www.benefitnews.com Open in urlscan Pro
52.84.174.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.d.arizent.com/click/EbGNoaWVyZWxsb0BmaXJzdGFtLmNvbQ/CeyJtaWQiOiIxNjMxMTA4Mzg5NzU1MjQzMGJmNjAwMDMzIiwiY3QiOiJzb...
Effective URL:
https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm...
Submission: On September 08 via api (September 8th 2021, 2:23:19 pm UTC) from US — Scanned from DE

Summary HTTP 116 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 48 IPs in 5 countries across 31 domains to perform 116 HTTP transactions. The main IP is 52.84.174.10, located in United States and belongs to AMAZON-02, US. The main domain is www.benefitnews.com.
TLS certificate: Issued by Amazon on March 23rd 2021. Valid for: a year.

This is the only time www.benefitnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.47.20.26 96.47.20.26	46263 (EDIALOG) (EDIALOG)
1	52.84.174.10 52.84.174.10	16509 (AMAZON-02) (AMAZON-02)
6	13.225.25.56 13.225.25.56	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4007:810::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.228.116 143.204.228.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4007:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f03... 2a03:2880:f034:1a:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4007:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:3c3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.174.119 52.222.174.119	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4007:80e::200e	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6811:b8b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	216.58.214.162 216.58.214.162	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4007:80d::2003	15169 (GOOGLE) (GOOGLE)
1	54.159.176.193 54.159.176.193	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2	52.208.138.90 52.208.138.90	16509 (AMAZON-02) (AMAZON-02)
1	52.222.196.221 52.222.196.221	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	13.249.13.95 13.249.13.95	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4007:80a::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4007:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:e3:... 2a02:26f0:e3:384::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.222.106 143.204.222.106	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
3	3.224.4.25 3.224.4.25	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f14... 2a03:2880:f142:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.82.80.111 3.82.80.111	14618 (AMAZON-AES) (AMAZON-AES)
1	52.72.113.151 52.72.113.151	14618 (AMAZON-AES) (AMAZON-AES)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
2	52.84.186.179 52.84.186.179	16509 (AMAZON-02) (AMAZON-02)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	216.58.209.226 216.58.209.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	116.202.80.167 116.202.80.167	24940 (HETZNER-AS) (HETZNER-AS)
5	54.194.198.48 54.194.198.48	16509 (AMAZON-02) (AMAZON-02)
1	116.202.80.165 116.202.80.165	24940 (HETZNER-AS) (HETZNER-AS)
1	178.63.13.144 178.63.13.144	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:218... 2600:9000:218d:fc00:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4007:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4007:807::2002	15169 (GOOGLE) (GOOGLE)
1	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.107.203.234 34.107.203.234	() ()
4	2a00:1450:400... 2a00:1450:4007:80a::2001	15169 (GOOGLE) (GOOGLE)
2	18.203.198.3 18.203.198.3	16509 (AMAZON-02) (AMAZON-02)
7	3.215.227.57 3.215.227.57	14618 (AMAZON-AES) (AMAZON-AES)
116	48

1 96.47.20.26 (United States) 1 redirects

ASN46263 (EDIALOG, US)
PTR: citizensbank.mx2.bm16.maas.zetaglobal.net

e.d.arizent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.174.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-10.cdg50.r.cloudfront.net

www.benefitnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.25.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-25-56.cdg3.r.cloudfront.net

arizent.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4007:810::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.228.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-228-116.cdg3.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:806::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:813::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f034:1a:face:b00c:0:3 (Dallas, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:3c3f (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.174.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-119.cdg50.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4007:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.214.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: mad01s26-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.176.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-176-193.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.138.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.196.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-196-221.cdg50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.13.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-13-95.cdg53.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4007:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4007:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:e3:384::268b (Paris, France)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.222.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-222-106.cdg3.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.224.4.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-4-25.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f142:182:face:b00c:0:25de (Marseille, France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.82.80.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-80-111.compute-1.amazonaws.com

api.zetaglobal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.113.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-113-151.compute-1.amazonaws.com

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.186.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-186-179.cdg50.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.209.226 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: par10s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.80.167 (Eichendorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.167.80.202.116.clients.your-server.de

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.194.198.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-198-48.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.80.165 (Eichendorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.80.202.116.clients.your-server.de

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.13.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de717.cxense.com

id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218d:fc00:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d20519brkbo4nz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:813::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4007:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (None, )

ASN- ()

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.198.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-198-3.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.215.227.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-227-57.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	104 KB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	153 KB
9	googlesyndication.com 6599bdca4e8e7092012771a5bb01e41d.safeframe.googlesyndication.com Failed tpc.googlesyndication.com pagead2.googlesyndication.com	102 KB
8	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com id.tinypass.com api-v3.tinypass.com	149 KB
7	cxense.com cdn.cxense.com p1cluster.cxense.com comcluster.cxense.com id.cxense.com	63 KB
7	google-analytics.com www.google-analytics.com	42 KB
6	google.com www.google.com adservice.google.com	2 KB
6	brightspotcdn.com arizent.brightspotcdn.com	947 KB
4	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com	4 KB
4	google.de www.google.de adservice.google.de	2 KB
4	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	41 KB
4	cloudfront.net d1z2jf7jlzjs58.cloudfront.net d10lpsik1i8c69.cloudfront.net d20519brkbo4nz.cloudfront.net	101 KB
4	gstatic.com fonts.gstatic.com	92 KB
3	boomtrain.com cdn.boomtrain.com people.api.boomtrain.com events.api.boomtrain.com	25 KB
3	facebook.net connect.facebook.net	94 KB
3	googletagservices.com www.googletagservices.com	89 KB
2	luckyorange.com settings.luckyorange.com	245 B
2	parsely.com cdn.parsely.com p1.parsely.com	26 KB
2	ml314.com ml314.com	13 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	32 KB
2	polyfill.io polyfill.io	745 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	luckyorange.net settings.luckyorange.net	2 KB
1	zetaglobal.net api.zetaglobal.net	972 B
1	facebook.com www.facebook.com	408 B
1	zencdn.net vjs.zencdn.net	395 KB
1	npttech.com www.npttech.com	3 KB
1	googletagmanager.com www.googletagmanager.com	90 KB
1	unpkg.com unpkg.com	7 KB
1	benefitnews.com www.benefitnews.com	61 KB
1	arizent.com 1 redirects e.d.arizent.com	502 B
116	31

	Domain	Requested by
7	dt.adsafeprotected.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.benefitnews.com
7	www.google-analytics.com	www.benefitnews.com www.google-analytics.com
6	arizent.brightspotcdn.com	www.benefitnews.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.benefitnews.com
5	www.google.com	www.benefitnews.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
4	fonts.gstatic.com	fonts.googleapis.com
3	a.dpmsrv.com	www.benefitnews.com s.dpmsrv.com
3	ib.adnxs.com	2 redirects www.benefitnews.com
3	www.google.de	www.benefitnews.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	experience.tinypass.com	www.benefitnews.com cdn.tinypass.com
3	connect.facebook.net	www.benefitnews.com connect.facebook.net
3	www.googletagservices.com	www.benefitnews.com securepubads.g.doubleclick.net
2	static.adsafeprotected.com	pixel.adsafeprotected.com www.benefitnews.com
2	settings.luckyorange.com	d20519brkbo4nz.cloudfront.net
2	cm.g.doubleclick.net	2 redirects
2	d10lpsik1i8c69.cloudfront.net	www.benefitnews.com d10lpsik1i8c69.cloudfront.net
2	buy.tinypass.com	cdn.tinypass.com
2	ml314.com	www.benefitnews.com ml314.com
2	polyfill.io	www.benefitnews.com
1	secure.adnxs.com	www.benefitnews.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	d20519brkbo4nz.cloudfront.net	d10lpsik1i8c69.cloudfront.net
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	p1cluster.cxense.com	cdn.cxense.com
1	idsync.rlcdn.com	www.benefitnews.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	p1.parsely.com	www.benefitnews.com
1	events.api.boomtrain.com	cdn.boomtrain.com
1	api.zetaglobal.net	cdn.boomtrain.com
1	www.facebook.com	www.benefitnews.com
1	id.tinypass.com	cdn.tinypass.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	s.dpmsrv.com	www.benefitnews.com
1	vjs.zencdn.net	www.benefitnews.com
1	d1z2jf7jlzjs58.cloudfront.net	www.benefitnews.com
1	cdn.tinypass.com	experience.tinypass.com
1	people.api.boomtrain.com	cdn.boomtrain.com
1	cdn.boomtrain.com	www.benefitnews.com
1	www.npttech.com	www.benefitnews.com
1	www.googletagmanager.com	www.benefitnews.com
1	fonts.googleapis.com	www.benefitnews.com
1	ajax.googleapis.com	www.benefitnews.com
1	cdn.adsafeprotected.com	www.benefitnews.com
1	unpkg.com	www.benefitnews.com
1	www.benefitnews.com
1	e.d.arizent.com	1 redirects
0	6599bdca4e8e7092012771a5bb01e41d.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
116	55

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net

Subject Issuer	Validity	Valid
*.accountingtechnology.com Amazon	`2021-03-23` - `2022-04-21`	a year	crt.sh
*.sourcemedia.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
cdn.boomtrain.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-19` - `2022-09-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.api.boomtrain.com Amazon	`2020-12-16` - `2022-01-14`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.dpmsrv.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
app.zetaglobal.net Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
settings.luckyorange.com R3	`2021-09-06` - `2021-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Frame ID: 754C13BCF819270560C4DDBD9505E009
Requests: 104 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 8EBDF29EA214A9064CCCC17C6DD1A3CB
Requests: 4 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=9205c52
Frame ID: 5CD342EA1E9B9BD789351BA48C1C2A00
Requests: 1 HTTP requests in this frame

Frame: https://6599bdca4e8e7092012771a5bb01e41d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D5B1A73FA0C633496670BAD6FC894BBF
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=11046&campId=300x250&pubId=5037407687&chanId=50427253&placementId=5725220840&pubCreative=138360680524&pubOrder=2874196296&cb=192714287&custom=bigbox1&adsafe_par&impId=4a9a3064-10b0-11ec-9daf-0ae761671616&custom2=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&custom3=dg_email_webseminar
Frame ID: FD0A24E221475294EB1002D2B94FA4E9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FAEF15A4547C51E661F089FEFCE5D6B3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 241D2DD1ED27C6363DA06E1BEA40E296
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 0B57831DCFF91EA3E306DE139E789B84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.d.arizent.com/click/EbGNoaWVyZWxsb0BmaXJzdGFtLmNvbQ/CeyJtaWQiOiIxNjMxMTA4Mzg5NzU1MjQzMGJmN... HTTP 302
https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_0920... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

