corporatebenefitdesign0.us1.advisor.ws Open in urlscan Pro
52.36.228.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://corporatebenefitdesign0.us1.advisor.ws/
Submission: On June 03 via automatic, source certstream-suspicious (June 3rd 2023, 7:04:20 am UTC) — Scanned from DE

Summary HTTP 65 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 65 HTTP transactions. The main IP is 52.36.228.114, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is corporatebenefitdesign0.us1.advisor.ws.
TLS certificate: Issued by R3 on June 3rd 2023. Valid for: 3 months.

This is the only time corporatebenefitdesign0.us1.advisor.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	52.36.228.114 52.36.228.114	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
65	13

32 52.36.228.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-228-114.us-west-2.compute.amazonaws.com

corporatebenefitdesign0.us1.advisor.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	advisor.ws corporatebenefitdesign0.us1.advisor.ws	4 MB
8	gstatic.com www.gstatic.com fonts.gstatic.com	660 KB
7	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 3105	31 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	22 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5230	622 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 111	451 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	144 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	33 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 398 fonts.googleapis.com — Cisco Umbrella Rank: 66	7 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	35 KB
65	10

	Domain	Requested by
32	corporatebenefitdesign0.us1.advisor.ws	corporatebenefitdesign0.us1.advisor.ws
6	www.google.com	corporatebenefitdesign0.us1.advisor.ws www.gstatic.com www.google.com
5	www.gstatic.com	www.google.com
4	www.google-analytics.com	corporatebenefitdesign0.us1.advisor.ws www.google-analytics.com
3	www.google.de	corporatebenefitdesign0.us1.advisor.ws
3	fonts.gstatic.com	fonts.googleapis.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.googletagmanager.com	corporatebenefitdesign0.us1.advisor.ws www.googletagmanager.com
2	cdnjs.cloudflare.com	corporatebenefitdesign0.us1.advisor.ws cdnjs.cloudflare.com
2	cdn.jsdelivr.net	corporatebenefitdesign0.us1.advisor.ws cdn.jsdelivr.net
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	corporatebenefitdesign0.us1.advisor.ws
65	13

This site contains links to these domains. Also see Links.

Domain
advgrp.co
www.finra.org
www.sipc.org
www.advisorwebsites.com
brokercheck.finra.org

Subject Issuer	Validity	Valid
corporatebenefitdesign0.us1.advisor.ws R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://corporatebenefitdesign0.us1.advisor.ws/
Frame ID: 103B2CB630A8EC6B265BD66CD8088F1F
Requests: 58 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly9jb3Jwb3JhdGViZW5lZml0ZGVzaWduMC51czEuYWR2aXNvci53czo0NDM.&hl=en&type=image&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=yzxkh2ttc8ym
Frame ID: C8C24DA01D168651CE7C23BF88226CC5
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW
Frame ID: 63813220055165BB171A055E0CF26634
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Corporate Benefit Design

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

65
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

5334 kB
Transfer

7406 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://advgrp.co/FormCRS-WFS
Title: Woodbury Form CRS

Search URL Search Domain Scan URL

URL: https://www.finra.org/#/
Title: FINRA

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

URL: https://www.advisorwebsites.com/
Title: .st0 { fill: var(--primary-contrast, #fff); } .st1 { fill: var(--primary-contrast, #fff); stroke: var(--primary-contrast, #fff); stroke-width: 2.7614; stroke-miterlimit: 10; }

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
corporatebenefitdesign0.us1.advisor.ws/ 88 KB
20 KB 1670ms
1140ms Document
text/html 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

09c6cde9cd5af0569dced65c5d8ba205730698a921cef5392c2ca9b2cd1f59ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: must-revalidate, no-cache, private no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 07:04:11 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
permissions-policy: interest-cohort=()
server: nginx
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-drupal-cache-ratio: 0.99227373068433
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-nocache: Cache
x-server-name: corporatebenefitdesign0.us1.advisor.ws
x-speed-cache: BYPASS
x-speed-cache-key: /
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 162ms
46ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8d407cd28e2db7a40917117ec99a996194878d452f589860cb45083e6d7208f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Sat, 03 Jun 2023 07:04:12 GMT

