urlscan.io logo urlscan.io
SecurityTrails logo

www.benefitsandpensionsmonitor.com Open in urlscan Pro
104.26.15.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.bpmmagazine.com/
Effective URL: https://www.benefitsandpensionsmonitor.com/
Submission: On September 01 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 2 countries across 24 domains to perform 111 HTTP transactions. The main IP is 104.26.15.213, located in and belongs to CLOUDFLARENET, US. The main domain is www.benefitsandpensionsmonitor.com.
TLS certificate: Issued by GTS CA 1P5 on August 17th 2023. Valid for: 3 months.
This is the only time www.benefitsandpensionsmonitor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.78.22 13335 (CLOUDFLAR...)
1 9 104.26.15.213 13335 (CLOUDFLAR...)
1 172.217.13.138 15169 (GOOGLE)
3 172.64.102.11 13335 (CLOUDFLAR...)
12 104.26.8.198 13335 (CLOUDFLAR...)
1 17 172.217.13.130 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 35.190.50.98 15169 (GOOGLE)
2 142.250.80.104 15169 (GOOGLE)
1 13.107.253.40 8075 (MICROSOFT...)
4 172.217.13.163 15169 (GOOGLE)
7 172.217.13.162 15169 (GOOGLE)
7 104.26.2.22 13335 (CLOUDFLAR...)
3 11 34.111.234.236 396982 (GOOGLE-CL...)
1 172.217.13.161 15169 (GOOGLE)
1 44.206.56.174 14618 (AMAZON-AES)
8 172.217.13.196 15169 (GOOGLE)
1 172.217.13.131 15169 (GOOGLE)
1 216.239.32.178 15169 (GOOGLE)
16 172.217.13.193 15169 (GOOGLE)
6 172.217.13.194 15169 (GOOGLE)
1 2 35.174.26.129 14618 (AMAZON-AES)
2 2 35.190.60.146 15169 (GOOGLE)
2 2 52.223.40.198 16509 (AMAZON-02)
2 2 54.236.146.227 14618 (AMAZON-AES)
2 3 52.55.144.0 14618 (AMAZON-AES)
1 52.218.245.104 16509 (AMAZON-02)
2 52.188.247.146 8075 (MICROSOFT...)
111 25
1    104.21.78.22 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bpmmagazine.com
9    104.26.15.213 (None, )

ASN13335 (CLOUDFLARENET, US)
www.benefitsandpensionsmonitor.com
1    172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net
fonts.googleapis.com
3    172.64.102.11 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
12    104.26.8.198 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-res.keymedia.com
17    172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
securepubads.g.doubleclick.net
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    35.190.50.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com
cdn.sajari.com
2    142.250.80.104 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f8.1e100.net
www.googletagmanager.com
1    13.107.253.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
4    172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net
fonts.gstatic.com
7    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
7    104.26.2.22 (None, )