98 %
HTTPS

43 %
IPv6

31
Domains

55
Subdomains

48
IPs

5
Countries

2637 kB
Transfer

9419 kB
Size

39
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjst8crUKUOKj9RrmjmltUt2d05xeP3Z2M2EhIwBhUO5k00kHT_na3jcNVuU6G08jF7_HVT998QcTH8mnIk3i19UxoD8pcnzXxhlbTwOzYIY4eBH2kX5mBhPk63uHF8-CLyiGKmXoGebMbDz7IZoUq60usgTN1s1kEYaXqAYdyhwJ-kM8n38Iqyna17o_stQx60tHWh_oJHrZ2r97Xdwe4Yrq3j_skZSNJYlyAXxHHHO4-MbaK6W0CiZN4pEKZPSRjsM0aNGkskVi0X3phpv4a_doGf4VqFZ9_hACi60XUzbhQmscC3TsiPOiRLyoBjymSw&sig=Cg0ArKJSzILUlVQZxD1H&fbs_aeid=[gw_fbsaeid]&adurl=https://www.sleepcharge.com/benefits%3Futm_source%3DEBN%26utm_medium%3Dbannerad%26utm_campaign%3Db2badcampaignseptember_21

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.d.arizent.com/click/EbGNoaWVyZWxsb0BmaXJzdGFtLmNvbQ/CeyJtaWQiOiIxNjMxMTA4Mzg5NzU1MjQzMGJmNjAwMDMzIiwiY3QiOiJzb3VyY2VtZWRpYS1wcm9kLWFjNmI1ZTExZmFjN2Y5OTU2YWNjNDY1ZDFiN2U5ZTE4LTEiLCJyZCI6ImZpcnN0YW0uY29tIn0/HWkhfYXJpemVudGRfTk5CQU4wOTA4MjAyMTQ2MDk3MTEsYXoyLGh0dHBzOi8vd3d3LmJlbmVmaXRuZXdzLmNvbS9hYm91dC11cw/qP3V0bV9zb3VyY2U9ZGdfZW1haWwmdXRtX2NhbXBhaWduPWRnX2Vibl9mYW1pbHlmaXJzdF93ZWJzZW1pbmFyXzA5MjAyMDIxXzIwMjEwOTA4X3AxJnV0bV9tZWRpdW09d2Vic2VtaW5hciZidF9lZT1vckRacUs1T1gweGxncFpmaHBCVXM5OVJ2TzR1ZGJEWWpSViUyRlpiekxPbzQzcEJCN01IaXEwd3loQzFBeDFwR1YmYnRfdHM9MTYzMTEwODM4OTc1OA/s2f92b91234 HTTP 302
https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D342%26pixelIndex%3D0%26r%3D97202%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.benefitnews.com%252Fabout-us%253Futm_source%253Ddg_email%2526utm_campaign%253Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%2526utm_medium%253Dwebseminar%2526bt_ee%253DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%25252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%2526bt_ts%253D1631108389758&_=1631110987960 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D342%2526pixelIndex%253D0%2526r%253D97202%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.benefitnews.com%25252Fabout-us%25253Futm_source%25253Ddg_email%252526utm_campaign%25253Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%252526utm_medium%25253Dwebseminar%252526bt_ee%25253DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2525252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%252526bt_ts%25253D1631108389758%26_%3D1631110987960 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=7787727650019109050&q=xImp&v=1.x&cl=342&pixelIndex=0&r=97202&tzOffset=0&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&_=1631110987960

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7787727650019109050&pixelIndex=0&_=1631110987961 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=7787727650019109050&pixelIndex=0&_=1631110987961&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7787727650019109050&pixelIndex=0&_=1631110987961&google_gid=CAESEDf-M3Hjk_hW0G5iKf_pmEc&google_cver=1

116 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request about-us Show response
www.benefitnews.com/
Redirect Chain

https://e.d.arizent.com/click/EbGNoaWVyZWxsb0BmaXJzdGFtLmNvbQ/CeyJtaWQiOiIxNjMxMTA4Mzg5NzU1MjQzMGJmNjAwMDMzIiwiY3QiOiJzb3VyY2VtZWRpYS1wcm9kLWFjNmI1ZTExZmFjN2Y5OTU2YWNjNDY1ZDFiN2U5ZTE4LTEiLCJyZCI6Im...
https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pB...

214 KB
61 KB

584ms
240ms

Document
text/html

52.84.174.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-10.cdg50.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: 9fe543fcaff0b946a465e2f45b655157e8c0499cd891892edd9dde6d80c16e90

Request headers

Host: www.benefitnews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=120
Content-Encoding: gzip
Date: Wed, 08 Sep 2021 14:23:05 GMT
Server: N/A
X-Powered-By: Brightspot
X-Robots-Tag: nofollow
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 51076e0d05d56160dd8ee5148f1f74d8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P1
X-Amz-Cf-Id: kAZgG8Eq20POuFTRD4jDzx7V-9ke0u4PwE6AFTWT9J9_YhHKWv0fQw==

Redirect headers

Date: Wed, 08 Sep 2021 14:23:05 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Location: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=60

GET
H/1.1 200
OK All.min.84ae99dd967b1a0c85772b898e5ebb78.gz.css
arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/ 575 KB
77 KB 128ms
49ms Stylesheet
text/css 13.225.25.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/All.min.84ae99dd967b1a0c85772b898e5ebb78.gz.css
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-56.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa7550695c7040acfe93c3b3e205798705b30700ef637c4d38009f7f2debf86e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:23:28 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 31 Aug 2021 13:05:50 GMT
Server: AmazonS3
Age: 694779
ETag: "fed8407522c7eb2fc42c5734d41ce09a"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 ae3d49939dec29dad9a36d45f67300d1.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: CDG3-C2
Accept-Ranges: bytes
Content-Length: 78336
X-Amz-Cf-Id: sdf-myYHhSjYiWYoLWSY6NDuzpPXTnzKcubXuUwvw7E3ht26ahuTVw==

GET
H2 200 runtime.js Show response
unpkg.com/regenerator-runtime@0.13.1/ 23 KB
7 KB 72ms
31ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/regenerator-runtime@0.13.1/runtime.js

Requested by

Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f792fe255fbfcd352fe4b2f759c95980e57d8d297939e12262d9be1e87f48c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4089637
fly-request-id: 01FB90ERSJB364PHBEC0TVGRTA
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"5b05-y9GmlKf9QAx3EInfgjTVmKGWlRQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 68b8d531fdd35bf1-FRA

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
586 B 83ms
21ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Document%2CPromise%2CPromise.prototype.finally%2CObject.getOwnPropertyNames%2CObject.getOwnPropertySymbols%2Ces6%2Ces2015%2Ces2016%2Ces2017%2Ces2018%2Ces2019

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1492363
detected-user-agent: Chrome Mobile/92.0.4515
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length: 89
referrer-policy: origin-when-cross-origin
last-modified: Sun, 22 Aug 2021 00:24:10 GMT
date: Wed, 08 Sep 2021 14:23:06 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/92.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK All.min.ef2498742c95dcaae5e98dc91f876ae0.gz.js Show response
arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/ 2 MB
541 KB 25ms
24ms Script
text/javascript 13.225.25.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/All.min.ef2498742c95dcaae5e98dc91f876ae0.gz.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-56.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1394b010bb830df7b0a2b102481d9857a6d0d28335c480b47b067883a846419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 06:13:41 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 28 Jul 2021 18:07:05 GMT
Server: AmazonS3
Age: 806966
ETag: "322c15187aa67ca38d92ccefc846e451"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 ae3d49939dec29dad9a36d45f67300d1.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: CDG3-C2
Accept-Ranges: bytes
Content-Length: 553768
X-Amz-Cf-Id: spil3flTwf-W_c5QXvamBoqvAQdG3iTMSFYI-0IWx15tlHk7ikLlSQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 100ms
29ms Script
text/javascript 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14786e4705650c0c4de4e08f12632541bc8e7bf0c535d800f3d1e4dfdf9fe24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "981 / 523 of 1000 / last-modified: 1631100110"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24998
x-xss-protection: 0
expires: Wed, 08 Sep 2021 14:23:06 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 89ms
22ms Script
application/javascript 143.204.228.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.228.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-228-116.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 15:42:36 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 427231
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 afbd0756929fd5d8f835ce26b1931d4c.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: CDG3-C1
X-Amz-Cf-Id: 2ViqGeRYdvTF6F5HUU8EXqxtIqHaXTYTi7TEobt3rajbxw1ERuSPSQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 104ms
27ms Script
text/javascript 2a00:1450:4007:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 10:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 10:24:38 GMT

GET
H/1.1 200
OK employeebenefitnews-brand-logo-initials-01.svg
arizent.brightspotcdn.com/90/ea/a7a2639248bc85386fb9b67ce30f/ 1 KB
2 KB 77ms
24ms Image
image/svg+xml 13.225.25.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/90/ea/a7a2639248bc85386fb9b67ce30f/employeebenefitnews-brand-logo-initials-01.svg
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-56.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 177c908e366915477cde805fc7d1a5bd5c23b69f5fca5a52b21348fb7f93b7f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 03 Jul 2021 18:38:43 GMT
Via: 1.1 2114f6e9c6130b946922a303f84256b1.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 28 Aug 2020 00:20:41 GMT
Server: AmazonS3
Age: 5773464
ETag: "e04b5d560d566f5bfc952f249bc20d46"
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: CDG3-C2
Accept-Ranges: bytes
Content-Length: 1140
X-Amz-Cf-Id: Oi8tFZ9OCU4R4hC28qyJecy3kcjITcsMzwvZyulKkfBgWdW019KRmQ==

GET
H/1.1 200
OK /
arizent.brightspotcdn.com/dims4/default/89f393a/2147483647/strip/true/crop/1000x165+0+0/resize/727x120!/quality/90/ 12 KB
13 KB 78ms
24ms Image
image/png 13.225.25.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/dims4/default/89f393a/2147483647/strip/true/crop/1000x165+0+0/resize/727x120!/quality/90/?url=https%3A%2F%2Fsource-media-brightspot.s3.amazonaws.com%2F01%2F05%2F6f8ad49b408398d634628e2d653f%2Farizent-logo.png
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-56.cdg3.r.cloudfront.net
Software: Apache /
Resource Hash: c0bf2ffd17947ef568c786a47a930113f516a10a09b72485363621d110ff207b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 21:32:12 GMT
Via: 1.1 5b94f68b8669a909c688f32ce5942b2f.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 1270254
ETag: e1afff1a21c8b5289e1f92ff04f9f84c
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: CDG3-C2
X-Robots-Tag: nofollow
Content-Length: 12422
X-Amz-Cf-Id: JHtAZCMQuM-AhlV4OFp2VtPQRKuDGez28uFOdErdwGo3kAvSOtFRZg==
Expires: Wed, 24 Aug 2022 21:32:12 GMT