GET
H2 200 google_tag.script.js Show response
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/google_tag/default/ 348 B
622 B 372ms
371ms Script
application/javascript 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/google_tag/default/google_tag.script.js?rvo0vl

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c084091d79e0d9b5116670817c737422f3f6262d9159e1cd1ca58ea537a376f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 07:03:49 GMT
server: nginx
etag: "647ae5d5-15c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 348
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/ 38 KB
8 KB 189ms
188ms Stylesheet
text/css 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ad730f5607011dc1687cf9071c3b781ff4132629c322d6906810c99914ab556b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 07:04:06 GMT
server: nginx
etag: "647ae5e6-1ec2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
content-length: 7874
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 css_lTzLNmeXozAQt-rtKC2A2WJMQOohBmSaXOqRQLJE6Og.css
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/ 72 KB
8 KB 198ms
197ms Stylesheet
text/css 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_lTzLNmeXozAQt-rtKC2A2WJMQOohBmSaXOqRQLJE6Og.css

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

953ccb366797a33010b7eaed282d80d9624c40ea2106649a5cea9140b244e8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 07:04:07 GMT
server: nginx
etag: "647ae5e7-1ea5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
content-length: 7845
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 foundation-icons.min.css
cdn.jsdelivr.net/foundation-icons/3.0/ 17 KB
4 KB 34ms
8ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.min.css

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4583267bc4084d808f5832f3397b30913b0fbb5b637801363326fb2a277f2416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 07:04:12 GMT
age: 2090333
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3583
x-served-by: cache-fra-eddf8230113-FRA
etag: W/"440c-3pFuUHv0dYilm9845JTufYMiDIo"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css_JyoOHdhVxvflvtLoj2ngW9HVZGlShbCgv497jT7PEKs.css
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/ 384 KB
46 KB 362ms
362ms Stylesheet
text/css 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_JyoOHdhVxvflvtLoj2ngW9HVZGlShbCgv497jT7PEKs.css

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

272a0e1dd855c6f7e5bed2e88f69e05bd1d564695285b0a0bf8f7b8d3ecf10ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 07:04:07 GMT
server: nginx
etag: "647ae5e7-b7e7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
content-length: 47079
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 Final1Black_1.png
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/max_650x650/public/images/ 60 KB
61 KB 562ms
559ms Image
image/png 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/max_650x650/public/images/Final1Black_1.png?itok=WGyiA1Kf

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

107a0d9c21564592e1261cf26e6930d0d61d6d07192abac062b892d3330d6b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Aug 2020 19:37:05 GMT
server: nginx
etag: "5f2b0a61-f121"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 61729
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 kait-herzog-6vWD_xnzPuU-unsplash.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_xl/public/images/ 128 KB
129 KB 723ms
720ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_xl/public/images/kait-herzog-6vWD_xnzPuU-unsplash.jpg?itok=N-RbrIMh

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6b632654d3a87ab2b6090dc087c18059e03d4ef4290450f9051fbc114d87aed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Sep 2019 17:28:15 GMT
server: nginx
etag: "5d83baaf-20104"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 131332
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 shutterstock_242847928_0.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_xl/public/images/ 95 KB
95 KB 734ms
732ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_xl/public/images/shutterstock_242847928_0.jpg?itok=N4v4q620

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

59f674f85530c7e296cfaaff792c426b85ed209519e0c6e04c40f4e798c428bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Sep 2019 17:28:16 GMT
server: nginx
etag: "5d83bab0-17aec"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 97004
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 shutterstock_263495984.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_xl/public/images/ 82 KB
83 KB 897ms
895ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_xl/public/images/shutterstock_263495984.jpg?itok=PCOh01PQ