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
11    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    172.217.13.161 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f1.1e100.net
8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com
1    44.206.56.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-56-174.compute-1.amazonaws.com
in.ml314.com
8    172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net
www.google.com
1    172.217.13.131 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f3.1e100.net
www.google.ca
1    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
16    172.217.13.193 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f1.1e100.net
tpc.googlesyndication.com
6    172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
www.googletagservices.com
2    35.174.26.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-26-129.compute-1.amazonaws.com
dpm.demdex.net
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    54.236.146.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-146-227.compute-1.amazonaws.com
sync.crwdcntrl.net
3    52.55.144.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-144-0.compute-1.amazonaws.com
ps.eyeota.net
1    52.218.245.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3.us-west-2.amazonaws.com
2    52.188.247.146 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eastus-8.in.applicationinsights.azure.com
Apex Domain
Subdomains		 Transfer
23 googlesyndication.com
8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
642 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
185 KB
12 ml314.com
ml314.com — Cisco Umbrella Rank: 1767
in.ml314.com — Cisco Umbrella Rank: 10931
13 KB
12 keymedia.com
cdn-res.keymedia.com — Cisco Umbrella Rank: 205674
65 KB
9 benefitsandpensionsmonitor.com
www.benefitsandpensionsmonitor.com
42 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
7 lytics.io
c.lytics.io — Cisco Umbrella Rank: 10232
67 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
340 KB
4 gstatic.com
fonts.gstatic.com
88 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1056
2 KB
3 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1547
eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 9358
46 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1070
169 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
863 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
693 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 395
833 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 223
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
147 KB
2 sajari.com
cdn.sajari.com — Cisco Umbrella Rank: 68513
248 KB
1 amazonaws.com
s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 2313
59 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
267 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9197
455 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
1 bpmmagazine.com
www.bpmmagazine.com
433 B
111 24
Domain Requested by
17 securepubads.g.doubleclick.net 1 redirects www.benefitsandpensionsmonitor.com
securepubads.g.doubleclick.net
www.googletagservices.com
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.benefitsandpensionsmonitor.com
tpc.googlesyndication.com
12 cdn-res.keymedia.com www.benefitsandpensionsmonitor.com
11 ml314.com 3 redirects www.benefitsandpensionsmonitor.com
ml314.com
9 www.benefitsandpensionsmonitor.com 1 redirects www.benefitsandpensionsmonitor.com
8 www.google.com www.benefitsandpensionsmonitor.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 c.lytics.io www.benefitsandpensionsmonitor.com
c.lytics.io
6 pagead2.googlesyndication.com www.googletagservices.com
js.monitor.azure.com
tpc.googlesyndication.com
6 www.googletagservices.com securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 ps.eyeota.net 2 redirects www.benefitsandpensionsmonitor.com
3 use.fontawesome.com www.benefitsandpensionsmonitor.com
use.fontawesome.com
2 eastus-8.in.applicationinsights.azure.com js.monitor.azure.com
2 sync.crwdcntrl.net 2 redirects
2 match.adsrvr.org 2 redirects
2 idsync.rlcdn.com 2 redirects
2 dpm.demdex.net 1 redirects www.benefitsandpensionsmonitor.com
2 www.googletagmanager.com www.benefitsandpensionsmonitor.com
www.googletagmanager.com
2 cdn.sajari.com www.benefitsandpensionsmonitor.com
cdn.sajari.com
1 s3.us-west-2.amazonaws.com c.lytics.io
1 www.google-analytics.com www.googletagmanager.com
1 www.google.ca www.benefitsandpensionsmonitor.com
1 in.ml314.com ml314.com
1 8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 googleads.g.doubleclick.net www.googletagmanager.com
1 js.monitor.azure.com www.benefitsandpensionsmonitor.com
1 cdnjs.cloudflare.com www.benefitsandpensionsmonitor.com
1 fonts.googleapis.com www.benefitsandpensionsmonitor.com
1 www.bpmmagazine.com 1 redirects
111 29
Subject Issuer Validity Valid
benefitsandpensionsmonitor.com
GTS CA 1P5		 2023-08-17 -
2023-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
keymedia.com
Cloudflare Inc ECC CA-3		 2023-03-19 -
2024-03-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
cdn.sajari.com
GTS CA 1D4		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2023-06-21 -
2024-06-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
ml314.com
GTS CA 1D4		 2023-08-05 -
2023-11-03		 3 months crt.sh
*.ml314.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-12-14		 10 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-28		 9 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure TLS Issuing CA 01		 2023-08-31 -
2024-06-27		 10 months crt.sh

This page contains 12 frames:

Primary Page: https://www.benefitsandpensionsmonitor.com/
Frame ID: 84A1402A7DF09684C59AEA1C3CA52210
Requests: 60 HTTP requests in this frame

Frame: https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Frame ID: 5B40E71D1376EAE48E5896F7577E9775
Requests: 2 HTTP requests in this frame

Frame: https://8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB2CE1A9CAF18A3A6402ED13230F1AF6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiPAV3XSs0J-d4gkxIps1j16A7sa5fxKPme133Qaj4aQ7mE1rOFm8B-5NL-tgN-gSRUeWzW0ujdXePnF5LZgwsuCUwPUmHtgcHDt3CZt7t6_frIO6bt8HjymplHO0Qi_lgPV1-BYjfUpjxbTI3pwFGUIrimNguztQ0jKSJTbZ6V-0qyj2_lGNYF-wot3-YmXzX_7z42aDglUw8qPgeF5T74zQYnQ75dByGHzkaLiqZbfPGnkmI59lodJj9dqfy6QXB31rjbvTwDKiH3xM4iou4jC6K6HyL2n-bGbbY6b-mjJVfq9mel-hZ5ayyhikQeiYRcWqz6ksNnz-zFtNW0wq29_2ygZz5y82IDAot9NDK8m0woIfhfxquBuqFgsnFYHKj7MV6XqQkGQ8ntbvQbjyjkA4&sai=AMfl-YSYTJ9fn6m-bLCrNbGASPy41T0Z9x3hIRyZKjjw7WpCBgF4iBCyWbDLeCPmf-SMjq5Wbmg5etbtksrDX4eLYyDLzfBPEI4sDf0m9VVL2RGMhMaJdmEQOLGpmySqwtw&sig=Cg0ArKJSzJ3oBpRobgODEAE&uach_m=[UACH]&adurl=
Frame ID: 1D998E2816A1EAC64D17E951A22E2153
Requests: 8 HTTP requests in this frame

Frame: https://ml314.com/utsync.ashx?eid=89860&et=0&dc=BPMW_Medavie_Blue_Cross&cb=2105466321
Frame ID: EBDB183A543320AF12A1E15B3A352C3E
Requests: 9 HTTP requests in this frame