GET
H/1.1 200
OK jshint_2.13.0.279c236b75a5da43567e97cec91dd6db.gz.js Show response
arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/jshint/ 1 MB
307 KB 78ms
24ms Script
text/javascript 13.225.25.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/jshint/jshint_2.13.0.279c236b75a5da43567e97cec91dd6db.gz.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-56.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d5f7ed178594d09e25e87cba0e328167a6e48d2508b4a4898ee7f05c21c0a69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 06:13:41 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 14 Jul 2021 19:09:21 GMT
Server: AmazonS3
Age: 806966
ETag: "b76103b4c850ad47f75d962f6a4ce99a"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 95a1a2515bcfe82199fde4e864c4e6f1.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: CDG3-C2
Accept-Ranges: bytes
Content-Length: 313784
X-Amz-Cf-Id: FuunRF2CfdHRWqsJlG4KgpJSn2sNdD1DBIxOB7xxQokNX8prhYKNEw==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1017 B 114ms
29ms Stylesheet
text/css 2a00:1450:4007:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

686056690a4f16cc1e8a00205458b0f22a9707a267789a8dc92864934e3e2ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.benefitnews.com/
Origin: https://www.benefitnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 12:32:39 GMT
server: ESF
date: Wed, 08 Sep 2021 14:23:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Sep 2021 14:23:06 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 532ms
133ms Script
application/x-javascript 2a03:2880:f034:1a:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f034:1a:face:b00c:0:3 Dallas, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e70279614f0c98ab6ed9fce5e2b76296202f91ae941ae767157ce9b908ab0306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: P4a4nc1MWZhacwLuVTpjsg==
cross-origin-resource-policy: cross-origin
expires: Wed, 08 Sep 2021 14:32:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 6233XZ6Xoh5uGKKohlRTyNMmoJEjkK+N5gvqhJZxsKgQVRyth+mZu5iFfWy8KIQNPnFU/QjBwKRftqxkLP2tFg==
x-fb-trip-id: 1718053925
x-fb-content-md5: b004ac854d984caa99529bf63c5b74c6
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 14:23:07 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "babfd2558e79f0019bd16c1b52b90063"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 447 KB
90 KB 154ms
69ms Script
application/javascript 2a00:1450:4007:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

623e8b142dddac5df4b0c50cb2e91d3afa34ea413d021f26ad7d362a27714651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91486
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Sep 2021 14:23:06 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 77ms
26ms Script
application/javascript 2606:4700:3037::6815:3c3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3c3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3006
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MY9S0PJDNWKA0N4N
x-amz-id-2: u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkDNGe%2Bg%2FlFULfBWEFnFUmXIUUmnTHHEniLZe0nR%2FcXQ3lYOkO3%2BAla7Zow%2FUXj5pSMthOo4Z9ShJS%2FPk990ms%2B2mUChg%2FA%2BwXSCh5rIJ6eU3%2FTWleRNJBMBIqooaXJyXUdkD2qqA3c6i6zPArs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 68b8d533ac8d42ee-FRA

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/sourcemedia-prod/ 76 KB
25 KB 77ms
19ms Script
application/javascript 52.222.174.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-119.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff4c752ea5d84913f292bb4a85dff5c2a7d7e045a1cb76779c3fe0a5279c2124

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: H6y48JFO1axEoXgSNLluipbvCGfpUZsZ
Content-Encoding: gzip
ETag: W/"907305613cc355a74395dbbc3272d738"
Age: 2804
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sat, 28 Aug 2021 05:01:30 GMT
Server: AmazonS3
Date: Wed, 08 Sep 2021 13:36:23 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: CDG50-P2
X-Amz-Cf-Id: 9NxyNnWA1YQfaLdjdKckPtqvpiVFJHKiv-NA13BwS0atKoSo7IsP1Q==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 108ms
28ms Script
text/javascript 2a00:1450:4007:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 333
date: Wed, 08 Sep 2021 14:17:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 08 Sep 2021 16:17:33 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 101 B
159 B 20ms
20ms Other
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1492363
detected-user-agent: Chrome Mobile/92.0.4515
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 89
referrer-policy: origin-when-cross-origin
last-modified: Sun, 22 Aug 2021 00:24:10 GMT
date: Wed, 08 Sep 2021 14:23:06 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/92.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 82ms
28ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=t7vpsMsOZy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41e547ea6f30522394d5890edf586627dfd0da6ddb0aff70f6af25a42cba6468

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:06 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 416
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cyyc4zqDFrC
wn: prod-exp-10-0-128-248
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 68b8d5348de94351-FRA
expires: Wed, 08 Sep 2021 14:53:06 GMT

GET
H2 200 pubads_impl_2021090201.js Show response
securepubads.g.doubleclick.net/gpt/ 332 KB
117 KB 270ms
33ms Script
text/javascript 216.58.214.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad01s26-in-f2.1e100.net

Software

sffe /

Resource Hash

8be49f44baab6e5003972c8bc33123dd34257840a77a1d20b7365ae8b60a896c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119104
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 08:37:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Wed, 08 Sep 2021 14:23:07 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 75 B
922 B 262ms
27ms XHR
application/json 216.58.214.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.benefitnews.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad01s26-in-f2.1e100.net

Software

cafe /

Resource Hash

d706b02ec6e1dc2d86ea546dcd33afab9550a07fb56e1f95372a4eb796f51362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76
x-xss-protection: 0
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Wed, 08 Sep 2021 14:23:07 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 247ms
22ms Font
font/woff2 2a00:1450:4007:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 01:47:17 GMT
x-content-type-options: nosniff
age: 131750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 01:47:17 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 24 KB
24 KB 275ms
52ms Font
font/woff2 2a00:1450:4007:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 21:39:17 GMT
x-content-type-options: nosniff
age: 233030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 21:39:17 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 271ms
51ms Font
font/woff2 2a00:1450:4007:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 21:48:08 GMT
x-content-type-options: nosniff
age: 578099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 21:48:08 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 263ms
57ms Font
font/woff2 2a00:1450:4007:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 00:51:45 GMT
x-content-type-options: nosniff
age: 394282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Sep 2022 00:51:45 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 52ms
52ms XHR
text/plain 2a00:1450:4007:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1430528576&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&ul=en-us&de=UTF-8&dt=About%20Employee%20Benefit%20News%20%7C%20Employee%20Benefit%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1801711518&gjid=2139128706&cid=208719741.1631110987&tid=UA-219761-37&_gid=2036110583.1631110987&_r=1&_slc=1&z=47218545

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.benefitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 161 B
476 B 777ms
114ms XHR
application/json 54.159.176.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6eyJlZSI6Im9yRFpxSzVPWDB4bGdwWmZocEJVczk5UnZPNHVkYkRZalJWL1piekxPbzQzcEJCN01IaXEwd3loQzFBeDFwR1YifSwiZXh0ZXJuYWxfaWRzIjp7fX0%3D&site_id=sourcemedia-prod
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.176.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-176-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 89a6ebe6759aa7168f83453d123390b89ac13f653cde3ee236fc1335217eebbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 14:23:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 161

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
466 B 166ms
21ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-219761-37&cid=208719741.1631110987&jid=1801711518&gjid=2139128706&_gid=2036110583.1631110987&_u=IEBAAEAAAAAAAC~&z=1557905808

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Sep 2021 14:23:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.benefitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 411 KB
136 KB 37ms
17ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=t7vpsMsOZy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521feeb87c87dc90f43c282ff367f1a3f165e7b393d6ca41f042d7d508ba21ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 20
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-dash-10-0-126-233
last-modified: Tue, 07 Sep 2021 18:00:40 GMT
server: cloudflare
etag: W/"420992-1631037640000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=3600
cf-ray: 68b8d538a90a4351-FRA
expires: Wed, 08 Sep 2021 15:23:07 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 183ms
32ms Script
application/javascript 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?88
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 14:23:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 06:49:08 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=59160
Connection: keep-alive
Content-Length: 12574
Expires: Thu, 09 Sep 2021 06:49:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 133ms
132ms Script
application/x-javascript 2a03:2880:f034:1a:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f034:1a:face:b00c:0:3 Dallas, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: +NnncRvdbscMxc02JjnWxTmC5wQhponvdB1zbl4NsM20+Xi2zg6rkoFLDdyjbQl2XRXp+HHGDHoWKGvBxco9Xg==
x-fb-trip-id: 1718053925
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 14:23:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 134ms
17ms Script
application/javascript 52.222.196.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-221.cdg50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 08 Sep 2021 00:52:11 GMT
Via: 1.1 3927bf0011a2eb853e62f4b12f7ba87f.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
Age: 48656
ETag: "5eb31be4-3a2"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: CDG50-P2
Content-Length: 930
X-Amz-Cf-Id: o-A9CLYx08UNsMpwcX1nSzfunA-wDr5t_H2AZzPpy6DqrkukJXX1Cg==
Expires: Thu, 09 Sep 2021 00:52:11 GMT

GET
H2 200 video.js Show response
vjs.zencdn.net/7.6.5/ 2 MB
395 KB 129ms
17ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.6.5/video.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 59a717e69bec72ad009181785a1a65b674d1c01e77e04bdc718deb02a9b97671

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:07 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 14:08:10 GMT
etag: "6ad9f2485086f3f4265513b2a6599cf1"
x-served-by: cache-mxp6962-MXP
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 404443
x-cache-hits: 3

GET
H/1.1 200
OK dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js Show response
s.dpmsrv.com/ 112 KB
38 KB 135ms
22ms Script
application/x-javascript 13.249.13.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.13.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-13-95.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5e1876373576f4110b6ad82c25041aa2e9762cc4a417939eeb20e654818a818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 07:37:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 May 2020 20:46:58 GMT
Server: AmazonS3
Age: 24543
ETag: "b10698ccacbd3420aaa5389feaa6b0f5"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 05363293101f154ff379d17cf9c8c280.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: CDG53-C1
Accept-Ranges: bytes
Content-Length: 38693
X-Amz-Cf-Id: xa0XPlnLvzmwe0TlSkeHM_AwilFmtYTYFEpqfZjXfA9L2kF5wvlHfw==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1011 B 24ms
23ms Script
text/javascript 2a00:1450:4007:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 13:41:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2498
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 08 Sep 2021 14:41:29 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4007:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1087
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Wed, 08 Sep 2021 15:05:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 222 KB
66 KB 396ms
132ms Script
application/x-javascript 2a03:2880:f034:1a:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2b915cc0f619821dee717389f4d8b3db

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f034:1a:face:b00c:0:3 Dallas, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adaa64f088a888586cd78e6159c458d63c8ba2ade1e8a59aaa7c6ad461acf7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.benefitnews.com/
Origin: https://www.benefitnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vrZr/5LGFN7lauv5YS4j/w==
cross-origin-resource-policy: cross-origin
expires: Thu, 08 Sep 2022 11:47:00 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66827
x-fb-rlafr: 0
x-fb-debug: zufAKty7T40fkRUCcClsvfweGVIgxBRVXyn+CfugWoi7zEhWFcPfpBVLiMEf4Vv7dWN+2Z7XjSMA28p7e94/NA==
x-fb-trip-id: 1718053925
x-fb-content-md5: 61d90f2973baf6701c9586d0c80578e4
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 14:23:08 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d0abf77bb5a38ebf2d199571ff42225a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 23ms
21ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-219761-37&cid=208719741.1631110987&jid=1415519877&gjid=70565167&_gid=2036110583.1631110987&_u=aGDAgEArAAAAAG~&z=447674517