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

23c74d8135f2e4c98609ef6dba081d56f98a63d460520afa6212621439a7d28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Sep 2019 17:28:16 GMT
server: nginx
etag: "5d83bab0-1496b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 84331
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 brad_rothhammer.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/portrait_500x600/public/images/ 29 KB
29 KB 900ms
898ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/portrait_500x600/public/images/brad_rothhammer.jpg?h=f65571fb&itok=xwrp3NXw

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

80124499a3501c865d69e91b800480fc8038937c52cfc5fe6194864362decc92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 00:14:46 GMT
server: nginx
etag: "5dc21076-72ea"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29418
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 Parker%20Rothhammer.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/portrait_500x600/public/images/ 35 KB
35 KB 901ms
899ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/portrait_500x600/public/images/Parker%20Rothhammer.jpg?h=7eaa5118&itok=3HtSRGWt

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

37f8892db5b5470dadacee1ee02188a3cb66e26b20312d76453208392671d8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 00:15:31 GMT
server: nginx
etag: "5dc210a3-8a18"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35352
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 hadley-2018.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/portrait_500x600/public/images/ 27 KB
27 KB 906ms
904ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/portrait_500x600/public/images/hadley-2018.jpg?h=195bf1f3&itok=EGXC7rje

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

dd1a43ae1a9afd00df9f04f9875e008d839c8b55cf2e8db60382a6ca896c3923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Aug 2020 21:28:13 GMT
server: nginx
etag: "5f330d6d-6c20"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27680
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 Sheryl%20Brown.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/portrait_500x600/public/images/ 33 KB
34 KB 912ms
910ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/portrait_500x600/public/images/Sheryl%20Brown.jpg?h=57730094&itok=m4IHtj4K

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6e0b423bb5c14d020a0b18c833e738c8d8e9f946b6f7007053500a17a597d070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 00:16:31 GMT
server: nginx
etag: "5dc210df-84d8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 34008
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 stock1.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/featured_fixed_height/public/images/ 31 KB
31 KB 919ms
917ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/featured_fixed_height/public/images/stock1.jpg?h=def3cf70&itok=YvH7PyNX

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

55f5f8141801d61bd6304f193ee35cfb38ac040506842da3868f87c167ca0b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Aug 2020 21:28:15 GMT
server: nginx
etag: "5f330d6f-7a10"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 31248
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 bU6JyhSI6zo.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/featured_fixed_height/public/unsplash/ 22 KB
22 KB 920ms
918ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/featured_fixed_height/public/unsplash/bU6JyhSI6zo.jpg?h=3dbd9eac&itok=xqw44QXl

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

cf611b0aa260ebed4cb5d11b499630866eff83637beca691200b03fc0fb00900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Aug 2020 21:28:15 GMT
server: nginx
etag: "5f330d6f-5633"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22067
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 stcok2.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/featured_fixed_height/public/images/ 35 KB
35 KB 923ms
921ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/featured_fixed_height/public/images/stcok2.jpg?h=def3cf70&itok=ew1ZtMHA

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

056e701c6d2449d697669fb08afa38d1c8208223e0180d320956844a2e155414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Aug 2020 21:28:15 GMT
server: nginx
etag: "5f330d6f-8af8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35576
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 colored-small.png
corporatebenefitdesign0.us1.advisor.ws/modules/custom/themes/images/brokercheck-icons/ 10 KB
11 KB 928ms
926ms Image
image/png 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/modules/custom/themes/images/brokercheck-icons/colored-small.png

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

92ebc5eb51c7f516c514dcb4ddebdd12e0ef0c3497ceae8534275fc5ae6a579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 30 Jul 2020 16:46:05 GMT
server: nginx
etag: "5f22f94d-29db"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10715
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 js_vGzob6Ye5H8rRiJk_8-rDWGxe6STkGlzKlxl_K2y1r4.js Show response
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/js/ 135 KB
47 KB 384ms
381ms Script
application/javascript 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/js/js_vGzob6Ye5H8rRiJk_8-rDWGxe6STkGlzKlxl_K2y1r4.js