Frame: https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=336938587
Frame ID: F827A175135C854D808E92C2C189D781
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlXZRuViqQqWM8QXYIvEIM69fdMgRo2DKQa7_GKmpfUi1BC4SkzB_yT9TTg80QYP95yAZ19G75lPj5OemfIhWZ9AJO87jFTjGcRGP2YOyuB0bBYt2kdEgiCTAqzpeFwrlFleXd2YSQDVeujYlgQQrBgckayCNN2dNja7B3dtMuLBY-FetPEICMxxC1H0E9LX8NVBwyWkg_9-GD5CRNWSaGi4bONB2Y_ziqHu2bQpk5zDmCBmHNDUZlYKT6Wo7zOyh7G5Z0HHGzMH29bIzidxvqRcvqdV-oUROJryaUdRPY920sPdSp7szbQqmnaDdHHzQGawg4gMk0Ujt4BK9qETQmyVofXCZsRpUZp2M&sai=AMfl-YS_hu3HAo8sGSdMaugTUwSlBKpDMp9i1yJnzJjUOk1aIR3zegXZq6z9N_5AUPUPXDg7pzHD_1VQeOgW5eOhHp4SGYAr3glsu9keui4kMuk4TifRM5X6Eae5zteLeg0&sig=Cg0ArKJSzN0Nv_QVm_nTEAE&uach_m=[UACH]&adurl=
Frame ID: AB66EC6C5BE124AA0A64444D8FD63763
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzgh-5COsk2tOi58IfRLAyi2MRBnRfeD0Q1hwQk8xq3zz6gsKtfFuWqlA0QQs0CPfroSR8X1pxg5DrNa6JcybeBzazKAx9W3eBYlQ4Ae597OVZOCn_a2-8SxgKrZlv_xz6vQ7RzQVosicPZ8PiluVJS5Tji7L1Z0W9TcNZOAq5e7QcW28OdaaxIJbUNxNt8OSZzc1kvAm9unDa9WzpGlNFCBS4vPw3bh2n0RufQdpEV5wferkR26_NnRtNrbbyz-cQbdw5wdfbzsF3WVcjtmL9n45HqnBCIBX-nIbUYAAP9OqWcPEP3fevsHcZSiOPjH5K3gRoxehPPuyW_GOzR6DXfBRHwR8JTkOGdNY&sai=AMfl-YSlaXLjc38g1OW4vOZz7THxhARTi1e3YxlzJfBNl11jLoDRYXzj_R_7yAlAln2JULAh9tNpvoa91V7z0apE4PMfh7gMYC3jUze6MTSs8EatnVk2rBux-8_c9i8dFNo&sig=Cg0ArKJSzHO7ejI3N3E2EAE&uach_m=[UACH]&adurl=
Frame ID: 0E1B61C8442373EB7EEC55E05ED83CB3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKRnJFCRLcY8jgsLNmjWuqMJ35fU0sOnOcejYG_SHAAmgXw_Go3t4EdPmNHXJ0-P2N1NP6LCmNJu2kkLF7EOxOmflnZRib3fpzfWJtMSAkeMcF_oDf4FBQiFNZAzSG6pyF5c4IRUPzMW09TQrsKE7zXs8KoS0obtP06dhYSUsXOxMzMYinGfgGySDtltZGIAAA2uVd45_LyQzOtyWQrzElPHtHaj_Mjk8_rz3jYJl-b3ed8EB91W2zSwuzw5o9yjbjUQTct2ccnD10OanWet2bXfsjgVZIvxmHT2hVyLEWGKxOgnqe1yGdX4RLNgl0IzoY1P1LZulZOQ_Quhcyw_XTfeJdfsypM3afltA&sai=AMfl-YTAQ4co4VfhBbtr7ICg9miMK58CoGDPlngHagsJq3fnVLmXU-0FHXxFviYSgtwe-rRTHlbBo48V_o9q_hnlY9LgJmAyRoK7n__VCdTyhjqklHN89-b8VwsnJ2y0vLI&sig=Cg0ArKJSzNOV1AS_PNsuEAE&uach_m=[UACH]&adurl=
Frame ID: 67829CFA2F6E94E1EA41924020CD55FE
Requests: 7 HTTP requests in this frame

Frame: https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=1203258409
Frame ID: CA1336C44260B3F6A729CC56FFF35E11
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A8B04D0FB4524E70374E304A05DBCA56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2454B2020603109D2F963D146DEE9FEA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Benefits and Pensions Monitor

Page URL History Show full URLs

  1. https://www.bpmmagazine.com/ HTTP 301
    https://www.benefitsandpensionsmonitor.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Page Statistics

