: https://fonts.googleapis.com/css?family=Raleway:200,300,400,500,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 16:02:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 20:45:21 GMT
server: sffe
age: 291584
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42444
x-xss-protection: 0
expires: Fri, 21 Jan 2022 16:02:03 GMT

GET
H2 200 5d680a2b5fea9f001288d8cf.js Show response
buttons-config.sharethis.com/js/ 30 B
409 B 422ms
395ms Script
text/javascript 2600:9000:2190:9200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5d680a2b5fea9f001288d8cf.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 25 Jan 2021 01:01:49 GMT
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
last-modified: Thu, 29 Aug 2019 17:23:57 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "e6e1643313740711175f51662a65b42f"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 30
x-amz-cf-id: mXQXtSUJUJLVsQwTDTqLyKEgZLDmWIhWERFMd4HxFrA_MLdsdm4xxw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149686528-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6136
date: Sun, 24 Jan 2021 23:19:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 25 Jan 2021 01:19:31 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 3555 0
0 39ms
11ms Document
text/html 2600:9000:2190:3c00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:3c00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Mon, 25 Jan 2021 00:43:44 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: p71OSph8BWVquSvylpYQSYiuvaaU6I9T251ldyGJRBkfsshoENC8Dw==
age: 1083

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 319 KB
81 KB 25ms
24ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/benefitsdepot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 15:33:24 GMT
server: cloudflare
age: 980977
etag: W/"5fff12c4-4fbd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 616e10a599e52b16-FRA
cf-request-id: 07d8a8bb8400002b16bab84000000001
expires: Mon, 25 Jan 2021 01:06:47 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 14ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=659937146&t=pageview&_s=1&dl=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&dr=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988&ul=en-us&de=UTF-8&dt=BenefitsDepot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=491015315&gjid=1284644076&cid=1644001086.1611536508&tid=UA-149686528-2&_gid=2072930939.1611536508&_r=1&gtm=2ou1d0&z=2128378269

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 01:01:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefitsdepot.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 22ms
7ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:47 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 01 Feb 2021 01:01:47 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 88ms
22ms XHR
text/plain 3.124.48.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=benefitsdepot.net&location=%2Funsubscribe.php&product=inline-share-buttons&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=BenefitsDepot&refQuery=rd&refDomain=voluptateqrgts.cartyr.de&cms=unknown&publisher=5d680a2b5fea9f001288d8cf&sop=true&bsamesite=true&consent_cookie_duration=79&consent_duration=79&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.48.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 01:01:47 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://benefitsdepot.net
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content log
l.sharethis.com/ 0
315 B 89ms
22ms Image
text/plain 3.124.48.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/log?event=ibl&url=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988&fcmp=false&fcmpv2=false&has_segmentio=false&product=inline-share-buttons&publisher=5d680a2b5fea9f001288d8cf&source=sharethis.js&title=BenefitsDepot&ts=1611536507836&sop=true&consentDomain=.consensu.org&cms=unknown&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&description=
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.48.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 01:01:47 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
348 B 39ms
11ms Script
application/x-javascript 2600:9000:2190:c800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 00:13:06 GMT
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
age: 2924
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: 5OQljSTnt94KdaCPUI0QnZkJPMgjwniRWo943j_gqv06DlC26ZQQzw==

GET
H2 200 pixel;r=1196685305;rf=0;uht=2;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php;ref=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988;fpan=...
pixel.quantserve.com/ 35 B
371 B 9ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1196685305;rf=0;uht=2;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php;ref=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988;fpan=1;fpa=P0-1989302201-1611536507886;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;d=benefitsdepot.net;je=0;sr=1600x1200x24;dst=1;et=1611536507886;tzo=-60;ogl=

Requested by

Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 01:01:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_ba588206_1f401e22_1
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_ba588206_1f401e22_1&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-7yslKH91l2bztLT2xiqCP5UdEEmmb38h

153 B
363 B

551ms
178ms

Script
text/javascript

52.13.149.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-7yslKH91l2bztLT2xiqCP5UdEEmmb38h
Requested by: Host: benefitsdepot.net
URL: https://benefitsdepot.net/unsubscribe.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.13.149.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-13-149-62.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 3869ca349c4042e7b44bcbbd75b658780cc7bb66a84a6def20cbfc5f50dcecc1

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Jan 2021 01:01:48 GMT
server: nginx/1.18.0
content-length: 153
content-type: text/javascript