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bc6ce86fa61ee47f2b462264ffcfab0d61b17ba4939069732a5c65fcadb2d6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 07:03:54 GMT
server: nginx
etag: "647ae5da-bb4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
content-length: 47951
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 149ms
37ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 05:04:50 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 7162
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 03 Jun 2023 07:04:50 GMT

GET
H2 200 js_MMJd_c5VE6Hj1b6viYhWAB9em8QnfVpzrpktc7aYLFg.js Show response
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/js/ 1 KB
796 B 549ms
546ms Script
application/javascript 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/js/js_MMJd_c5VE6Hj1b6viYhWAB9em8QnfVpzrpktc7aYLFg.js

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

30c25dfdce5513a1e3d5beaf898856001f5e9bc4277d5a73ae992d73b6982c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 07:03:55 GMT
server: nginx
etag: "647ae5db-1fc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
content-length: 508
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 117ms
36ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 06:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 06:16:43 GMT

GET
H2 200 js_VvdzHsUEfSt6htvxyQTYfjVcDThLbnGmuZCYY--yOoU.js Show response
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/js/ 399 KB
66 KB 549ms
546ms Script
application/javascript 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/js/js_VvdzHsUEfSt6htvxyQTYfjVcDThLbnGmuZCYY--yOoU.js

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

56f7731ec5047d2b7a86dbf1c904d87e355c0d384b6e71a6b9909863efb23a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 07:04:07 GMT
server: nginx
etag: "647ae5e7-10544"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
content-length: 66884
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 13 KB
3 KB 53ms
18ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 447459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2217
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-329e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2ULyveOWJEOxFChHqALSp3Awidi5DkSrd8rCah%2B6upBHapNHkPGmD04fTJ6ug3yLOQgXYRVuvYOBy6l4WBFL7BskR7U4sxfAOzeG%2B%2FJol5l43mbNBbEgncE5aJreOq0x6%2F%2Bbx1XJLdp91RzeKTO4puD"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d1614a3fd88194d-FRA
expires: Thu, 23 May 2024 07:04:12 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ 407 KB
163 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 15:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166186
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 15:48:25 GMT

GET
H2 200 bailey-starner-jGBZ_cz7t4Q-unsplash_0.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/images/ 3 MB
3 MB 533ms
527ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/images/bailey-starner-jGBZ_cz7t4Q-unsplash_0.jpg

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

57e71d57603d84ffedd3836fdd9b274acf6eef2eb6e309db76ec62f62b971945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Sep 2019 17:15:55 GMT
server: nginx
etag: "5d83b7cb-3523af"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3482543
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 montserrat-latin-400-normal.woff2
corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/montserrat/files/ 12 KB
13 KB 1027ms
1025ms Font
application/octet-stream 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/montserrat/files/montserrat-latin-400-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 23:07:21 GMT
server: nginx
etag: "640faca9-31a4"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 12708
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 raleway-latin-400-normal.woff2
corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/ 21 KB
21 KB 1028ms
1027ms Font
application/octet-stream 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/raleway-latin-400-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 23:07:22 GMT
server: nginx
etag: "640facaa-5320"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21280
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H3 200 foundation-icons.woff
cdn.jsdelivr.net/foundation-icons/3.0/ 31 KB
32 KB 22ms
9ms Font
font/woff 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.woff

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.min.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
age: 1561294
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32020
x-served-by: cache-fra-eddf8230033-FRA
etag: W/"7d14-ES+w5JgDfy/qA2rbgQXkdjgVnqo"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 montserrat-latin-400-italic.woff2
corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/montserrat/files/ 13 KB
13 KB 1023ms
1019ms Font
application/octet-stream 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/montserrat/files/montserrat-latin-400-italic.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0daf844710614138ad93ccc63bae5b8d2575780a5330e662f1375a03d8951aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 23:07:21 GMT
server: nginx
etag: "640faca9-32c4"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 12996
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 06:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Jun 2023 07:11:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 301ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRaleway:400,300,400italic,700,700italic%7CMontserrat:400,700%7CMontserrat:400,700%7CRaleway:400,300,400italic,700,700italic&subset=latin,latin,latin,latin,latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1d1fa99ea03d8fa5a00b03af7158e5c2f15d500c6cf30f7fcf4bcc1cf33c1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 07:04:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 07:04:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
57 KB 291ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDR56SM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