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Sep 2021 14:23:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.benefitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 28ms
23ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-219761-100&cid=208719741.1631110987&jid=823867655&gjid=1191063487&_gid=2036110583.1631110987&_u=aGDAiEArBAAAAG~&z=732626104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Sep 2021 14:23:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.benefitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 26ms
25ms Image
image/gif 2a00:1450:4007:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1430528576&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&dp=%2Fabout-us&ul=en-us&de=UTF-8&dt=About%20Employee%20Benefit%20News%20%7C%20Employee%20Benefit%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEArAAAAAC~&jid=1415519877&gjid=70565167&cid=208719741.1631110987&tid=UA-219761-37&_gid=2036110583.1631110987&gtm=2wg9105DXTZXR&cd2=Amazon%20CloudFront&cd5=Free&cd8=10&cd9=20160127&cd15=BasicPage&cd17=&z=851473871

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 01:58:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44696
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 26ms
25ms Image
image/gif 2a00:1450:4007:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1430528576&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&dp=%2Fabout-us&ul=en-us&de=UTF-8&dt=About%20Employee%20Benefit%20News%20%7C%20Employee%20Benefit%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEArBAAAAG~&jid=823867655&gjid=1191063487&cid=208719741.1631110987&tid=UA-219761-100&_gid=2036110583.1631110987&gtm=2wg9105DXTZXR&cd2=Amazon%20CloudFront&cd5=Free&cd8=10&cd9=20160127&cd15=BasicPage&cd17=&z=1207342548

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 01:58:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44696
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 124ms
30ms Image
image/gif 2a00:1450:4007:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-219761-37&cid=208719741.1631110987&jid=1801711518&_u=IEBAAEAAAAAAAC~&z=24426308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 103ms
29ms Image
image/gif 2a00:1450:4007:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-219761-37&cid=208719741.1631110987&jid=1801711518&_u=IEBAAEAAAAAAAC~&z=24426308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 115ms
53ms Image
image/gif 2a00:1450:4007:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-219761-37&cid=208719741.1631110987&jid=1415519877&_u=aGDAgEArAAAAAG~&z=672487277

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 73ms
33ms Image
image/gif 2a00:1450:4007:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-219761-37&cid=208719741.1631110987&jid=1415519877&_u=aGDAgEArAAAAAG~&z=672487277

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 22 KB
6 KB 202ms
53ms Script
application/x-javascript 2a02:26f0:e3:384::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e3:384::268b Paris, France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 14:23:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 14:49:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5864
Expires: Wed, 08 Sep 2021 15:23:08 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
280 B 48ms
24ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=t7vpsMsOZy

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6b32982e1c3dfbc9db707d2abafdc4c24ee8b0641b007cc31598790c082a2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 41
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Ce9d4zqIOwT
pragma
wn: prod-dash-10-0-114-135
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 68b8d53acf404351-FRA
expires: Wed, 08 Sep 2021 14:43:07 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/benefitnews.com/ 72 KB
25 KB 90ms
24ms Script
application/javascript 143.204.222.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/benefitnews.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.222.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-222-106.cdg3.r.cloudfront.net
Software: nginx /
Resource Hash: 753556b8789235607882430bfcb16c87104ba1540a0800b43af20a5baecc3835

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Sep 2021 20:44:57 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 19:53:02 GMT
server: nginx
age: 63491
etag: W/"6046809e-11f2a"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 51fcc51a5c680a15c30de0aa3341fd58.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: CDG3-C1
x-amz-cf-id: eJ2BQdV8SDWe0WGxpc47ZE0_4uDOFMSR3gAkU7SvCbAnjaXZp9eN-A==
expires: Wed, 08 Sep 2021 20:44:57 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D342%26pixelIndex%3D0%26r%3D97202%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.benefitnews.com%2...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D342%2526pixelIndex%253D0%2526r%253D97202%2526tzOffset%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=7787727650019109050&q=xImp&v=1.x&cl=342&pixelIndex=0&r=97202&tzOffset=0&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campa...

245 B
995 B

886ms
99ms

Script
text/javascript

3.224.4.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=7787727650019109050&q=xImp&v=1.x&cl=342&pixelIndex=0&r=97202&tzOffset=0&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&_=1631110987960
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.4.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-4-25.compute-1.amazonaws.com
Software: /
Resource Hash: 1dd506528463f64218b9c8337fb964dc12ceb47d17c0c7cc2d7d63408851180c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 218
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 14:23:08 GMT
X-Proxy-Origin: 185.232.23.185; 185.232.23.185; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1f9aa00f-1ea7-41e1-b0ba-6f2b215be29b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=7787727650019109050&q=xImp&v=1.x&cl=342&pixelIndex=0&r=97202&tzOffset=0&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&_=1631110987960
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 33ms
32ms Image
image/gif 2a00:1450:4007:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-219761-100&cid=208719741.1631110987&jid=823867655&_u=aGDAiEArBAAAAG~&z=1462472564

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4007:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-219761-100&cid=208719741.1631110987&jid=823867655&_u=aGDAiEArBAAAAG~&z=1462472564

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 203 B
1005 B 471ms
429ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery112409913445733443014_1631110987793&client_id=t7vpsMsOZy&site=https%3A%2F%2Fwww.benefitnews.com&_=1631110987794

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dfd6b1cf8885caba8a2fead49119cfcc39daaebbe5b7286660a55e383a3d248

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Ckad4zqGj8y
pragma: no-cache
wn: prod-id-10-0-129-213
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.003
cf-ray: 68b8d53bea3a4351-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 108ms
25ms Image
image/gif 2a03:2880:f142:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?ev=1822473388078354&dl=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&rl=&if=false&ts=1631110988127&sw=1600&sh=1200&v=2.9.45&r=stable&o=28&it=-1&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:182:face:b00c:0:25de Marseille, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 14:23:08 GMT

GET
H/1.1 200
OK segments Show response
api.zetaglobal.net/people/O9VTT4m6qdEGuUQWsHqwinWi285LO5B%2FGVMRWCoLIRKbZK912yQYLaJydf2lT0xURc17slUiqp1PRHz5%2FQ%2FUsg%3D%3D/ 37 B
972 B 1064ms
254ms XHR
application/json 3.82.80.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zetaglobal.net/people/O9VTT4m6qdEGuUQWsHqwinWi285LO5B%2FGVMRWCoLIRKbZK912yQYLaJydf2lT0xURc17slUiqp1PRHz5%2FQ%2FUsg%3D%3D/segments?site_id=sourcemedia-prod

Requested by

Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.82.80.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-82-80-111.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

b2aa3cb26277bf432b0f7f34fae39df6487bf5700639b95f0108dae6b834ccd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 14:23:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-Id: b8cf718c-f5b6-48eb-b553-1033e9e0ba93
X-Runtime: 0.149341
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"88bc4ddeb5a21f1886aee3b4ed5c456e"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000;
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Request-Methods: GET
Access-Control-Allow-Headers: origin, x-requested-with, content-type, accept, authorization, x-prototype-version

POST
H2 200 track Show response
events.api.boomtrain.com/event/ 2 B
248 B 826ms
104ms XHR
text/plain 52.72.113.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.113.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-113-151.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Sep 2021 14:23:08 GMT
server: nginx
allow: GET, HEAD, OPTIONS, POST
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
content-length: 2

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 30ms
30ms Script
application/javascript 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50113&ct=js&pi=&fp=undefined&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&pv=1631110988225_4wka1whyf&bl=en-us&cb=7256784&return=&ht=&d=&dc=&si=1631110988225_4wka1whyf&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?88
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 14:23:07 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
BLOB 200
OK febabe00-a829-4864-9e06-24c5df060411
https://www.benefitnews.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.benefitnews.com/febabe00-a829-4864-9e06-24c5df060411
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK /
arizent.brightspotcdn.com/dims4/default/9fd285a/2147483647/strip/true/crop/2296x3054+0+16/resize/212x282!/quality/90/ 6 KB
7 KB 23ms
23ms Image
image/jpeg 13.225.25.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/dims4/default/9fd285a/2147483647/strip/true/crop/2296x3054+0+16/resize/212x282!/quality/90/?url=https%3A%2F%2Fsource-media-brightspot.s3.amazonaws.com%2F07%2F3a%2Fb5a96ea34aa0a66bc1296c30a619%2Febn-0721.jpg
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-56.cdg3.r.cloudfront.net
Software: Apache /
Resource Hash: 2a0bab495f3b2989ff18aca96da8089cd9d6ec30e364f58f4946b6a9b7c57270

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:43:26 GMT
Via: 1.1 ae3d49939dec29dad9a36d45f67300d1.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 4387182
ETag: bfec2b8602a1cc702d83b62d0094e703
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: CDG3-C2
X-Robots-Tag: nofollow
Content-Length: 6635
X-Amz-Cf-Id: zvVW41P1p54A8I82iu-pngXIvVJSm8mL8D_G1jUVmJrRG-HzZjVhUg==
Expires: Tue, 19 Jul 2022 19:43:26 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 826ms
108ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1631110988312&plid=94770627&idsite=benefitnews.com&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22undefined%22%7D&sid=1&surl=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&sref=&sts=1631110988284&slts=0&title=About+Employee+Benefit+News+%7C+Employee+Benefit+News&date=Wed+Sep+08+2021+14%3A23%3A08+GMT%2B0000+(GMT)&action=pageview&pvid=99121625&u=pid%3Ddf4974c2aaae21a7fd5520b9d356f241
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 14:23:09 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 08-Sep-2021 14:23:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 115 KB
27 KB 58ms
58ms Script
application/x-javascript 2a02:26f0:e3:384::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e3:384::268b Paris, France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 937b712ae006a8a1cee1e6c604c5c48b161b5a12f6a6aa2e5e788aac66585389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 14:23:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 11:55:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27659
Expires: Wed, 08 Sep 2021 15:23:08 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 26 KB
5 KB 147ms
147ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=t7vpsMsOZy

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a64141f8ba79509899bd727ce601d5205ac875da8673267dcf6ff52bfbd2941

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 08 Sep 2021 14:23:08 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: mhktuag9lm
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.benefitnews.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 68b8d53ec9744351-FRA

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 84ms
18ms Script
application/javascript 52.84.186.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.186.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-186-179.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 13:33:27 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 16:29:57 GMT
server: AmazonS3
age: 2983
etag: W/"6f6cd12e9b9fb6a70e03f3fc2cae03a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 aca12b6f838410f4b92b0d9603907f31.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: CDG50-P1
x-amz-cf-id: V16il_FNmrPgRf8rFIMWVPGo0fwwEd6ZXO5r0PyMoRf-EfMqlOOdqg==

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 8EBD 1 KB
880 B 26ms
26ms Document
text/html 2a02:26f0:e3:384::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e3:384::268b Paris, France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004

Request headers

Host: cdn.cxense.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.benefitnews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/