Redirect headers

Date: Mon, 25 Jan 2021 01:01:48 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-7yslKH91l2bztLT2xiqCP5UdEEmmb38h
Connection: keep-alive
Content-Length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 79ms
29ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

98918a19248d91f4353a4309a5fae0bc0079a2432a012e53beac30135c84d66e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "764 / 935 of 1000 / last-modified: 1611357125"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18839
x-xss-protection: 0
expires: Mon, 25 Jan 2021 01:01:47 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 749ms
182ms XHR
application/octet-stream 44.228.200.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.200.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-200-13.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Jan 2021 01:01:48 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 135ms
57ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 00:54:57 GMT
content-encoding: gzip
server: Server
age: 411
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id: LW_lg-4uvLBHnR81REZ7bkvfjxv9daF7FHMyaLUMzBq353lgH_GMww==

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 4 KB
2 KB 165ms
120ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22506863239%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php%22%2C%22ref%22%3A%22http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-r18Jk%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-r18Jk%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-P7Bph%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-P7Bph%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-1-dAmCn%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-dAmCn%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-2-FfF4h%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-FfF4h%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-H45tV%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-H45tV%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-LBHkw%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-LBHkw%22%2C%22siteID%22%3A439841%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&t=300&fn=window.proper_b34e4a28_00c6121f_2
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1ecd014d3b7edd1f7e66012f812d48017cb1ce47202df43763d324d293eb5432

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 01:01:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1463
Expires: Mon, 25 Jan 2021 01:01:48 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/85304/0/ 0
274 B 89ms
37ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/85304/0/mvo?z=1r&hbv=3.26,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://benefitsdepot.net
Pragma: no-cache
Date: Mon, 25 Jan 2021 01:01:48 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
147 B 48ms
16ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.26.0&cb=30873598915&im=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://benefitsdepot.net
date: Mon, 25 Jan 2021 01:01:47 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 408 B
866 B 125ms
67ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

c6c7d837dbddea3fab2e8be06f16f394e36fc0fadef8ce482f68521731d3d1a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Jan 2021 01:01:47 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 42
vary: Accept-Encoding
content-length: 408
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://benefitsdepot.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
649 B 308ms
105ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: e416b8a1a7279229c4ef8eaf6ba1ce5ca3d31e9ed55fc9a53ffa86b2f261735c

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Jan 2021 01:01:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://benefitsdepot.net
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
652 B 308ms
105ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: d96b809bee5f1eb14fc2881e74e439db6531cb51fdc7ba4ae391be2c14a5a595

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Jan 2021 01:01:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://benefitsdepot.net
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
655 B 307ms
105ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 700d417cf099e6d779b8c39774fe129ea7717b0825fdf579e97ddd9c042fd0e6

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Jan 2021 01:01:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://benefitsdepot.net
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
655 B 307ms
104ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: a71f971564c3b9f0d72b315619cf3f7e9dba4535e3d60dde7334c3f83c122719

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Jan 2021 01:01:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://benefitsdepot.net
access-control-allow-credentials: true

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 230 B
794 B 92ms
43ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22726e434278b6a37a271e%22%3A%22726e434278b6a37a271e%7C728x90%7C0.1%22%2C%227b3ebb944067407c4f8d%22%3A%227b3ebb944067407c4f8d%7C728x90%7C0.1%22%2C%2293c52263783760e6131b%22%3A%2293c52263783760e6131b%7C300x250%7C0.1%22%2C%22180a62a11e1e6fb33729%22%3A%22180a62a11e1e6fb33729%7C300x250%7C0.1%22%2C%22c64208992de69ffcbb43%22%3A%22c64208992de69ffcbb43%7C300x600%7C0.1%22%2C%2298c796eb0003223b5f23%22%3A%2298c796eb0003223b5f23%7C970x250%7C0.1%22%7D&ref=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&s=0b012108-8ec3-4e4c-bf3e-c17daf857f8a&pv=3e1e2f1e-3925-45bc-a0bb-69d087eb36e4&vp=desktop&lib_name=prebid&lib_v=3.26.0&us=1&ius=1&userid=60cbbee4-cc71-4b8d-841b-7994f318ef07&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

ffc317f848f768ba9ddbcf77654f13781f9a3de1e59d4058383d46f12671a830

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 01:01:48 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://benefitsdepot.net
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 182
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 45 B
729 B 67ms
32ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: c93f3d5d13da12d9154a80ba5736e3627f4c6ede5fb087b1dc7ce1060ce908d7