686f7298b939387a065c21685adf6bcd9f172f45d5ee44bf3ab0868495f96cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58420
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jun 2023 07:04:12 GMT

GET
H3 200 Simple-Line-Icons.woff2
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/fonts/ 29 KB
30 KB 59ms
29ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/fonts/Simple-Line-Icons.woff2?v=2.4.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:12 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 981275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30064
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-7570"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvA0zbgtYPmJcWn0XL%2BouIQoavVLLId5K0nKBwVMkKuV93jlcWeKJOwCzGYrlnDOa8I%2BtpAyfc8REMcYuvR5T6FGDcjoISg4f9NBTd%2BGInGXNTkO3VEe3XucbGPWjyNQuQzoPQN77CKvoY2kXBgxbcGX"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d1614a7dfea3687-FRA
expires: Thu, 23 May 2024 07:04:12 GMT

GET
H2 200 montserrat-latin-700-normal.woff2
corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/montserrat/files/ 13 KB
13 KB 808ms
807ms Font
application/octet-stream 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/montserrat/files/montserrat-latin-700-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 23:07:21 GMT
server: nginx
etag: "640faca9-3230"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 12848
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 kait-herzog-6vWD_xnzPuU-unsplash.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_s/public/images/ 25 KB
25 KB 783ms
776ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_s/public/images/kait-herzog-6vWD_xnzPuU-unsplash.jpg?itok=1b3mxA8i

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

de9519449e5d63048b821c71a5f2dc7b1ed8c88fe12200d1fa43e7965001daca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Sep 2019 17:28:16 GMT
server: nginx
etag: "5d83bab0-62df"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25311
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 shutterstock_242847928_0.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_s/public/images/ 21 KB
22 KB 796ms
789ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_s/public/images/shutterstock_242847928_0.jpg?itok=0Ni8XUZL

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4a760b7a861315886258570e7d34a4f936390b6fff5069c6a971a2046d3f9f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Sep 2019 17:28:16 GMT
server: nginx
etag: "5d83bab0-559c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21916
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 shutterstock_263495984.jpg
corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_s/public/images/ 18 KB
19 KB 796ms
790ms Image
image/jpeg 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/styles/slider_s/public/images/shutterstock_263495984.jpg?itok=nSc4HzIM

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9b182625c86cd175fc60b8a0acff0e5af340d79b74f58b24664a72bc35e70573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 07:04:12 GMT
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Sep 2019 17:28:16 GMT
server: nginx
etag: "5d83bab0-49e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18918
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C8C2 51 KB
29 KB 73ms
60ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly9jb3Jwb3JhdGViZW5lZml0ZGVzaWduMC51czEuYWR2aXNvci53czo0NDM.&hl=en&type=image&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=yzxkh2ttc8ym

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17098b6d594fa1a947f7dca67537c5eb9a530dea06ec5468afc7a4941a0afb2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RQ07Fgw4DQXKUzbWZY3HRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28746
content-security-policy: script-src 'report-sample' 'nonce-RQ07Fgw4DQXKUzbWZY3HRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:04:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 57ms
52ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2131583653&t=pageview&_s=1&dl=https%3A%2F%2Fcorporatebenefitdesign0.us1.advisor.ws%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Corporate%20Benefit%20Design&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIhAAAAACAAI~&jid=1246141283&gjid=960678199&cid=1454208229.1685775853&tid=UA-8316478-16&_gid=2069432921.1685775853&_r=1&_slc=1&cd5=0&cd6=&cd1=corporatebenefitdesign0&cd2=1744&cd3=2903&cd4=e0b18322-462e-4314-bdb5-8bb0de7fbbbc&cd7=ascend&cd8=1&cd9=0.9900990099009901&cd10=active&z=838069148