Response headers

Accept-Ranges: bytes
Last-Modified: Fri, 30 Jul 2021 08:31:32 GMT
Server: AkamaiNetStorage
Content-Length: 510
Cache-Control: max-age=864000
Expires: Sat, 18 Sep 2021 14:23:09 GMT
Date: Wed, 08 Sep 2021 14:23:09 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H2 200 / Show response
settings.luckyorange.net/ 3 KB
2 KB 204ms
136ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&s=86809

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd89f7e823d22b1c56a9ec7a5cf988eebc673c9b31f159ab1fc23b9e5666c1e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.benefitnews.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmKYjo4Gzzef1fKUJmKwqGQ%2BCJOzDnuJfmE0hOp97zWU3UcMQWmFLcIBQP7G1FDcdLEHXgHGi4ePZkxDEj0y2z0y2HAfct%2F%2BuseaDzrlaOCQUFLsYLIK5Nu7CBSEWp4eujrTrG4Duntd6A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 68b8d542881c0497-CDG
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 8EBD 115 KB
27 KB 27ms
27ms Script
application/x-javascript 2a02:26f0:e3:384::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e3:384::268b Paris, France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 937b712ae006a8a1cee1e6c604c5c48b161b5a12f6a6aa2e5e788aac66585389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 14:23:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 11:55:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27659
Expires: Wed, 08 Sep 2021 15:23:09 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7787727650019109050&pixelIndex=0&_=1631110987961
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=7787727650019109050&pixelIndex=0&_=1631110987961&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7787727650019109050&pixelIndex=0&_=1631110987961&google_gid=CAESEDf-M3Hjk_hW0G5iKf_pmEc&google_cver=1

0
597 B

99ms
99ms

Script
text/javascript

3.224.4.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7787727650019109050&pixelIndex=0&_=1631110987961&google_gid=CAESEDf-M3Hjk_hW0G5iKf_pmEc&google_cver=1
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.4.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-4-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:09 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7787727650019109050&pixelIndex=0&_=1631110987961&google_gid=CAESEDf-M3Hjk_hW0G5iKf_pmEc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
66 B 63ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=7787727650019109050
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 8EBD 46 B
635 B 80ms
26ms Script
text/javascript 116.202.80.167
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.167 Eichendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.167.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: c0042645077e026dc5a57f62b0686487b995cb716386fc59498295637f444bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
last-modified: Mon, 08 Mar 2021 14:23:09 GMT
server: Jetty(9.4.28.v20200408)
etag: rqf9iubdowjg25hb5p4dalwjt
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 46
expires: Thu, 08 Sep 2022 14:23:09 GMT

POST
H2 200 unload
api-v3.tinypass.com/api/v3/page/ 0
0 165ms
144ms Ping
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3.tinypass.com/api/v3/page/unload?aid=t7vpsMsOZy&tbc=%7Bjzx%7DpAtS0isbm8eDtFkpIt73xYK1W12_XJKGNV4mXHyFps4NlT2xunrsprWBo4HTm02cy4ot0p2zwNOc8ADna2xuNjspyoM0LyIH5ZwcOSFdWqg&time_spent=%7B%22active%22%3A1%2C%22total%22%3A1%7D&scroll=%7B%22max_page_height%22%3A1542%2C%22max_depth%22%3A1200%7D&viewport_exit=0&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&pageview_id=ktbld93nms2zg07k&visit_id=v-ktbld946ot6jpdxn
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.benefitnews.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 26 KB
5 KB 173ms
172ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=t7vpsMsOZy

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee144a4b67c155e3f4eb63b2c5fd7b89bc87853c2ace127d2a52eb8018eebc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 0o0abwjxo1
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.benefitnews.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 68b8d5429bc74351-FRA

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 346 B
582 B 188ms
89ms XHR
application/json 54.194.198.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAda9073d31-6c54-484a-97eb-6d95f75915cb,ss:%5B970.91,970.90,970.250,728.90,320.50,300.250%5D,p:/16059533/EBNBenefitNews,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a9befbb5-1fa7-6149-e76c-d41fff44b1d0&url=https%253A%252F%252Fwww.benefitnews.com%252Fabout-us%253Futm_source%253Ddg_email%2526utm_campaign%253Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%2526utm_medium%253Dwebseminar%2526bt_ee%253DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%25252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%2526bt_ts%253D1631108389758
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.198.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-198-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c8037e3dc66349271dc5f5aac705dd13c17a4e0fed878bc64ecaeddcd2877e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
x-server-name: app18.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.benefitnews.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 8EBD 43 B
468 B 55ms
13ms Image
image/gif 116.202.80.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=ktbld93nms2zg07k&sid=1139714799416749181&loc=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&new=0&arf=0&ltm=1631110988415&ref=&tzo=0&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=ktblda07kf3ezw7f&ckp=ktbld956spr53iro&glb=&wsz=1600x1200&cp_userState=anon&cp_ver=2.44&cp_testGroup=80&cst=rqf9iubdowjg25hb5p4dalwjt
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.165 Eichendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 118 B
690 B 73ms
15ms Script
text/javascript 178.63.13.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22ktbld956spr53iro%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22rqf9iubdowjg25hb5p4dalwjt%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22rqf9iubdowjg25hb5p4dalwjt%22%7D%5D%2C%22siteId%22%3A%221139714799416749181%22%2C%22location%22%3A%22https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758%22%7D&callback=cXJsonpCBktblda6oa03gb8p2

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.63.13.144 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de717.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

47e70434faff826ae6ac74892228c0a5fbf1bd40c43fdb5571a44ac3cc60d03e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 14:23:09 GMT
X-Content-Type-Options: nosniff
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/javascript;charset=utf-8
Content-Length: 118
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 346 B
583 B 45ms
44ms XHR
application/json 54.194.198.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAd7c938f4a-1e1e-425e-a0c5-d8c3531e8cae,ss:%5B300.250,300.600,300.1050%5D,p:/16059533/EBNBenefitNews,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a9befbb5-1fa7-6149-e76c-d41fff44b1d0&url=https%253A%252F%252Fwww.benefitnews.com%252Fabout-us%253Futm_source%253Ddg_email%2526utm_campaign%253Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%2526utm_medium%253Dwebseminar%2526bt_ee%253DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%25252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%2526bt_ts%253D1631108389758
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.198.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-198-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: faef1b0a0fdb57b399bbef71f78d732a13e9c1747c9fb6f191462241ff179860

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
x-server-name: app09.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.benefitnews.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 346 B
582 B 46ms
45ms XHR
application/json 54.194.198.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAdd400d899-5593-48b1-a737-a3d6c4451cc5,ss:%5B300.250,300.600%5D,p:/16059533/EBNBenefitNews,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a9befbb5-1fa7-6149-e76c-d41fff44b1d0&url=https%253A%252F%252Fwww.benefitnews.com%252Fabout-us%253Futm_source%253Ddg_email%2526utm_campaign%253Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%2526utm_medium%253Dwebseminar%2526bt_ee%253DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%25252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%2526bt_ts%253D1631108389758
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.198.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-198-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9a788fed3cb8bf49224e92a799fa0f459cc94839a773347b583b5de3083e5b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
x-server-name: app19.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.benefitnews.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 5CD3 287 KB
93 KB 60ms
22ms Script
application/javascript 52.84.186.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=9205c52
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.186.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-186-179.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a72a14448ee5320221100622671b5a9defdcddc331266def018afc09142d29f0

Request headers

Referer
Origin: https://www.benefitnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 16:31:55 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 7249875
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 16 Jun 2021 16:29:56 GMT
server: AmazonS3
etag: W/"4b96c4bfb5d8c300201f4074054196b7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 6a29b506c0dc975f5344fdc44215aa70.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: CDG50-P1
x-amz-cf-id: CRdjX1NPcH-viNjlStJZo26u8exkAOqhEVrxxfKeRckQHflTwwi7Ng==

GET
H2 200 lo.js Show response
d20519brkbo4nz.cloudfront.net/core/ 11 KB
5 KB 102ms
21ms Script
application/javascript 2600:9000:218d:fc00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d20519brkbo4nz.cloudfront.net/core/lo.js
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:fc00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 145af7bbc5e8dee66c3d118d33f3fd0ec1bf4d99f74ffaafddab23a06279a9bb

Request headers

Referer: https://www.benefitnews.com/
Origin: https://www.benefitnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:21:31 GMT
content-encoding: gzip
age: 99
x-cache: Hit from cloudfront
content-length: 4227
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 14:12:27 GMT
server: AmazonS3
etag: "4822ccf195d1bd744a0d64c97bd23fb1"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 c55964596762daa758331d3e6fe008a8.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
x-amz-cf-id: 8ot8Tp2qpZAXFgSFU9mg09uqa6Tt5HVAoCXdxECJLunhqgT9bULpDg==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 105ms
30ms Script
application/javascript 2a00:1450:4007:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.benefitnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 97ms
28ms Script
application/javascript 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.benefitnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 95ms
68ms XHR
text/plain 216.58.214.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2467757164076709&correlator=1355727853544&output=ldjh&impl=fif&eid=21068767%2C31062297&vrg=2021090201&ptt=17&sc=1&sfv=1-0-38&ecs=20210908&iu_parts=16059533%2CEBNBenefitNews&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C300x1050&prev_scp=pos%3Dbigbox1%26id%3D4a9a3064-10b0-11ec-9daf-0ae761671616%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40&eri=1&cust_params=storyID%3D00000152-8482-db03-a57f-ee8b08690000%26PID%3Dnull%26ZetaSegments%3D67270%252C44109%252C66564%252C63992%252C60018%252C61619%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1631110989&dt=1631110989404&dlt=1631110986478&idt=1191&frm=20&biw=1600&bih=1200&oid=3&adxs=1049&adys=260&adks=2642880204&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&vis=1&dmc=8&scr_x=0&scr_y=0&psz=483x840&msz=442x40&ga_vid=208719741.1631110987&ga_sid=1631110989&ga_hid=1430528576&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad01s26-in-f2.1e100.net

Software

cafe /

Resource Hash

e377578bdad47eadd97e86de98b3ebf06c3b499ad32bfaf2b78c6315899227e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11306
x-xss-protection: 0
google-lineitem-id: 5725220840
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360680524
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
6599bdca4e8e7092012771a5bb01e41d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5B1 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 85ms
74ms XHR
text/plain 216.58.214.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2467757164076709&correlator=1355727853544&output=ldjh&impl=fif&eid=21068767%2C31062297&vrg=2021090201&ptt=17&sc=1&sfv=1-0-38&ecs=20210908&iu_parts=16059533%2CEBNBenefitNews&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dbigbox2%26id%3D4a9acca8-10b0-11ec-b3e1-068792706006%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40&eri=1&cust_params=storyID%3D00000152-8482-db03-a57f-ee8b08690000%26PID%3Dnull%26ZetaSegments%3D67270%252C44109%252C66564%252C63992%252C60018%252C61619%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1631110989&dt=1631110989428&dlt=1631110986478&idt=1191&frm=20&biw=1600&bih=1200&oid=3&adxs=1049&adys=300&adks=2518659739&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&vis=1&dmc=8&scr_x=0&scr_y=0&psz=483x840&msz=442x0&ga_vid=208719741.1631110987&ga_sid=1631110989&ga_hid=1430528576&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad01s26-in-f2.1e100.net