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 25 Jan 2021 01:01:47 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://benefitsdepot.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=5153920;misc=1611536507938;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153920/0/225/ 48 B
82 B 417ms
395ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153920/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=5153920;misc=1611536507938;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: fc2ff5cc740e0f1ef1ab8a859f2356153685d22d5d2bdf7256b16f0eaff0f789

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 01:01:48 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://benefitsdepot.net
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select030c.us-east-1.prod.adtech.aolcloud.net", "UserId": "600E18106E6517442D9135D5E0000000"}}
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=5153925;misc=1611536507938;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153925/0/225/ 47 B
267 B 145ms
124ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153925/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=5153925;misc=1611536507938;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: acb8129207dc0ca94d80f037d80e0b23a86db3cc954418092e28a097b8ab795d

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 01:01:48 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://benefitsdepot.net
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=5153924;misc=1611536507938;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153924/0/170/ 47 B
204 B 152ms
131ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153924/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=5153924;misc=1611536507938;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 33d47cb8b7c7c75c72c4deb7cc5872dceb7188002014e315f518df33e2775b77

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 01:01:48 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://benefitsdepot.net
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select030c.us-east-1.prod.adtech.aolcloud.net", "UserId": "600E18106E6517442D9135D5E0000000"}}
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=5153917;misc=1611536507938;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153917/0/170/ 48 B
81 B 149ms
128ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153917/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=5153917;misc=1611536507938;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: acd235e53ec1b56d52745172a2f0391700a066f20222bfb340dfdba488eb7957

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 01:01:48 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://benefitsdepot.net
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=5153921;misc=1611536507938;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153921/0/529/ 47 B
81 B 329ms
308ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5153921/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=5153921;misc=1611536507938;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: df0a03405fda26a791986771a7d5cc7c14652bfea65613771bcd349a274c726e

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 01:01:48 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://benefitsdepot.net
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select030c.us-east-1.prod.adtech.aolcloud.net", "UserId": "600E18106E6517442D9135D5E0000000"}}
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 50ms
16ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 01:01:47 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: 04eeada8-4f41-4019-9ec7-a6ab778c4582
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://benefitsdepot.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 xhr Show response
pre.ads.justpremium.com/v/2.0/t/ 44 B
253 B 261ms
208ms XHR
application/json 18.184.181.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1611536507940
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.181.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-181-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d7dd21c18f82de7955332f0beb0c74ef70d40dfbbc42e52e79a89d8cca13915e

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://benefitsdepot.net
date: Mon, 25 Jan 2021 01:01:48 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 107ms
107ms Fetch
text/html 54.166.112.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.112.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-112-225.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://benefitsdepot.net/unsubscribe.php
key: 5f5bf03e705e760013ae6eb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 25 Jan 2021 01:01:48 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 301ms
100ms Other 54.166.112.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Server: 54.166.112.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-112-225.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://benefitsdepot.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 25 Jan 2021 01:01:48 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

GET
H3-Q050 200 pubads_impl_2021011204.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 65ms
36ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

45ef498c74715600b91f8fb9fd9d61156d477fe55dc494757cfdfbce15d6d198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 15:45:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99191
x-xss-protection: 0
expires: Mon, 25 Jan 2021 01:01:48 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 117ms
39ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 00:20:03 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 2506
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: n3vT53JV7xVE3bPqZ5AGwONR5hx0N-iU2PLnr6YRR30FvRVorlXhVw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 147ms
147ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&pr=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988&pid=cqgGtcUaB0ZMi&cb=0&ws=1600x1200&v=7.58.01&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%5D&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:48 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://benefitsdepot.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: HJtQVcbo2zBbVgosoMhO53cri0RrGWfmOSfrv0tM1x1NT7eYIiy-_Q==

POST
H2 200 s2s Show response
eb.proper.io/ 303 B
567 B 203ms
194ms XHR
application/json 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s?proper_uid=60cbbee4-cc71-4b8d-841b-7994f318ef07
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 371d25c021c7dfcc7d76de7fb5854b819291858ab78863a17558007a60d71f4f

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 01:01:48 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://benefitsdepot.net
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 616e10aaaffc2b16-FRA
cf-request-id: 07d8a8bea600002b16343f2000000001
expires: -1