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 07:04:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporatebenefitdesign0.us1.advisor.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
364 B 64ms
23ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-8316478-16&cid=1454208229.1685775853&jid=1246141283&gjid=960678199&_gid=2069432921.1685775853&_u=aGBAAEIgAAAAACAAI~&z=441461458

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporatebenefitdesign0.us1.advisor.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 242ms
100ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRaleway:400,300,400italic,700,700italic%7CMontserrat:400,700%7CMontserrat:400,700%7CRaleway:400,300,400italic,700,700italic&subset=latin,latin,latin,latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 14:34:09 GMT
x-content-type-options: nosniff
age: 577804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 14:34:09 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 220ms
78ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:19:21 GMT
x-content-type-options: nosniff
age: 272692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 03:19:21 GMT

GET
H2 200 raleway-latin-300-normal.woff2
corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/ 21 KB
21 KB 541ms
522ms Font
application/octet-stream 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/raleway-latin-300-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f67ce158a659b6dd01c5209ecb2b3543a3df33533f8cad4eb7243427a4452ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 23:07:22 GMT
server: nginx
etag: "640facaa-525c"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21084
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 raleway-latin-400-italic.woff2
corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/ 21 KB
21 KB 541ms
523ms Font
application/octet-stream 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/raleway-latin-400-italic.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b51f996c642e725d6d8a2cca37f6851c8b37bc815ca2ea878243e4dff07fc6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 23:07:22 GMT
server: nginx
etag: "640facaa-544c"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21580
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 1Ptsg8zYS_SKggPNyCg4TYFq.woff2
fonts.gstatic.com/s/raleway/v28/ 47 KB
48 KB 181ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:06:29 GMT
x-content-type-options: nosniff
age: 575864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48620
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 15:06:29 GMT

GET
H2 200 raleway-latin-700-normal.woff2
corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/ 21 KB
21 KB 542ms
524ms Font
application/octet-stream 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/raleway-latin-700-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 23:07:22 GMT
server: nginx
etag: "640facaa-53c0"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21440
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H2 200 raleway-latin-700-italic.woff2
corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/ 21 KB
21 KB 542ms
525ms Font
application/octet-stream 52.36.228.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://corporatebenefitdesign0.us1.advisor.ws/node_modules/@fontsource/raleway/files/raleway-latin-700-italic.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.36.228.114 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-114.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8931d18da774b74397eea8d60141b5a294f8b03003181d5ecc3b6873e699ab72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/sites/corporatebenefitdesign0.us1.advisor.ws/files/css/css_rXMPVgcBHcFofPkHHDt4H_QTJinDItaQaBDJmRSrVWs.css
Origin: https://corporatebenefitdesign0.us1.advisor.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 23:07:22 GMT
server: nginx
etag: "640facaa-54dc"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21724
x-xss-protection: 1; mode=block
x-isnaked-redirected: Y

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 78ms
70ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-8316478-16&cid=1454208229.1685775853&jid=1246141283&_u=aGBAAEIgAAAAACAAI~&z=913616938

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 191ms
58ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-8316478-16&cid=1454208229.1685775853&jid=1246141283&_u=aGBAAEIgAAAAACAAI~&z=913616938

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame C8C2 55 KB
24 KB 150ms
38ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly9jb3Jwb3JhdGViZW5lZml0ZGVzaWduMC51czEuYWR2aXNvci53czo0NDM.&hl=en&type=image&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=yzxkh2ttc8ym

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 17:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 17:05:55 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame C8C2 407 KB
162 KB 149ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 15:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166186
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 15:48:25 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
45ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2131583653&t=pageview&_s=1&dl=https%3A%2F%2Fcorporatebenefitdesign0.us1.advisor.ws%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Corporate%20Benefit%20Design&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEIhAAAAACAAI~&jid=1031331609&gjid=1253530660&cid=1454208229.1685775853&tid=UA-8316478-16&_gid=2069432921.1685775853&_r=1&gtm=45He35v0n81PDR56SM&z=1910740746