Software

cafe /

Resource Hash

90f50ef8c2ce1517adbf579fdf866f9b2f93be39b9492820789461af8d8ea652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11214
x-xss-protection: 0
google-lineitem-id: 5725220840
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360683446
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 100ms
100ms Script
text/javascript 3.224.4.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=7568712%2C6451507%2C6746300&cl=342&pixelIndex=0&r=735326&tzOffset=0&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&id=7787727650019109050&_=1631110987962
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.4.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-4-25.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1 200
OK seg
ib.adnxs.com/ 43 B
1023 B 9ms
8ms Image
image/gif 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=827&add=7568712,6451507,6746300

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 14:23:09 GMT
X-Proxy-Origin: 185.232.23.185; 185.232.23.185; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0d8da571-ddaf-4469-9b0c-ca424b021d61
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 43 B
951 B 55ms
16ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=803560&t=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 14:23:09 GMT
X-Proxy-Origin: 185.232.23.185; 185.232.23.185; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fae328f6-a1fe-4fb5-8c24-c4e9cab41eee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 74ms
72ms XHR
text/plain 216.58.214.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2467757164076709&correlator=1355727853544&output=ldjh&impl=fif&eid=21068767%2C31062297&vrg=2021090201&ptt=17&sc=1&sfv=1-0-38&ecs=20210908&iu_parts=16059533%2CEBNBenefitNews&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C970x90%7C970x91&prev_scp=pos%3Dcollapsed_header1%26id%3D4a9eeb65-10b0-11ec-a360-0ab32f77e5b0%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40&eri=1&cust_params=storyID%3D00000152-8482-db03-a57f-ee8b08690000%26PID%3Dnull%26ZetaSegments%3D67270%252C44109%252C66564%252C63992%252C60018%252C61619%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1631110989&dt=1631110989453&dlt=1631110986478&idt=1191&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=164&adks=3733004664&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x60&msz=728x40&ga_vid=208719741.1631110987&ga_sid=1631110989&ga_hid=1430528576&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad01s26-in-f2.1e100.net

Software

cafe /

Resource Hash

5f6d900ec7ccda7953b1939d1e35a9ddeea24311f6941a1b97ded40864a506e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11231
x-xss-protection: 0
google-lineitem-id: 5725220840
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360267101
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 86809
settings.luckyorange.com/ Frame 0
0 5332ms
114ms Preflight 34.107.203.234

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/86809
Protocol: H2
Server: 34.107.203.234 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lucky-uid
Origin: https://www.benefitnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.benefitnews.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-max-age: 86400
date: Wed, 08 Sep 2021 14:23:14 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 86809 Show response
settings.luckyorange.com/ 146 B
245 B 115ms
115ms Fetch
application/json 34.107.203.234

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/86809
Requested by: Host: d20519brkbo4nz.cloudfront.net
URL: https://d20519brkbo4nz.cloudfront.net/core/lo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 806bef56c26c5ab208637877c63b9b9d8ae1170f1bd430983602bd564986cfbf

Request headers

Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:14 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.benefitnews.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 146

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 30ms
29ms Fetch
image/gif 216.58.214.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf-mPyjMFD8OdSXqyH7DTR6Q2zzKWp7DFvb137zVEEctWg6eA7rsTXWgWGujN9MVgJmIK-t-46dl7HBub1xqOuSjhOIhYflp9kjRvDoXZLHTVcv1R7din6TsNLr79A4-zjZpidLX60bl8jyfB1rjjtxTpPMA9KqJB5gYjINXxiKVA9ambOvZwBU2EIPMdoq4-qw1Xm5IXw5sgkLF61rfCOn1GH6N1qNpXKIK1N-hTimn_zyHtZLEI2OTwaMb1NowIZIY9j2HH1isz5BrVjQVgQaqL9s6aHgLHOVuY-GzHeY603IWUJAJzlJWiscfkk0g6NUA&sig=Cg0ArKJSzBXN3VUKRM6qEAE&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad01s26-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 14:23:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
server: cafe
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/ 2 KB
2 KB 91ms
22ms Script
text/javascript 2a00:1450:4007:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 14:18:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 122 KB
37 KB 42ms
41ms Script
text/javascript 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e252ba74aa8caecb5f589b938c9835c9c5bee271acd0db7f6fdaeaaa6f91f310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitnews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630694592982793"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 08 Sep 2021 14:23:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 30ms
29ms Image
text/html 2a00:1450:4007:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTp-mflsutUq0ZZbR5tMUrX8DVFT_JCbWmSujqq9ReJ3WYss3WNNyo0lBkn6xe1udQLDvzs
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 4011971155205240533
tpc.googlesyndication.com/simgad/ 66 KB
66 KB 91ms
23ms Image
image/png 2a00:1450:4007:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4011971155205240533

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf3100e99deb6d47ba4ffdfc5a875883732412440d294fc24314070ce0f87ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 09:04:00 GMT
x-content-type-options: nosniff
age: 191949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67239
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 13:38:27 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 09:04:00 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 155ms
155ms Script
text/javascript 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fecb5df18e8faa43dc3aa3f49ffd7224c84e378eb7514326a9ca3757a42daf35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630694577084272"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27575
x-xss-protection: 0
expires: Wed, 08 Sep 2021 14:23:09 GMT

GET
DATA 200
OK truncated
/ 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cea250aa9e60813ca9d2527aea00d78f16c0eec96ed7ec0caaa59c55df9c7986

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame FD0A 46 KB
13 KB 110ms
51ms Script
application/javascript 54.194.198.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=300x250&pubId=5037407687&chanId=50427253&placementId=5725220840&pubCreative=138360680524&pubOrder=2874196296&cb=192714287&custom=bigbox1&adsafe_par&impId=4a9a3064-10b0-11ec-9daf-0ae761671616&custom2=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&custom3=dg_email_webseminar
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.198.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-198-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 47246f1294dcb19e5b82587ddb399e843850ba58b5a32768b455b05287e1c1f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: gzip
x-server-name: app24.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 58ms
29ms Fetch
image/gif 216.58.214.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2QNbxpVEpKSYDh86iW8RQarnQcxmaarVex5DRYBip1z8HL3bJwJuoEHtGq2Zp_p4Nbl20pHmk5MXaNCSkrshbmU7-an1_UozIXSRb62Of6jB-V2gqOcFygtUGILnkb_1otTALuAZZ1geXdN7UJ4zP4x5fhAI6I2nzLVCXpRCMhBCGIo_aeMGyfOr1QD-y9bRFGt_bbnr2Pszfe3XLUPEMFD1nz5VJWim2xdak2PYg1EABJTiXHBB3MIAwNM5mLd6L5ms_K10TFg52wOcjnONMAPcTlw0kms4JpjewIIHT8qiE2QZaoe6zuSNkE4KKJuRTU3At&sig=Cg0ArKJSzIJjogsVMhAsEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad01s26-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control: private
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Wed, 08 Sep 2021 14:23:09 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 104ms
32ms XHR
application/json 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021090201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a2d0cddfbb7ff9614c749c2ffd723fa332fd575e6c51975f4740c383ae7332d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8506
x-xss-protection: 0

GET
H2 200 main.gr.19.8.243.js Show response
static.adsafeprotected.com/ Frame FD0A 187 KB
60 KB 127ms
50ms Script
application/javascript 18.203.198.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.243.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=300x250&pubId=5037407687&chanId=50427253&placementId=5725220840&pubCreative=138360680524&pubOrder=2874196296&cb=192714287&custom=bigbox1&adsafe_par&impId=4a9a3064-10b0-11ec-9daf-0ae761671616&custom2=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&custom3=dg_email_webseminar
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.198.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-198-3.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 3b2994ec6cd1c326c20a981912b23a05f5b1ddd55f3fccabf419e1ee70ee6a56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 21:28:29 GMT
server: nginx/1.16.1
etag: W/"f8ec101cfd4f34f35efecdff9eecac24"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4007:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 08 Sep 2021 14:23:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FAEF 12 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4007:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.benefitnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 08 Sep 2021 06:48:45 GMT
expires: Thu, 08 Sep 2022 06:48:45 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 241D 783 B
833 B 34ms
34ms Document
text/html 2a00:1450:4007:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b87b1854b6e80202c921b2ea67491c2f4078956210d7152f904a1e09b12df84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xZPS74eMrnl8ANpMdqqZEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.benefitnews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/