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame 77B2 0
0 38ms
38ms Document
text/html 13.224.102.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.66 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-66.zrh50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

:method: GET
:authority: api.pushnami.com
:scheme: https
:path: /scripts/v1/hub
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

content-type: text/html; charset=utf-8
date: Mon, 25 Jan 2021 00:56:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: pm_Q-mTb-Q_JDuSWAvqfgTgswDUJBJh6pi5nLrDGcYTAYB9NvSphYQ==
age: 335

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
224 B 103ms
102ms Fetch
text/html 34.195.162.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.162.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-162-181.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://benefitsdepot.net/unsubscribe.php
key: 5f5bf03e705e760013ae6eb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://benefitsdepot.net
date: Mon, 25 Jan 2021 01:01:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 302ms
101ms Other
application/json 34.195.162.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Server: 34.195.162.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-162-181.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://benefitsdepot.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 25 Jan 2021 01:01:48 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://benefitsdepot.net
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
803 B 55ms
27ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=benefitsdepot.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 01:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 52ms
27ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=benefitsdepot.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 01:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
14 KB 317ms
316ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1876041870438551&correlator=652751404592630&output=ldjh&impl=fifs&eid=21068773%2C21069144%2C21069817%2C21069829&vrg=2021011204&ptt=17&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210125&iu_parts=5376056%2Cbenefitsdepot_sticky_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D3884%26proper_site%3Dbenefitsdepot%26proper_slot%3D4%26tags%3D%2522%2522%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%252214%2522_desktop%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%252214%2522%26proper_sticky%3Dtrue%26proper_floor_320x50%3D0.75%26proper_floor_728x90%3D1.00%26proper_floor_320x100%3D0.75%26proper_floor_sticky_horizontal%3D1.00%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1611536509&dt=1611536509189&dlt=1611536504393&idt=3748&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=452&adks=2697425716&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php&ref=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1x-1&ga_vid=1644001086.1611536508&ga_sid=1611536509&ga_hid=659937146&fws=512&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

5756d2b1898cb73b7975abfb9b65d21f1dd2cf641b1ff93e411ba269552ca41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13924
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://benefitsdepot.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 46ms
13ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
5ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2424 0
0 35ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 25 Jan 2021 01:01:49 GMT
expires: Tue, 25 Jan 2022 01:01:49 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
29 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319200633513"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Mon, 25 Jan 2021 01:01:49 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 55ms
34ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021011204&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a48dfe7ebbc4cc597a823bc70a4a76df15b341292134bba3fd4892d3dfbe8e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 01:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6709
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011204.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 01:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Mon, 25 Jan 2021 01:01:49 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 01FB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Sun, 24 Jan 2021 11:43:43 GMT
expires: Mon, 24 Jan 2022 11:43:43 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 47886
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 182ms
181ms XHR
application/octet-stream 44.228.200.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.200.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-200-13.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Jan 2021 01:01:49 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
201 B 40ms
40ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021011204&jk=1876041870438551&bg=!T0ylTA_NAAXyQKAs8jsAKQB2-DxaHXkXeojaBghn3HeMPq2tiO1z9PlIJBV3-0HrssfTqcfWnkOzAgAAAMBSAAAAHWgBBwoBAPGUEH70fNSHgmuc0pogvDjqrWFDDRbnF9yxZabOQnAIsUHiya3QPr9Q8S_vY3avzXtugKhjj4q4DFNVG8AkdESym3PUiiRWHJusN4mfEQpm3TUKcdhASKI_6NexljUrmI0IcNkcuv4TffuEpF0WnvAynPMqxpSm-CxuwV3jwixEuWkE5XM3TKST2XYvgdiXj2KYlAuCJytrjAOJ_k5RpNqFTkh6-FShnxlvE1jCPiSGKKOpdxIOwxCOdqDF9fB6saa2FwiP6H3TqTwtjNdOn9hR-5jJlCXddt7uDJFOTSBfo48i2WTdVCMAtIPVjFn8SWmindJ2wPWApy_eIOM06MCZAdNDUaRVf3IbWmnYVQbJurGVosNy-tVsz69ilJcdrzCf6cbZA99FB-jX8u2K-3jyJ-Z5tIDaKZraoOsDM4-NIHZ3F9eERuXdA28DmJominzV3K43vcrXxNf59WYSgEUCE1wAXfY6kDbIXWEtCuzdVRfwqNzNfx-Pp-6jE100PEa2kZFUPKTT6pHSCXd_GvAqnFBSoilWiTP2s7u_TIFRd67pa-gyq281FMho8hKpfbM650o6Ewo5SRV5wH3PK2-hKyDZ3cb7zLwiYWMe8pVxBmA3n6htKtLatSnFv01RBgzKq0KLvT6-wYWvP8Q5vodt1uQDogNsRJgRVlU8HwhFeNRwEQkPVz8b-F_-ma9V0z_SG2n7a0DcyJg9kVF7e2oizPE7Oce9t0bCO7lVKa2IPB-cD6adtKbUe2FNcKPTDfJu0tqLbpjccfgeCxM5dGnygPUBSBWB_bprGSkRcnHzrRP9oK1UwfouRcd_OM_mBLsGKUMDANlAaLshI9D6aHJY9KbBs9H4rEN0Oa9S8Wfi1UIVD5-s_jxkil7H8amOOeVXC8r0cUW7M7Ee3jc04uW-cMLAILel3tEbxgfKjNeYHhSXZLIfyh4b481yNiinHDSlj4wWWg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefitsdepot.net/unsubscribe.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 01:01:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D94E 0
0 67ms
21ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://benefitsdepot.net/unsubscribe.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 25 Jan 2022 01:01:52 GMT
Date: Mon, 25 Jan 2021 01:01:52 GMT
Connection: keep-alive