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporatebenefitdesign0.us1.advisor.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
86 KB 79ms
59ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FEGRJ7CK5E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDR56SM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97f623e4c7e2ea49c335daa1015c99a2a53e75fa0cefe577b7c5a2c89c1b3c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 07:04:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 23ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-8316478-16&cid=1454208229.1685775853&jid=1031331609&gjid=1253530660&_gid=2069432921.1685775853&_u=aGDAAEIhAAAAACAAI~&z=2027916317

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporatebenefitdesign0.us1.advisor.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 69ms
66ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-8316478-16&cid=1454208229.1685775853&jid=1031331609&_u=aGDAAEIhAAAAACAAI~&z=339482189

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 66ms
64ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-8316478-16&cid=1454208229.1685775853&jid=1031331609&_u=aGDAAEIhAAAAACAAI~&z=339482189

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
269 B 68ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FEGRJ7CK5E&gtm=45je35v0&_p=2131583653&_gaz=1&cid=1454208229.1685775853&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685775853&sct=1&seg=0&dl=https%3A%2F%2Fcorporatebenefitdesign0.us1.advisor.ws%2F&dt=Home%20%7C%20Corporate%20Benefit%20Design&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FEGRJ7CK5E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 07:04:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporatebenefitdesign0.us1.advisor.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 31ms
30ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FEGRJ7CK5E&cid=1454208229.1685775853&gtm=45je35v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FEGRJ7CK5E&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 07:04:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporatebenefitdesign0.us1.advisor.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 75ms
73ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FEGRJ7CK5E&cid=1454208229.1685775853&gtm=45je35v0&aip=1&z=1147990054

Requested by

Host: corporatebenefitdesign0.us1.advisor.ws
URL: https://corporatebenefitdesign0.us1.advisor.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporatebenefitdesign0.us1.advisor.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 07:04:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C8C2 102 B
134 B 47ms
46ms Other
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dc304d634887ea89a42e74d959fdc8dc4517e33e0df44764aad5bc63870ccb29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly9jb3Jwb3JhdGViZW5lZml0ZGVzaWduMC51czEuYWR2aXNvci53czo0NDM.&hl=en&type=image&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=yzxkh2ttc8ym
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 07:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 03 Jun 2023 07:04:13 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 6381 7 KB
1 KB 51ms
50ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b57dfe2a4d926870816b7381a95060bdfc7607d5405167d4295e3a1eb5c42cce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KKuFMHsU2ELOuHbscddw2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatebenefitdesign0.us1.advisor.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1155
content-security-policy: script-src 'report-sample' 'nonce-KKuFMHsU2ELOuHbscddw2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:04:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 6381 55 KB
24 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 17:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 17:05:55 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 6381 407 KB
162 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 15:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166186
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 15:48:25 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.corporatebenefitdesign0.us1.advisor.ws/	1970-01-20 12:17:42	Name: _gid Value: GA1.4.2069432921.1685775853
.corporatebenefitdesign0.us1.advisor.ws/	1970-01-20 12:16:15	Name: _gat_aw Value: 1
.corporatebenefitdesign0.us1.advisor.ws/	1970-01-20 12:16:15	Name: _gat_UA-8316478-16 Value: 1
.corporatebenefitdesign0.us1.advisor.ws/	1970-01-20 21:52:15	Name: _ga_FEGRJ7CK5E Value: GS1.1.1685775853.1.0.1685775853.60.0.0
.corporatebenefitdesign0.us1.advisor.ws/	1970-01-20 21:52:15	Name: _ga Value: GA1.1.1454208229.1685775853