Response headers

expires: Wed, 08 Sep 2021 14:23:09 GMT
date: Wed, 08 Sep 2021 14:23:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-xZPS74eMrnl8ANpMdqqZEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame FAEF 35 KB
13 KB 105ms
39ms Script
text/javascript 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 13:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 13:31:51 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 0B57 80 KB
21 KB 40ms
39ms Script
application/javascript 18.203.198.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.benefitnews.com
URL: https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%2FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.198.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-198-3.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:23:10 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 1112806
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 44ms
43ms Image
image/gif 54.194.198.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=11046&campId=300x250&pubId=5037407687&chanId=50427253&placementId=5725220840&pubCreative=138360680524&pubOrder=2874196296&cb=192714287&custom=bigbox1&adsafe_par&impId=4a9a3064-10b0-11ec-9daf-0ae761671616&custom2=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&custom3=dg_email_webseminar&adsafe_url=https%3A%2F%2Fwww.benefitnews.com%2Fabout-us%3Futm_source%3Ddg_email%26utm_campaign%3Ddg_ebn_familyfirst_webseminar_09202021_20210908_p1%26utm_medium%3Dwebseminar%26bt_ee%3DorDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV%26bt_ts%3D1631108389758&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.benefitnews.com%2F&adsafe_type=f&adsafe_jsinfo=,id:18fe11e1-35e2-22ef-5f78-1b2b6b4da728,c:nDiHFB,sl:inView,em:false,fr:true,thd:1,mn:app24ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:181,fm:sIqHuaW+1*.11046%7C11%7C12%7C13%7C14,idMap:1*,rp:n,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:218,oid:4ad82376-10b0-11ec-95d7-02cb850ca5c2,v:19.8.243,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.198.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-198-48.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:10 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 322ms
103ms Image
image/gif 3.215.227.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=18fe11e1-35e2-22ef-5f78-1b2b6b4da728&tv=%7Bc:nDiHGG,pingTime:0,time:284,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:217%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:285,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:216,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B99~100%5D,as:%5B99~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sIqHuaW+1*.11046%7C11%7C12%7C13%7C14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-227-57.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:10 GMT
x-server-name: dt35.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 316ms
104ms Image
image/gif 3.215.227.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=18fe11e1-35e2-22ef-5f78-1b2b6b4da728&tv=%7Bc:nDiHGP,pingTime:-2,time:293,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:117,beZ:119,mfA:298,cmA:300,inA:300,inZ:307,prA:307,prZ:313,si:335,poA:336,poZ:387,cmZ:387,mfZ:387,loA:403,loZ:404,ltA:409,ltZ:409%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:217%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:293,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:216,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B107~100%5D,as:%5B107~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sIqHuaW+1*.11046%7C11%7C12%7C13%7C14,idMap:1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,slid:%5B%5D,sinceFw:73,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-227-57.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:10 GMT
x-server-name: dt36.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 241D 0
0 46ms
44ms Image
text/html 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021090201&jk=2467757164076709&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Image
text/html 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021090201&jk=2467757164076709&bg=!Tk2lTQnNAAYJpm41CaY7ACkAdvg8WqjTclG1RaIM5mDx5yu1PuekpzIiX4c525MSM1mh4WARTEpeQAIAAACwUgAAAAxoAQcKACQPe0sDKfJO6lWwy20Zp9ucIBiqJvQT9LUGe9pzWYfnuPH7qMqZApjpT41PrkZvUZFLuCfO2AZBeTlT7x2qrDnNQQUswuFtdai-lV9jO7TQdjNyXZiPPzb_-KgbgO6OYps1KJkRv2Z_XWok2lCBtGPCVsgdKuorjdWgh6u8mckp_6F2JUrQiNNu5ZNdC0CGSThIIaMpR9Pqmu5j69lEsCW_z9-INb0OOcSG5hccXW3necBclzCJrjPsEBsopPS68tMjZk-xXEuCPiZJt3JVkV5RyUms1YaiGdUdIIZJ5zxqTRZ0sqGcKWyXaQPIS6-e4axvyjAgS_r7nFxSs5yPgHld7YShcJ3W6tRoxLCc3fJXC4tdUP4e0Dip2_P3uAEOiHTDJss4WFHU9xtgfrYCafGsQJMXh4hrzzuG6avn_TINeP6VfdjKh9TBmSSzzy-v1aUp-T8NSnbwKtywrD41NAdWwoAcyGbsA7IBQevIz-GDbFgALnfjUcd7KN8BPGrp9Z3qaPU33eVbh5Bni3VUtxXfXk8sqQAAyn5GLliIPT-PT_ERs7G0sfsuaJISidsAjSOx0S-ATo1S9vqi1IF_yzRUzaJqSRGcQZd2ILhuINPQwrPrR0v7vxHN2G3LJTwQrU-6GTdtweX8bmOiArkU5HMYBXH4eFd6W9O43igO7oKODG_OKl2OSM6f5po08T85mmJOs7nkt0QauiGjJfu8aLPz0r2uiPCU7QLC3nhe7aPSTfRPX-qP3_ourHRsRpvZHMN8SGV7zWaOSvHccZ1XBwLiTiW0v4GCqBFCIqsIdDLUOYZpz0oB0jpq_8_b3jJoPOIHMuOxgZEyLun_zJrrjJKF481rBRpIwxlaBkSgt5RhX7tOmBfy9D7-AHqOUPs7YozdE34WegmvN8IQtK_kkxVWgXdf0B-aRandsekK257h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
99ms Image
image/gif 3.215.227.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=18fe11e1-35e2-22ef-5f78-1b2b6b4da728&tv=%7Bc:nDiHNa,pingTime:-10,time:687,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1631110990484%7C%7C6be57dcb83dede4cc1c52c47675ee8d1%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7C93b4610e94909fa8bce3d2d92f439d8c%7C%7C1ae87569457980147b2ac3a27b878e4f%7C%7Cb957c1fdd9fd3b9929bcdd37093b134c%7C%7C44336ae146b7eeb4973626c62add69fb%7C%7C95c635fd6fb2ffc79d560bbb754099a8%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-227-57.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:10 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
174 B 33ms
33ms Fetch
image/gif 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmMPt0ZbUeWN6wOo1Gb5TL5XYCeEhvpcNG5Kq6Id5pQjl-PbBwiWz9lYYaDGDQp1g9Ya10WkE7qzIQsRa1groVry-WMKxyVBlQrJUUo1g6nTS_F0SW&sig=Cg0ArKJSzFSIZTrUFBNBEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210903&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2642880204&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631110985136&rpt=4554&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 108 B
351 B 441ms
134ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=t7vpsMsOZy&tbc=%7Bjzx%7DpAtS0isbm8eDtFkpIt73xYK1W12_XJKGNV4mXHyFps5jtMzfler9OVaJoEttNqY4I3yWUDCihAO3DKp0h2omUxW52Jrz1LxY1JNPa2Hb55E&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jQuery112409913445733443014_1631110987793&_=1631110987795

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c04f99caaa1af4adf1b932511d0a60febb6c375f4b547cf79382745f273c18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68b8d54efdf44351-FRA
date: Wed, 08 Sep 2021 14:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-114-135
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.004
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cnad4zqhEFR

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
99ms Image
image/gif 3.215.227.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=18fe11e1-35e2-22ef-5f78-1b2b6b4da728&tv=%7Bc:nDiHWR,pingTime:1,time:1287,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:217%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1287,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:216,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1101~100%5D,as:%5B1101~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:108,fm:sIqHuaW+1*.11046%7C11%7C12%7C13%7C14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-227-57.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:11 GMT
x-server-name: dt45.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 101ms
100ms Image
image/gif 3.215.227.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=18fe11e1-35e2-22ef-5f78-1b2b6b4da728&tv=%7Bc:nDiHWR,pingTime:1,time:1287,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:217%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1287,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:216,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1101~100%5D,as:%5B1101~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:108,fm:sIqHuaW+1*.11046%7C11%7C12%7C13%7C14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-227-57.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:11 GMT
x-server-name: dt37.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
99ms Image
image/gif 3.215.227.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=18fe11e1-35e2-22ef-5f78-1b2b6b4da728&tv=%7Bc:nDiHWS,pingTime:1,time:1288,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:217%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1288,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:216,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1102~100%5D,as:%5B1102~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:108,fm:sIqHuaW+1*.11046%7C11%7C12%7C13%7C14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-227-57.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:11 GMT
x-server-name: dt38.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 24ms
23ms Script
text/javascript 2a00:1450:4007:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 338
date: Wed, 08 Sep 2021 14:17:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 08 Sep 2021 16:17:33 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 101ms
99ms Image
image/gif 3.215.227.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=18fe11e1-35e2-22ef-5f78-1b2b6b4da728&tv=%7Bc:nDiIZo,pingTime:5,time:5288,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:217%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5288,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:216,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5102~100%5D,as:%5B5102~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:113,fm:sIqHuaW+1*.11046%7C11%7C12%7C13%7C14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-227-57.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.benefitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 14:23:15 GMT
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6599bdca4e8e7092012771a5bb01e41d.safeframe.googlesyndication.com
URL: https://6599bdca4e8e7092012771a5bb01e41d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benefitnews.com/	1970-01-20 14:36:22	Name: _ga Value: GA1.2.208719741.1631110987
.benefitnews.com/	1970-01-19 21:06:37	Name: _gid Value: GA1.2.2036110583.1631110987
.benefitnews.com/	1970-01-19 21:05:11	Name: _gat Value: 1
.benefitnews.com/	1970-01-20 05:50:46	Name: btIdentify Value: fd0cbb4f-8afd-44b9-fa6f-817f1dd394fd
.benefitnews.com/	1970-01-19 21:05:14	Name: _bts Value: 0357b6ae-2978-47b0-a65e-d680e658e11c
www.benefitnews.com/	1970-01-19 23:14:46	Name: sm_utm_source Value: dg_email
www.benefitnews.com/	1970-01-19 23:14:46	Name: sm_utm_medium Value: webseminar
www.benefitnews.com/	1970-01-19 23:14:46	Name: sm_utm_campaign Value: dg_ebn_familyfirst_webseminar_09202021_20210908_p1
.benefitnews.com/	1970-01-19 23:14:46	Name: _gcl_au Value: 1.1.467431672.1631110988
www.benefitnews.com/	1970-01-19 21:05:11	Name: __adblocker Value: false
.benefitnews.com/	1970-01-19 21:05:11	Name: _dc_gtm_UA-219761-37 Value: 1
.benefitnews.com/	1970-01-19 21:05:11	Name: _dc_gtm_UA-219761-100 Value: 1
www.benefitnews.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.adnxs.com/	1970-01-19 23:14:46	Name: uuid2 Value: 7787727650019109050
.benefitnews.com/	1970-01-20 05:50:46	Name: _bti Value: %7B%22app_id%22%3A%22sourcemedia-prod%22%2C%22bsin%22%3A%22O9VTT4m6qdEGuUQWsHqwinWi285LO5B%2FGVMRWCoLIRKbZK912yQYLaJydf2lT0xURc17slUiqp1PRHz5%2FQ%2FUsg%3D%3D%22%2C%22email%22%3A%22lchierello%40firstam.com%22%7D
.facebook.com/	1970-01-19 23:14:46	Name: fr Value: 0Lt1lAdcHphrE2sg3..BhOMdM...1.0.BhOMdM.
.benefitnews.com/	1970-01-19 21:05:12	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.benefitnews.com/about-us?utm_source=dg_email&utm_campaign=dg_ebn_familyfirst_webseminar_09202021_20210908_p1&utm_medium=webseminar&bt_ee=orDZqK5OX0xlgpZfhpBUs99RvO4udbDYjRV%252FZbzLOo43pBB7MHiq0wyhC1Ax1pGV&bt_ts=1631108389758%22%2C%22sref%22:%22%22%2C%22sts%22:1631110988284%2C%22slts%22:0}
.benefitnews.com/	1970-01-20 06:34:34	Name: _parsely_visitor Value: {%22id%22:%22pid=df4974c2aaae21a7fd5520b9d356f241%22%2C%22session_count%22:1%2C%22last_session_ts%22:1631110988284}
.tinypass.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: C1F996075C0789EA4474E92EF1A4A4FF
id.tinypass.com/	1970-01-19 21:05:11	Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB776287862631963EA45639467593466FE96E1B942BD56FD844A5701BCD5F7A9FB54EF3D8E6D7EA8496FFFF6BBFF7F13DD98EE1DB7
www.benefitnews.com/	1970-01-19 23:14:46	Name: __pnahc Value: 0
.benefitnews.com/	1970-01-19 21:48:22	Name: __pat Value: -18000000
.benefitnews.com/	1969-12-31 23:59:59	Name: cX_S Value: ktblda07kf3ezw7f
.dpmsrv.com/	1970-04-10 21:31:50	Name: dpm_pxl Value: 9016a958a78ded6631ce241eb0870fca8bfcbdb5
.dpmsrv.com/	1970-04-10 21:31:50	Name: dpm_pxl_aid Value: 7787727650019109050
www.benefitnews.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.cxense.com/	1970-01-19 21:06:37	Name: cX_T Value: ktblda42662hzo30
.benefitnews.com/	1970-01-19 21:06:37	Name: __pvi Value: %7B%22id%22%3A%22v-ktbld946ot6jpdxn%22%2C%22domain%22%3A%22.benefitnews.com%22%2C%22time%22%3A1631110989213%7D
.doubleclick.net/	1970-01-20 06:26:46	Name: IDE Value: AHWqTUmiI87yzeZ6BGX6RAXw-xjFdhI1bBU1q4W0pdjbVLW-6b9HvZqpVh9rggRxeng
.cxense.com/	1970-01-20 05:50:46	Name: gckp Value: 23rekexgwpng61dxt3zgl72v6u
.benefitnews.com/	1970-01-20 05:50:46	Name: cX_G Value: cx%3A1a67x9zgo2sm02m3l9it7sjiwr%3A31og00wl6qiwq
.benefitnews.com/	1970-01-20 14:36:22	Name: __tbc Value: %7Bjzx%7DpAtS0isbm8eDtFkpIt73xYK1W12_XJKGNV4mXHyFps5jtMzfler9OVaJoEttNqY4I3yWUDCihAO3DKp0h2omUxW52Jrz1LxY1JNPa2Hb55E
.benefitnews.com/	1970-01-20 14:36:22	Name: xbc Value: %7Bjzx%7DWvkJGKcYZ4wIAbBZyY6W_EixMsHSUO7VfiVmWCc-hlw2dxlU4mtbeIfK-YEzkVTVrEErDMCtWclGeYsrk6UieS81Qar07UbRP1FZMGqktOVKXPT-hcTKCoLxKd9biOUsZPdVZ8vfzZwOJx3dRvROsRM39R0rtGkbkXHlqNOCDkpqmdPIGhHSOSawKdJJf0e-mftGBYVY1pxdfhK72DDUGjuHodKPqCgLHTOoYW8WzLjM7kXm2IRSd49Vxup9pa__OAlW7j41s0NTUAFref8JYOITjFFIWUzhcQm6pKc4kcrp117mziDSNeixiFboeIda
.adnxs.com/	1970-01-19 23:14:46	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C$Qrbopw!]tbP6j2F-XstGt!@D5S$Rz0k
.benefitnews.com/	1970-01-19 21:48:22	Name: _lo_bn Value: 1
.dpmsrv.com/	1970-04-10 21:31:50	Name: xdpm_segsid_342 Value: 6746300%2C7568712%2C6451507
.dpmsrv.com/	1970-04-10 21:31:50	Name: xdpm_segs_342 Value:
.benefitnews.com/	1970-01-20 06:26:46	Name: __gads Value: ID=c7df2a4f4fa7a3cc:T=1631110989:S=ALNI_MY6dkuEjavkvFYQE6cZsjoR5B7GgQ
www.benefitnews.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 6.044