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 2EEF 0
0 66ms
21ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://benefitsdepot.net/unsubscribe.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

Server: Apache
Last-Modified: Tue, 06 Oct 2020 14:04:48 GMT
ETag: "e20015-8f4-5b10114f2003a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1136
Date: Mon, 25 Jan 2021 01:01:52 GMT
Connection: keep-alive

GET
H2 200 iframe
mantodea.mantisadnetwork.com/prebid/ Frame 66CA 0
0 309ms
101ms Document
text/html 52.22.15.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?referrer=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988&tz=-60&buster=1611536507832&secure=true&version=9&mobile=false&title=BenefitsDepot&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.15.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-15-148.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

:method: GET
:authority: mantodea.mantisadnetwork.com
:scheme: https
:path: /prebid/iframe?referrer=http%3A%2F%2Fvoluptateqrgts.cartyr.de%2Frd%2Fu3981FYdOs1188952gAIL54549ERY2499wtAX988&tz=-60&buster=1611536507832&secure=true&version=9&mobile=false&title=BenefitsDepot&url=https%3A%2F%2Fbenefitsdepot.net%2Funsubscribe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

date: Mon, 25 Jan 2021 01:01:52 GMT
content-type: text/html; charset=utf-8
content-length: 312
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
etag: W/"138-CB3XuUKt5LniJPnMm/Tz+RQiIu0"

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 2608 0
0 55ms
21ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

date: Mon, 25 Jan 2021 01:01:52 GMT
set-cookie: __cfduid=d6a99a894e532c92bf0ecb1c9425a3eb61611536512; expires=Wed, 24-Feb-21 01:01:52 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 07d8a8ce4d0000fa8c5418f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 616e10c3aef2fa8c-AMS

GET
H/1.1 200
OK Cookie set check.html
biddr.brealtime.com/ Frame F079 0
0 67ms
26ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://benefitsdepot.net/unsubscribe.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

Date: Mon, 25 Jan 2021 01:01:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d3649651fe4226ef7441cfb33ee12347e1611536512; expires=Wed, 24-Feb-21 01:01:52 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2: UWPVvGwdhnETpW4mxEpx92XhIjfJegXLkN9ppYVonq8NlajViSaojmvSI78gSJxu+Hj73vbHFv8=
x-amz-request-id: 5B1693653254EADE
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 711
Expires: Mon, 25 Jan 2021 01:02:52 GMT
Cache-Control: public, max-age=60
cf-request-id: 07d8a8ce5700000b636501a000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 616e10c3bee20b63-AMS
Content-Encoding: gzip

GET
H2 200 sync
pre.ads.justpremium.com/v/1.0/t/ Frame CD56 0
0 1345ms
1344ms Document
text/html 18.184.181.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a17j521611536507921
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.181.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-181-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: pre.ads.justpremium.com
:scheme: https
:path: /v/1.0/t/sync?_c=a17j521611536507921
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

date: Mon, 25 Jan 2021 01:01:55 GMT
content-type: text/html; charset=utf-8
cache-control: public, no-cache, no-store, must-revalidate