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
corporatebenefitdesign0.us1.advisor.ws
fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:34::36
2606:4700::6811:180e
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9d
2a04:4e42:200::485
52.36.228.114
056e701c6d2449d697669fb08afa38d1c8208223e0180d320956844a2e155414
09c6cde9cd5af0569dced65c5d8ba205730698a921cef5392c2ca9b2cd1f59ff
0daf844710614138ad93ccc63bae5b8d2575780a5330e662f1375a03d8951aa5
107a0d9c21564592e1261cf26e6930d0d61d6d07192abac062b892d3330d6b95
17098b6d594fa1a947f7dca67537c5eb9a530dea06ec5468afc7a4941a0afb2a
23c74d8135f2e4c98609ef6dba081d56f98a63d460520afa6212621439a7d28d
272a0e1dd855c6f7e5bed2e88f69e05bd1d564695285b0a0bf8f7b8d3ecf10ab
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
30c25dfdce5513a1e3d5beaf898856001f5e9bc4277d5a73ae992d73b6982c58
37f8892db5b5470dadacee1ee02188a3cb66e26b20312d76453208392671d8ff
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
4583267bc4084d808f5832f3397b30913b0fbb5b637801363326fb2a277f2416
4a760b7a861315886258570e7d34a4f936390b6fff5069c6a971a2046d3f9f0b
4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc
55f5f8141801d61bd6304f193ee35cfb38ac040506842da3868f87c167ca0b40
56f7731ec5047d2b7a86dbf1c904d87e355c0d384b6e71a6b9909863efb23a85
57e71d57603d84ffedd3836fdd9b274acf6eef2eb6e309db76ec62f62b971945
59f674f85530c7e296cfaaff792c426b85ed209519e0c6e04c40f4e798c428bd
686f7298b939387a065c21685adf6bcd9f172f45d5ee44bf3ab0868495f96cb1
6b632654d3a87ab2b6090dc087c18059e03d4ef4290450f9051fbc114d87aed2
6e0b423bb5c14d020a0b18c833e738c8d8e9f946b6f7007053500a17a597d070
80124499a3501c865d69e91b800480fc8038937c52cfc5fe6194864362decc92
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8931d18da774b74397eea8d60141b5a294f8b03003181d5ecc3b6873e699ab72
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
8d407cd28e2db7a40917117ec99a996194878d452f589860cb45083e6d7208f1
92ebc5eb51c7f516c514dcb4ddebdd12e0ef0c3497ceae8534275fc5ae6a579a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
953ccb366797a33010b7eaed282d80d9624c40ea2106649a5cea9140b244e8e8
97f623e4c7e2ea49c335daa1015c99a2a53e75fa0cefe577b7c5a2c89c1b3c21
9b182625c86cd175fc60b8a0acff0e5af340d79b74f58b24664a72bc35e70573
a1d1fa99ea03d8fa5a00b03af7158e5c2f15d500c6cf30f7fcf4bcc1cf33c1db
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
ad730f5607011dc1687cf9071c3b781ff4132629c322d6906810c99914ab556b
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b51f996c642e725d6d8a2cca37f6851c8b37bc815ca2ea878243e4dff07fc6c8
b57dfe2a4d926870816b7381a95060bdfc7607d5405167d4295e3a1eb5c42cce
bc6ce86fa61ee47f2b462264ffcfab0d61b17ba4939069732a5c65fcadb2d6be
c084091d79e0d9b5116670817c737422f3f6262d9159e1cd1ca58ea537a376f2
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
cf611b0aa260ebed4cb5d11b499630866eff83637beca691200b03fc0fb00900
d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048
dc304d634887ea89a42e74d959fdc8dc4517e33e0df44764aad5bc63870ccb29
dd1a43ae1a9afd00df9f04f9875e008d839c8b55cf2e8db60382a6ca896c3923
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9519449e5d63048b821c71a5f2dc7b1ed8c88fe12200d1fa43e7965001daca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f67ce158a659b6dd01c5209ecb2b3543a3df33533f8cad4eb7243427a4452ef8

corporatebenefitdesign0.us1.advisor.ws Open in urlscan Pro 52.36.228.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

92 %IPv6

10 Domains

13 Subdomains

13 IPs

3 Countries

5334 kBTransfer

7406 kBSize

5 Cookies

5 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

corporatebenefitdesign0.us1.advisor.ws Open in urlscan Pro
52.36.228.114 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

5334 kB
Transfer

7406 kB
Size

5
Cookies

65 HTTP transactions
0 data transactions