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=7787727650019109050 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090201.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6599bdca4e8e7092012771a5bb01e41d.safeframe.googlesyndication.com
a.dpmsrv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-v3.tinypass.com
api.zetaglobal.net
arizent.brightspotcdn.com
buy.tinypass.com
cdn.adsafeprotected.com
cdn.boomtrain.com
cdn.cxense.com
cdn.parsely.com
cdn.tinypass.com
cm.g.doubleclick.net
comcluster.cxense.com
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d20519brkbo4nz.cloudfront.net
dt.adsafeprotected.com
e.d.arizent.com
events.api.boomtrain.com
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
id.cxense.com
id.tinypass.com
idsync.rlcdn.com
ml314.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
people.api.boomtrain.com
pixel.adsafeprotected.com
polyfill.io
s.dpmsrv.com
secure.adnxs.com
securepubads.g.doubleclick.net
settings.luckyorange.com
settings.luckyorange.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
vjs.zencdn.net
www.benefitnews.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
6599bdca4e8e7092012771a5bb01e41d.safeframe.googlesyndication.com
116.202.80.165
116.202.80.167
13.225.25.56
13.249.13.95
143.204.222.106
143.204.228.116
172.67.75.100
178.63.13.144
18.203.198.3
216.58.209.226
216.58.214.162
2600:9000:218d:fc00:18:6c16:27c0:93a1
2606:4700:3037::6815:3c3f
2606:4700::6810:7caf
2606:4700::6811:b8b1
2a00:1450:4007:806::200a
2a00:1450:4007:807::2002
2a00:1450:4007:80a::2001
2a00:1450:4007:80a::2004
2a00:1450:4007:80d::2003
2a00:1450:4007:80e::2003
2a00:1450:4007:80e::2008
2a00:1450:4007:80e::200e
2a00:1450:4007:810::2002
2a00:1450:4007:813::2002
2a00:1450:4007:813::200a
2a00:1450:400c:c07::9a
2a02:26f0:e3:384::268b
2a03:2880:f034:1a:face:b00c:0:3
2a03:2880:f142:182:face:b00c:0:25de
2a04:4e42:200::282
2a04:4e42:200::729
3.215.227.57
3.224.4.25
3.82.80.111
34.107.203.234
34.194.161.83
35.244.174.68
37.252.172.249
37.252.173.22
52.208.138.90
52.222.174.119
52.222.196.221
52.72.113.151
52.84.174.10
52.84.186.179
54.159.176.193
54.194.198.48
96.47.20.26
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
145af7bbc5e8dee66c3d118d33f3fd0ec1bf4d99f74ffaafddab23a06279a9bb
14786e4705650c0c4de4e08f12632541bc8e7bf0c535d800f3d1e4dfdf9fe24a
177c908e366915477cde805fc7d1a5bd5c23b69f5fca5a52b21348fb7f93b7f9
1a2d0cddfbb7ff9614c749c2ffd723fa332fd575e6c51975f4740c383ae7332d
1a64141f8ba79509899bd727ce601d5205ac875da8673267dcf6ff52bfbd2941
1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda
1b87b1854b6e80202c921b2ea67491c2f4078956210d7152f904a1e09b12df84
1dd506528463f64218b9c8337fb964dc12ceb47d17c0c7cc2d7d63408851180c
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2a0bab495f3b2989ff18aca96da8089cd9d6ec30e364f58f4946b6a9b7c57270
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2cd89f7e823d22b1c56a9ec7a5cf988eebc673c9b31f159ab1fc23b9e5666c1e
2d5f7ed178594d09e25e87cba0e328167a6e48d2508b4a4898ee7f05c21c0a69
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3b2994ec6cd1c326c20a981912b23a05f5b1ddd55f3fccabf419e1ee70ee6a56
41e547ea6f30522394d5890edf586627dfd0da6ddb0aff70f6af25a42cba6468
47246f1294dcb19e5b82587ddb399e843850ba58b5a32768b455b05287e1c1f2
47e70434faff826ae6ac74892228c0a5fbf1bd40c43fdb5571a44ac3cc60d03e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dfd6b1cf8885caba8a2fead49119cfcc39daaebbe5b7286660a55e383a3d248
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
521feeb87c87dc90f43c282ff367f1a3f165e7b393d6ca41f042d7d508ba21ac
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59a717e69bec72ad009181785a1a65b674d1c01e77e04bdc718deb02a9b97671
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5f6d900ec7ccda7953b1939d1e35a9ddeea24311f6941a1b97ded40864a506e4
5f792fe255fbfcd352fe4b2f759c95980e57d8d297939e12262d9be1e87f48c4
623e8b142dddac5df4b0c50cb2e91d3afa34ea413d021f26ad7d362a27714651
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
686056690a4f16cc1e8a00205458b0f22a9707a267789a8dc92864934e3e2ca1
6c04f99caaa1af4adf1b932511d0a60febb6c375f4b547cf79382745f273c18a
753556b8789235607882430bfcb16c87104ba1540a0800b43af20a5baecc3835
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
806bef56c26c5ab208637877c63b9b9d8ae1170f1bd430983602bd564986cfbf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89a6ebe6759aa7168f83453d123390b89ac13f653cde3ee236fc1335217eebbf
8be49f44baab6e5003972c8bc33123dd34257840a77a1d20b7365ae8b60a896c
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
90f50ef8c2ce1517adbf579fdf866f9b2f93be39b9492820789461af8d8ea652
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
937b712ae006a8a1cee1e6c604c5c48b161b5a12f6a6aa2e5e788aac66585389
9a788fed3cb8bf49224e92a799fa0f459cc94839a773347b583b5de3083e5b93
9fe543fcaff0b946a465e2f45b655157e8c0499cd891892edd9dde6d80c16e90
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a72a14448ee5320221100622671b5a9defdcddc331266def018afc09142d29f0
adaa64f088a888586cd78e6159c458d63c8ba2ade1e8a59aaa7c6ad461acf7f2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2aa3cb26277bf432b0f7f34fae39df6487bf5700639b95f0108dae6b834ccd2
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0042645077e026dc5a57f62b0686487b995cb716386fc59498295637f444bfa
c0bf2ffd17947ef568c786a47a930113f516a10a09b72485363621d110ff207b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c8037e3dc66349271dc5f5aac705dd13c17a4e0fed878bc64ecaeddcd2877e21
c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
cea250aa9e60813ca9d2527aea00d78f16c0eec96ed7ec0caaa59c55df9c7986
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5e1876373576f4110b6ad82c25041aa2e9762cc4a417939eeb20e654818a818
d6b32982e1c3dfbc9db707d2abafdc4c24ee8b0641b007cc31598790c082a2cf
d706b02ec6e1dc2d86ea546dcd33afab9550a07fb56e1f95372a4eb796f51362
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e1394b010bb830df7b0a2b102481d9857a6d0d28335c480b47b067883a846419
e252ba74aa8caecb5f589b938c9835c9c5bee271acd0db7f6fdaeaaa6f91f310
e377578bdad47eadd97e86de98b3ebf06c3b499ad32bfaf2b78c6315899227e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70279614f0c98ab6ed9fce5e2b76296202f91ae941ae767157ce9b908ab0306
ecf3100e99deb6d47ba4ffdfc5a875883732412440d294fc24314070ce0f87ef
ee144a4b67c155e3f4eb63b2c5fd7b89bc87853c2ace127d2a52eb8018eebc07
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b
fa7550695c7040acfe93c3b3e205798705b30700ef637c4d38009f7f2debf86e
faef1b0a0fdb57b399bbef71f78d732a13e9c1747c9fb6f191462241ff179860
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fecb5df18e8faa43dc3aa3f49ffd7224c84e378eb7514326a9ca3757a42daf35
ff4c752ea5d84913f292bb4a85dff5c2a7d7e045a1cb76779c3fe0a5279c2124

www.benefitnews.com Open in urlscan Pro 52.84.174.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

98 %HTTPS

43 %IPv6

31 Domains

55 Subdomains

48 IPs

5 Countries

2637 kBTransfer

9419 kBSize

39 Cookies

1 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.benefitnews.com Open in urlscan Pro
52.84.174.10 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

98 %
HTTPS

43 %
IPv6

31
Domains

55
Subdomains

48
IPs

5
Countries

2637 kB
Transfer

9419 kB
Size

39
Cookies

116 HTTP transactions
2 data transactions