111
Requests

94 %
HTTPS

0 %
IPv6

24
Domains

29
Subdomains

25
IPs

2
Countries

2120 kB
Transfer

4901 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.bpmmagazine.com/ HTTP 301
    https://www.benefitsandpensionsmonitor.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Request Chain 80
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXmmPOdEGlZOUaeXaIhCpbCyc24BArfNtw96iV58NLbQ0MlpIlj22NkA9A9_MfwSf_ednFYZqUA526B1N248v7hKdS4BGO92mphiEPfr8cQ502QHSvwFMkmORnOqT-HYtPzLqKEB4cV4x5rUK84u8Gi0A-heBoopmZlwlCsc9w0HTViHSr_chnwHRiNDLlklZzOxek37YnqrP56n4Gch9d9IUB56YTpmy3ZYPALIHD2yBImOPODOjGaAgA8lmZjeYSX3sNU-wPSajRxRBgxET1sTx6FcgeZL6DbyMUI2TruQ8Dprc9DZqHz6Mn4Nt0GAERpGJlHAqOFDaSIIH2MZl0Bl8sW6-hmCtl_KvXPXdJU1MQ_xQ&sai=AMfl-YSQvB82tXMtCJAkF85ao77n3IER4GgSUNiHDE-cXoSRLrTTzTu09mxghZVIzvWRXdvozgFSS97ijrhoFY-TACcRbHJ3NMNHQ_WZvvUgsVcZTkMZ1hnW88XGOX8m_w0&sig=Cg0ArKJSzDM8UO-43DJvEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/938868486417794075? HTTP 302
  • https://tpc.googlesyndication.com/simgad/938868486417794075
Request Chain 89
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3638205844146356254&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638205844146356254&redir=
Request Chain 90
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3638205844146356254 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzODIwNTg0NDE0NjM1NjI1NBAAGg0IiLjFpwYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=5904e7c8a7969fc55114a1d5569bb958c9c54e874112e62a111703f15e9f13e0f4cb09cee1a4f8eb&person_id=3638205844146356254&eid=50082
Request Chain 91
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=0af96244-d699-40fe-b695-33241c7aa728&gdpr=0&gdpr_consent= HTTP 302
  • https://ml314.com/csync.ashx?fp=0af96244-d699-40fe-b695-33241c7aa728&person_id=3638205844146356254&eid=53819
Request Chain 92
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638205844146356254 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638205844146356254 HTTP 302
  • https://ml314.com/csync.ashx?fp=5fd60f2e2dba0ec7241206ac02137610&eid=50146&person_id=3638205844146356254
Request Chain 93
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2vN5fvbthjyA2OGGXQKKam1tFH-R6bj7Pp0fick4f24Q&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ml314.com/csync.ashx?fp=2vN5fvbthjyA2OGGXQKKam1tFH-R6bj7Pp0fick4f24Q&person_id=3638205844146356254&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.benefitsandpensionsmonitor.com/
Redirect Chain
  • https://www.bpmmagazine.com/
  • https://www.benefitsandpensionsmonitor.com/
71 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4d5b1ac53005189384f74813e302b0a37aecef86ed8ebad03303f66c39e3642f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ffa76c6581fa1e4-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 03:35:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcbrgtaACbPXIo5PWBJNUVvQILWuIgxbxphsmiWLQnDj2GRHSCfmqnni7FJesXHBM36%2F8SiyZTiHFJDzQC55ZV4Fv9ktDu0%2F7QkavgIm%2FC5tas9Zm1LzsmWdv%2FoP5neXzY9foLhegmtQXTAuVluDKVji3fw%3D"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