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 31B3 0
0 1572ms
25ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://benefitsdepot.net/unsubscribe.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=27407
Expires: Mon, 25 Jan 2021 08:38:42 GMT
Date: Mon, 25 Jan 2021 01:01:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame C416 0
0 1675ms
22ms Document
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://benefitsdepot.net/unsubscribe.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Jan 2021 01:01:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 iframe
sync.teads.tv/ Frame DA02 0
0 2423ms
50ms Document
text/html 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?gdprIab=%7B%22status%22%3A12%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 153
expires: Mon, 25 Jan 2021 01:01:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 25 Jan 2021 01:01:56 GMT
set-cookie: tt_bluekai=; Expires=Sun, 24 Jan 2021 00:01:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Sun, 24 Jan 2021 00:01:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Sun, 24 Jan 2021 00:01:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Sun, 24 Jan 2021 00:01:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Sun, 24 Jan 2021 00:01:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Sun, 24 Jan 2021 00:01:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Sun, 24 Jan 2021 00:01:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Sun, 24 Jan 2021 00:01:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Sun, 24 Jan 2021 00:01:56 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H2

200

sync
eb2.3lift.com/ Frame 3BD3
Redirect Chain

https://ib.3lift.com/sync?
https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

0
0

22ms
22ms

Document
text/html

18.158.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.74.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=6578796146230959806
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

date: Mon, 25 Jan 2021 01:01:56 GMT
content-type: text/html; charset=utf-8
content-length: 479
set-cookie: sync=CgoIgQIQ4Yu_uPMuCgoIkQIQ4Yu_uPMuCgoI4gEQ4Yu_uPMuCgoIkgIQ4Yu_uPMuCgoI5gEQ4Yu_uPMuCgoIhwIQ4Yu_uPMuCgkIOhDhi7-48y4KCQgLEOGLv7jzLgoJCF8Q4Yu_uPMuCgkIHxDhi7-48y4=; Max-Age=7776000; Expires=Sun, 25 Apr 2021 01:01:56 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=6578796146230959806; Max-Age=7776000; Expires=Sun, 25 Apr 2021 01:01:56 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Mon, 25 Jan 2021 01:01:56 GMT
content-length: 0
set-cookie: tluid=6578796146230959806; Max-Age=7776000; Expires=Sun, 25 Apr 2021 01:01:56 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 usersync.html
cdn.undertone.com/js/ Frame 9395 0
0 29ms
6ms Document
text/html 2600:9000:206f:3e00:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn.undertone.com
:scheme: https
:path: /js/usersync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

content-type: text/html
date: Sun, 24 Jan 2021 16:12:52 GMT
last-modified: Wed, 16 Dec 2020 12:35:23 GMT
etag: W/"8ee422394c26ec0371c4676b43dd838d"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: suiJqTbhpUk0sqN932BKDQYKzttFwdsacs1XLc6fsTqupxciq49L_g==
age: 31744

GET
H/1.1 204 sync_iframe
sync.bfmio.com/ Frame 8A27 0
0 411ms
98ms Document
text/plain 3.225.136.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.136.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-136-82.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://benefitsdepot.net/unsubscribe.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

Date: Mon, 25 Jan 2021 01:01:55 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 376C 0
0 96ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://benefitsdepot.net/unsubscribe.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=27407
Expires: Mon, 25 Jan 2021 08:38:42 GMT
Date: Mon, 25 Jan 2021 01:01:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 v2
de.tynt.com/deb/ Frame 4AE4 0
0 331ms
110ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cofIPsicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip181.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=cofIPsicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

cache-control: max-age=86400
expires: Tue, 26 Jan 2021 01:01:55 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 25 Jan 2021 01:01:55 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2
de.tynt.com/deb/ Frame ECFA 0
0 330ms
111ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cyKUv-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip181.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=cyKUv-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

cache-control: max-age=86400
expires: Tue, 26 Jan 2021 01:01:55 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 25 Jan 2021 01:01:55 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2
de.tynt.com/deb/ Frame 2D54 0
0 110ms
110ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=crfUxYicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip181.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=crfUxYicGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

cache-control: max-age=86400
expires: Tue, 26 Jan 2021 01:01:57 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 25 Jan 2021 01:01:56 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2
de.tynt.com/deb/ Frame 96EF 0
0 110ms
109ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=chtZg-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip181.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=chtZg-icGr6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://benefitsdepot.net/unsubscribe.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://benefitsdepot.net/unsubscribe.php