cache-control
max-age=3600
cf-ray
7ffa76c5bbde3a05-YYZ
date
Fri, 01 Sep 2023 03:35:34 GMT
expires
Fri, 01 Sep 2023 04:35:34 GMT
location
https://www.benefitsandpensionsmonitor.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERMxARSZ%2BovhVeIX%2BlZIaQP0c42fa2R4giZT%2FRwANi1imjBIyOrAjcDIadzqpefGAdyjBQolshkaMVK8Sy%2FaziEcch8hYQlrpxIMJ8oOu%2F2aKF%2BIBomCxVWHOog7QLwQaQ%2FtzX6C"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
22f7d96cec1bb8460edaad31832a5a5eb464d5fea528118c7ac2de337dafc2e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 03:35:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Sep 2023 03:35:34 GMT
all.css
use.fontawesome.com/releases/v5.15.1/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.102.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
K7A9J6CXN87V2EEY
age
2421035
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oP+LLhB68GWOl29t+bC3pne+OQMKgxYAc+oOJC1zPe3DF4wE2N/X7+TU+Ob6geEuD752Hxv60fHeexKKXN9X0i2xyGYiuKdCZBHEgePzXnE=
last-modified
Wed, 30 Jun 2021 15:40:30 GMT
server
cloudflare
etag
W/"b227b1617a1763c8bc056772f05482b4"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNNcNFdefP7qs5dzo4vjG2J567u%2F1gWStGUmgnf5WZGsueYx3tWxgDFrgkqH0mZM3Ax0AL4iaEbwNK%2F3PMyp%2Bp7mndrjrZSHfmO5azSV7uknaol%2FpZh9A6mIE4I0nJrlmXGgKDg1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7ffa76c84e8cc44a-EWR
site.min.css
www.benefitsandpensionsmonitor.com/css/ 		118 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitsandpensionsmonitor.com/css/site.min.css?v=4Uz-QjdTe9I_uZ19mVb33fA6hdUy1JsF8VK5U3G4NfQ
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
155d083e71e7ab6e2eb5da29b26f8913c992b80198db9664167bce6808af23b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 07:35:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4634
etag
W/"1d9d65d8a9cf716"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSp2jCM2%2BMHN0FFsngUxj7Xssz0cppdFzFUUszw33mn7jd0BUVz%2FIt6K%2BiqPb5PWtgBBsqxztrQ20jawqOOdm9C6EbW7a3%2F340Y3eJChBUdrZqZx0jkjgxEEJxKoLTYxJ%2FBhojSm%2BRJdheVHoPpBEynoUpo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7ffa76c7c991a1e4-YYZ
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
0405_638290912571681806.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=680,h=408,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=680,h=408,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0405_638290912571681806.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9144bec734c58e9d3572af36cff4da4bf48e51fb34480657a8991191ac1d33b1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
16366
cf-resized
internal=ok/h q=0 n=8+224 c=3+350 v=2023.8.1 l=16366
last-modified
Thu, 31 Aug 2023 15:07:37 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfCf6sp5DJSQXYLmMiy51tAG5Q6GsGMvav3JMDfRZKDQ:0x8DBAA34034EE405"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gesuHY8FbKlZCultu5ONuKyuwBDm2IpAz8yJxic8bumC1UwwitpEH%2FAwIWOmvzAmMVB%2FD0nYW%2BjIIn3Til9RgGQL8p6zq3i%2F9ZAmcipmlUyXdT2CLeyYOzqUB6TUg5RBaTZqCzWs"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c95b8436d0-YYZ
0405_638290911054983064.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0405_638290911054983064.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12807f50ffe0732ac3d06433a7c4b9ff18886679969f2f969140cdcab188a9f1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2733
cf-resized
internal=ok/h q=0 n=10+0 c=3+51 v=2023.8.1 l=2733
last-modified
Thu, 31 Aug 2023 15:05:05 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf3RMLpZVR0aXITZzYgFjof6p1hG1-gvlHNtrRRN6BDQ:0x8DBAA33A8D3452F"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRZmGPz7dKSJK2o%2FSMycMoDXL0LpRB7YS3W5QOIOIo97nSVsyIiB6g4Mox7eZDRZI6eLYdRbcVSyZexUFeamBI6nUm7AMC0y%2FYYW1lKlMjcm%2BDH3kViF2m2VJRktxqXvw8u4LA7t"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c95b8536d0-YYZ
0405_638290909374512516.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0405_638290909374512516.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce5ab2ba42b06635fc31861575b5c6d6c0dfd0408f42dbff8e688f49cb5fd2c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3531
cf-resized
internal=ram/m q=0 n=0+0 c=2+69 v=2023.8.1 l=3531
last-modified
Thu, 31 Aug 2023 15:02:17 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfYE_kE1qbnLs3849DvUwM2ze7hG1-gvlHNtrRRN6BDQ:0x8DBAA3344A9B09A"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FggCYTobLd6TxLrkfA16VNa2waMOpNYMP8L1T2yh6yeRNoQ778eW7dIxMca4MTzQzaZTbFAlGzj%2FHrw1WtpBN6GnaNihPCg5xiz0ahBSCMykqnMVe717MHwlS705xXEt3p7uduF"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c95b8636d0-YYZ
0270_638290901412110383.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/us/036/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/us/036/0270_638290901412110383.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c758a5543c7690899adf42a579f60ed96110e2af132187b42ea17dba62c506ef
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3303
cf-resized
internal=ram/h q=0 n=0+0 c=2+61 v=2023.8.1 l=3303
last-modified
Thu, 31 Aug 2023 14:49:01 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfI4ekY5iITVks0KRDLGorpGfChG1-gvlHNtrRRN6BDQ:0x8DBAA316A1348F2"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drHmVxZ9C1ThdhhyzG9s8dHMoZIcfhHXVsiNTAp8MuzjNlxMDRp2XQUroYYZCkblF9%2F478klO%2FWvA5Dgrwuug2abW2riAmtK3kG0X8DZ566dymDrLtlmzzTRqlqVTf1xW3OIsjR5"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c95b8736d0-YYZ
0416_638235740276059227.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0416_638235740276059227.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc765890aaaca37c31fb572ff9db7356e17cb243265b78533e19d97f32752b42
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2681
cf-resized
internal=ok/r q=0 n=76+2 c=102+52 v=2023.7.3 l=2681
last-modified
Wed, 28 Jun 2023 18:33:47 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfbGQ7S9d-4NNTieJbD1cCmAyzN13a9_yJUG5aXFUODQ:0x8DB78063644B912"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oCUVadyRBW27LWjXQxv9nM9HvE%2FwIhzgiPPZijWwquJIrd4DLRJlcxnpX2z%2BYRnUzfW89VKigtdRrGuDH4c8x8HNXkFKkBvqHW%2FXeCQ0pLoMByOeF%2BqLgM%2FlkH2%2BBE%2FGY2Zi3c7"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c95b8836d0-YYZ
0380_638243366583363374.png
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0380_638243366583363374.png
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de5cd45cccf973d02676e44e13c0209769eb7d8cfce2fcf8139238ee982f47ab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3837
cf-resized
internal=ok/r q=0 n=33+122 c=0+0 v=2023.7.3 l=3837
last-modified
Fri, 07 Jul 2023 14:24:18 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfzzl8pXUI6fCaMemyI5mM5BwYN13a9_yJUG5aXFUODQ:0x8DB7EF5D98B11A1"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGNrOju9Vg6e9ha9m6on3r5B6erHoPGIxPoC89vNOMUoYURlyDOuPOkoLUN%2BkyIoaq0V6ocgaUSdaCzE4tLE%2FZhDMbLeVBDUnoQ1ji%2FbgzIS8bIX%2FuUDtPZInhClmyZnZ%2B6Uwe1g"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c95b8936d0-YYZ
0379_638259010816384828.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0379_638259010816384828.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9139eb008a6920449b04b7f2d0f7a2695867ca922bb43436f48c2eb88a9f70
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7771
cf-resized
internal=ok/r q=0 n=97+163 c=0+0 v=2023.7.3 l=7771
last-modified
Tue, 25 Jul 2023 16:58:01 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfJ5JxOG8CxWV76FcRo0Yh04F3N13a9_yJUG5aXFUODQ:0x8DB8D304E90AAF4"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AghdddMVA6MipBU%2FyyN9YYtjVCebKMl9jAxAyZrz633c0l74W2Ub1xGkro2ErL32huSKSnwJOalNlixhaxcB0H2n4XGQm%2FLf%2BIxUtgcqC%2BoO%2Fgyrqpl9b3QFZeidEWF%2FX66u54C3"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c95b8136d0-YYZ
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bba85d52f419bb9365d86381e26312d66637098838f5a2a5aba5a2a50bd0babe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29013
x-xss-protection
0
server
cafe
etag
673 / 19601 / 31077538 / config-hash: 9138544750796065848
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:35:34 GMT
logo-white.svg
www.benefitsandpensionsmonitor.com/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitsandpensionsmonitor.com/images/logo-white.svg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
81b2a42fe9601870364f23ee6cfb94073cfdd6a03a70802a54bd242b88cce769

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 May 2023 09:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4633
etag
W/"1d9896843215d7b"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7IJ67ycdH66UOOseVpestKWzidc2RxiRbeDhb630RKVOhI%2B%2FuRK0TRYw8bxREqez5IK1Y9lQYe199k4JjRudRZe%2Fw%2FUQN0xnZMr6Le4jagiKtM0OFPn4XTt7ddK1crEWFrqupjZTh2YjksjElx%2BPLhEW%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7ffa76c8ea91a1e4-YYZ
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.9.1/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.9.1/underscore-min.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1935807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5833
last-modified
Thu, 22 Jun 2023 11:21:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942ebd-16c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPVfenAPxJnba6w1Jsq6FyLgew1sLUA8i9Gi2%2F5kWnylOG6FSbHV5V7LymwZJFZJmdY9z8yonKzKhOHmwP4GZorXnv140mZKDQ2AbAJ5rHxBisOMqY%2B89%2BMS5Y1%2BslS81JDONj3o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ffa76c90fb836c0-YYZ
expires
Wed, 21 Aug 2024 03:35:34 GMT
site.min.js
www.benefitsandpensionsmonitor.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsandpensionsmonitor.com/js/site.min.js?v=UT-jdT4iKaL5lsdmbYXMi0Z0AJP3g2jH9_ztRapS7xU
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
986234269574843718b280cee20a2027b06a5a4d4ed4a2109e4702c91980ee81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 May 2023 05:41:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4634
etag
W/"1d98ecb9eed5bcd"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fiLJth6%2F9nM7cnLRWqamKpHbK%2FKHYp75TGYzA0geCAWKZPkfo6VJ3lmxOZwQj6HhmE3KmTrBVgn5R2vILsK9nmCv%2F1h%2B%2B2XPcu1G2FSC9lk4OwtucI4UjRcah%2FeSTJyNU0mijtssofpT26NTwfF2nywJ1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7ffa76c88a4fa1e4-YYZ
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
loader.js
cdn.sajari.com/embed/1/ 		210 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sajari.com/embed/1/loader.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.50.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.50.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aebf9956840a795c31489aa11afd8f9ae40e6b39805e04b6e43c9b57165dca8c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdsVSnVoWNSWvu4BCPEmRX3v0OsmkyvMjAXuPhJZ62REjaWNkgDy8QBSd6GQ3WRHLKQC2GyaqHhK3YoYu7T0DEpvhZTdAZmg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179
last-modified
Wed, 30 Nov 2022 00:53:27 GMT
server
UploadServer
etag
"6195527ed4e9982e67129ecd537748f3"
vary
Accept-Encoding
x-goog-generation
1669769607635397
x-goog-hash
crc32c=gEY+DA==, md5=YZVSftTpmC5nEp7NU3dI8w==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-cache
x-goog-stored-content-length
179
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 31 Aug 2024 03:35:34 GMT
gtm.js
www.googletagmanager.com/ 		153 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N54PC4S
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
278fbba3583522a49245597896e90e2c0f993460684f186255e4ca36fff4fd83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59518
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Sep 2023 03:35:34 GMT
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		119 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.253.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d31a69f7ae0d174b9e6054ebedb533ffa1c85de012409db3fc16fcdf9cc525b