Response headers

cache-control: max-age=86400
expires: Tue, 26 Jan 2021 01:01:57 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 25 Jan 2021 01:01:56 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benefitsdepot.net/	1970-01-20 00:24:32	Name: verizon_media_s2s_cookie Value: y-7yslKH91l2bztLT2xiqCP5UdEEmmb38h
.benefitsdepot.net/	1970-01-19 15:38:58	Name: properSessionData Value: eyJ1dWlkIjoiNzkxYmQ1ZDEtODQ4Ny00YWE2LTkzYzEtMjlmYmEyYWJiMjA3IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiaHR0cDovL3ZvbHVwdGF0ZXFyZ3RzLmNhcnR5ci5kZS9yZC91Mzk4MUZZZE9zMTE4ODk1MmdBSUw1NDU0OUVSWTI0OTl3dEFYOTg4IiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MH0=
.benefitsdepot.net/	1970-01-20 09:10:08	Name: _ga Value: GA1.2.1644001086.1611536508
.benefitsdepot.net/	1970-01-20 01:03:25	Name: __qca Value: P0-1989302201-1611536507886
.benefitsdepot.net/	1970-01-20 00:24:32	Name: proper_tracker_cookie Value: eyJwaWQiOiIiLCJiaWRkZXJzIjp7InZlcml6b25fbWVkaWFfczJzIjoxfSwicHJvcGVyX3VpZCI6IjYwY2JiZWU0LWNjNzEtNGI4ZC04NDFiLTc5OTRmMzE4ZWYwNyJ9
benefitsdepot.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 90ab7a5567eae90421c9f5fd55020382
benefitsdepot.net/	1970-01-20 00:24:32	Name: _pubcid Value: 60cbbee4-cc71-4b8d-841b-7994f318ef07
.benefitsdepot.net/	1970-01-19 15:38:56	Name: _gat_gtag_UA_149686528_2 Value: 1
.benefitsdepot.net/	1970-01-19 15:40:22	Name: _gid Value: GA1.2.2072930939.1611536508