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
x-azure-ref-originshield
0BlzxZAAAAADD8p7SSO8pToOY1vhtWrb4RVdSMzBFREdFMTUxNgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5
ZPZ9afZflgHlfMADU+ZCqQ==
x-cache
TCP_REMOTE_HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.15.min.js
last-modified
Wed, 16 Aug 2023 18:14:35 GMT
x-ms-meta-aijssdkver
2.8.15
etag
0x8DB9E84A5D319AC
x-azure-ref
0BlzxZAAAAADRrfE+OEbaRLKhLFOVRRJ9WVRPMjIxMDkwODIwMDIxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d0dbef4b-501e-007b-2981-dc4f9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 10:48:11 GMT
x-content-type-options
nosniff
age
492443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20432
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:38:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 10:48:11 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.102.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer
https://use.fontawesome.com/releases/v5.15.1/css/all.css
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JPG24YJPSXGWZQ6Z
age
1577364
alt-svc
h3=":443"; ma=86400
content-length
80300
x-amz-id-2
znMWQpe/mUGdkp4TZdIkrNAPztbxLz6flfczQX6ohi+xGHYPTodVoZCTy5CpnNorld5tZUN1e+Q=
last-modified
Wed, 30 Jun 2021 15:40:53 GMT
server
cloudflare
etag
"8e1ed89b6ccb8ce41faf5cb672677105"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufgK8ZLiR%2BgKPt0%2FM1KhG%2F38GR%2FxftyfislDCeCiRhIRsybw47zZ36ZYWTJ2DO2VAeeqE6jMF%2BEPlbdp3mLJQUKMGPTPmghtMmOE2wYp1pgQ13qY48Siks%2BGcDxtzZlZ%2Bb6ykY1R"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7ffa76c91f28c44a-EWR
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 20:33:48 GMT
x-content-type-options
nosniff
age
111706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27268
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 20:33:48 GMT
co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 20:34:40 GMT
x-content-type-options
nosniff
age
111654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21012
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 02:17:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 20:34:40 GMT
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 20:40:01 GMT
x-content-type-options
nosniff
age
111333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20200
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:28:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 20:40:01 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.102.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer
https://use.fontawesome.com/releases/v5.15.1/css/all.css
Origin
https://www.benefitsandpensionsmonitor.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5QSCFJ1EZKRR1CEK
age
916323
alt-svc
h3=":443"; ma=86400
content-length
78460
x-amz-id-2
A44NGo1jBvKMYb6kCNmknchBpPC7/xx43KTNU6Qv8GHGMqvv0Tn7/bLoGdm3qz5GsX2L+d91OoI=
last-modified
Wed, 30 Jun 2021 15:40:52 GMT
server
cloudflare
etag
"f075c50f89795e4cdb4d45b51f1a6800"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr6w%2FCbK4PeuCiwDqAzpx4GWtAHwWEy5UVs8EAATjouY03DfFfTp3v70qQvC4p3cTtAfI%2Bbiov3RvhCTIAB9fqpfLCJQYPsFCt1%2BNbJsPczIxl1Zg77RK22aaC%2BEZYSloGizo8F%2B"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7ffa76c91f2ac44a-EWR
0416_638240720879273421.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=160,h=223,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=160,h=223,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0416_638240720879273421.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff5c482161de24d68eaddba9e083af6a0c933fbfe8a019e8cd9a84fbe5d4786
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
10405
cf-resized
internal=ok/m q=0 n=97+0 c=1+121 v=2023.7.3 l=10405
last-modified
Tue, 04 Jul 2023 12:54:48 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfsvK3j5R47uFlbyVdakADVPUFL57L2OJbxIRVSmh7DQ:0x8DB7C8DD9575643"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etSyPGCnGqtVb3Hc%2Fi9NppN1sslPIz7sdTz2Tf7UBbUVKMkfTiJqze3MeeSTo7HVET5PdqMHXP9X5x0bMYlFZljO%2FqFUSFkmkfz4vvaD5o1NZvjA0Qhx%2BaKnuEecK6zCkKiKkAjt"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c98bc536d0-YYZ
0405_638290914930727478.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0405_638290914930727478.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db368eb2198fb7fabd18447ec5818684af2d37c2d278147e382dd9091908f49
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5196
cf-resized
internal=ok/h q=0 n=13+0 c=3+100 v=2023.8.1 l=5196
last-modified
Thu, 31 Aug 2023 15:11:33 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfCN8vWcOMA9xjs9ZxMAOwNuILhG1-gvlHNtrRRN6BDQ:0x8DBAA348FE2A73A"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQDvNPu89zPNHgs7TF3AJ08xfOIjGS3DT2ryVimGvit%2B5DqsLEOjNgERrl0t7a3antwAfxdaVWCAUCVITpPdJEH3IG4Ai7FX5MagJFjdhBtiQOZm2K0Bd7kB3eBoXGT7Kk4JqFKK"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c98bc636d0-YYZ
0379_638260712350258409.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0379_638260712350258409.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9999fadf0bb627e2350c27cdc9e2e9eaf4054833b7431a2a4df092ae3554c9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1757
cf-resized
internal=ok/h q=0 n=10+0 c=1+41 v=2023.7.3 l=1757
last-modified
Thu, 27 Jul 2023 16:13:55 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfEZ4WXOBatFszEfki1aucd_tAhG1-gvlHNtrRRN6BDQ:0x8DB8EBC79DD06BA"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMCGS7bYJC78t%2B4Xh6Yhn7IEWjbaTepjWPxngWZPuqd2L5UmbVSfG5yzM8xtMuaXvp9NRwO0yyWovV6vAzrhHfcDOru%2BPI0lMrQOuH9cL4CsbUidpoSXtlYWCUavwzQ%2BQfTSlrxq"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c98bc836d0-YYZ
0379_638271244057343798.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0379_638271244057343798.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b11731cad9b522e095aa57c5323bc4e60bf5c5ec3ca537507708dc6e4c6596a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1914
cf-resized
internal=ok/m q=0 n=40+0 c=1+48 v=2023.7.3 l=1914
last-modified
Tue, 08 Aug 2023 20:46:45 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfPElnxiVqxn47evgqtZLtVHkJhG1-gvlHNtrRRN6BDQ:0x8DB98509481C9EE"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVcshUCouxR4UjOLLMtSaseECkvU9Hx0x5A93yCuM0YDUaRW7M%2BpN8u%2FfbY9S5OVQPjhFT3XORuGpVM2BlayMxAL4SHj8smslfo3Fgvn5GrQkL7x6HxzxmYT%2BitrY9I6eY1fgRFV"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c98bc936d0-YYZ
0416_638236786968401602.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/0416_638236786968401602.jpg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785c1f4b0f336168b4c4a5a048fbdb936d8b0c2c2eac51aed8413c143c41ac37
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1264
cf-resized
internal=ok/r q=0 n=27+0 c=0+34 v=2023.7.3 l=1264
last-modified
Thu, 29 Jun 2023 23:38:16 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cftQ6sfjC9LN0_P980DIDgv5pihG1-gvlHNtrRRN6BDQ:0x8DB78F9E9ED5D9A"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrhqjd%2BdacyN1OjmBzmGtx8NOyoUIvVk1N3wsDoDu79DvNRu0qQX4X8691AQL637d2AGU1abkBDr5YsP9NalLfEyop6OfqGfqPmrbsJgv0HYzCm8tJCSzSlFzWJHK5NTxBy%2Fc8Ee"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76c98bca36d0-YYZ
logo-gray.svg
www.benefitsandpensionsmonitor.com/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitsandpensionsmonitor.com/images/logo-gray.svg
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b3672e8f53d4cd14250c0d76315fa94c7311da3ce7235696d1aa6fa39388dcb6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 May 2023 00:35:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4632
etag
W/"1d98469afcca1de"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srEgLDYjTDFaPq6oob7L1Rt332AcmRYYA10EAV2K3Mx%2Bu8hLdPHNXobN5oSkulQOh8NrYhydlFr8uZdeSBzmmVmDP6Tm%2FscbmCDaSONKhuSepxhi%2F60Qe0FJQ%2FFxuRl3R7ktG989MESWqxq8T6JwtJjxNLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7ffa76c98b02a1e4-YYZ
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
main.js
www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/ Frame 5B40
Redirect Chain
  • https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4650d312f8c19f7d298668d579d9fbfebbd6617ec6adf053fc6b1b981ff37295
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2F1tMGqjOwdau1WLapUKzSazepu7Khr29pmm2Gt%2B8smJg32WIrYvm1vb4mSnFObqzSwygYQ%2BEJjOB3AQ4kC2V17IepICYUYaxiU4JAblL1OSljV7UFIsUrDcPFxQU3Sm9M9qjLlMRMTkf8cAETaJO31K8TU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7ffa76cabc04a1e4-YYZ