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USPAPI workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6(Line 276) Message: {}
console-api	log	URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6(Line 179) Message: Tracking OK [object Response]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.pushnami.com
as-sec.casalemedia.com
benefitsdepot-net.disqus.com
benefitsdepot.net
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
buttons-config.sharethis.com
c.amazon-adsystem.com
c.sharethis.mgr.consensu.org
cdn.districtm.io
cdn.undertone.com
cdnjs.cloudflare.com
de.tynt.com
e3680f989f112883fd24a60c937a15e3.safeframe.googlesyndication.com
eb.proper.io
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.proper.io
hb-api.omnitagjs.com
ib.3lift.com
ib.adnxs.com
js-sec.indexww.com
l.sharethis.com
mantodea.mantisadnetwork.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pixel.quantserve.com
platform-api.sharethis.com
pre.ads.justpremium.com
psp.pushnami.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
sync.bfmio.com
sync.teads.tv
tag.1rx.io
tpc.googlesyndication.com
trc.pushnami.com
ups.analytics.yahoo.com
usync.proper.io
voluptateqrgts.cartyr.de
www.fopiwino.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
104.108.50.124
104.111.242.245
104.16.190.66
104.17.120.107
13.224.102.117
13.224.102.66
13.224.103.105
151.101.12.134
172.217.18.2
178.162.133.150
178.250.2.131
18.158.74.203
18.184.181.235
185.255.84.151
185.33.221.90
2.18.232.130
2.18.233.180
2.18.234.21
2001:4de0:ac19::1:b:1a
208.100.17.181
209.212.148.3
213.19.147.210
2600:9000:206f:3e00:1f:2473:9080:93a1
2600:9000:2190:3c00:c:a9b7:ddc0:93a1
2600:9000:2190:8a00:1c:8a07:5e80:93a1
2600:9000:2190:9200:c:abe:f440:93a1
2600:9000:2190:c800:6:44e3:f8c0:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700::6810:135e
2606:4700::6811:4f22
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2008
2a00:1450:4001:801::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:815::200a
2a00:1450:4001:818::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81f::200a
3.124.48.224
3.126.56.137
3.225.136.82
34.195.162.181
34.200.78.134
44.228.200.13
45.148.9.118
52.13.149.62
52.22.15.148
54.166.112.225
72.251.249.14
78.47.101.54
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ca297fe6f6f7d45f34c83d936bda5ddd7b73f7e19d694abbe6dbf0365caa5b4
1dea0bd907087e7d6b4ae0622fa75ee4e9ae8ff7cc7e77a163b172a0125b1775
1ecd014d3b7edd1f7e66012f812d48017cb1ce47202df43763d324d293eb5432
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2f9a3ff3d381edd73e8898ddb7d5c705a5adb948e867e5121e4b662729b44805
33d47cb8b7c7c75c72c4deb7cc5872dceb7188002014e315f518df33e2775b77
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
371d25c021c7dfcc7d76de7fb5854b819291858ab78863a17558007a60d71f4f
3869ca349c4042e7b44bcbbd75b658780cc7bb66a84a6def20cbfc5f50dcecc1
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
45ef498c74715600b91f8fb9fd9d61156d477fe55dc494757cfdfbce15d6d198
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5756d2b1898cb73b7975abfb9b65d21f1dd2cf641b1ff93e411ba269552ca41d
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2aa54ef6bb1e80e434d3f3e6deb04a463a35e651b9403f8a80445289281d98
6d90c9d8fbe47d5b256ed4de4bc18965b9f817c7436f94cba20bf56fc41b754a
700d417cf099e6d779b8c39774fe129ea7717b0825fdf579e97ddd9c042fd0e6
713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7b0fc94d83150b73dc566b933bc5c823621e210de6d45621d1101207202d0a15
8a93db4b3a7d15238afd1eb9ead3c0240331aa89319992be45229491642043c8
95fac9ed03caf2a7e9204389aacf59c252f499c19c025358f68c96dd4da74483
98918a19248d91f4353a4309a5fae0bc0079a2432a012e53beac30135c84d66e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a48dfe7ebbc4cc597a823bc70a4a76df15b341292134bba3fd4892d3dfbe8e89
a71f971564c3b9f0d72b315619cf3f7e9dba4535e3d60dde7334c3f83c122719
aa892a3e8ae2d858596e031c41aa9c5368d94d5da554a4dd4cf10ae942df4377
acb8129207dc0ca94d80f037d80e0b23a86db3cc954418092e28a097b8ab795d
acd235e53ec1b56d52745172a2f0391700a066f20222bfb340dfdba488eb7957
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
b7b8981cb6f6936f083e3fa8007621bbf153e4c095f11881fa2014bd4a93b518
b805694cd109a1a60f45b70d8afbaa5a38d4cacd290a6633175efa95559b1de4
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
c6c7d837dbddea3fab2e8be06f16f394e36fc0fadef8ce482f68521731d3d1a4
c93f3d5d13da12d9154a80ba5736e3627f4c6ede5fb087b1dc7ce1060ce908d7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d7dd21c18f82de7955332f0beb0c74ef70d40dfbbc42e52e79a89d8cca13915e
d96b809bee5f1eb14fc2881e74e439db6531cb51fdc7ba4ae391be2c14a5a595
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
df0a03405fda26a791986771a7d5cc7c14652bfea65613771bcd349a274c726e
df35edbdf585ab9f21871115b309fb4cde4be9d754c210dfd27ccec1e0ada438
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e416b8a1a7279229c4ef8eaf6ba1ce5ca3d31e9ed55fc9a53ffa86b2f261735c
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f1dbffd2dc606444293988544c0d43edd5f2f538c89bc2b7484ea06e42af172c
f4ba508d250f496d94821e970ca0d869e34c177f3946b15b1e69115391090aa0
fc2ff5cc740e0f1ef1ab8a859f2356153685d22d5d2bdf7256b16f0eaff0f789
ffc317f848f768ba9ddbcf77654f13781f9a3de1e59d4058383d46f12671a830

benefitsdepot.net Open in urlscan Pro 209.212.148.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

99 %HTTPS

37 %IPv6

44 Domains

57 Subdomains

49 IPs

7 Countries

699 kBTransfer

1942 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

benefitsdepot.net Open in urlscan Pro
209.212.148.3 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

99 %
HTTPS

37 %
IPv6

44
Domains

57
Subdomains

49
IPs

7
Countries

699 kB
Transfer

1942 kB
Size

9
Cookies

90 HTTP transactions
0 data transactions