Redirect headers

date
Fri, 01 Sep 2023 03:35:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaduQOd3iQfVSrToHwRpWODk4%2BruZlHKf%2BZTc0%2F6GKojtCqT%2BfNc3YjkUwQVzeUjpYWMtuJXz5JOy0KqLRcM2BiIArZdsQX%2B3GpORqBkiTUUBTlUn7Gzyx9XIVbynySIlAlqtWU0gdgKiXc%2Fv8aww6ijdyw%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7ffa76ca6bbda1e4-YYZ
bundle.js
cdn.sajari.com/embed/2.24.0/ 		818 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sajari.com/embed/2.24.0/bundle.js
Requested by
Host: cdn.sajari.com
URL: https://cdn.sajari.com/embed/1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.50.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.50.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99ae26c1a22048b879b145ace32446b3b92cae268ade305cd6e89bb885b5bcc4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 20:21:31 GMT
content-encoding
gzip
age
1408443
x-guploader-uploadid
ADPycdvgX7-o7KxEZ7yUjuqtBvI6zNS8UYw6jkn804Tsq5cNNLX4cUclTeSy8l3tmMc22QofQSV8owodUDSHN9-hFH3clYA7lhyT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253108
last-modified
Wed, 30 Nov 2022 00:53:27 GMT
server
UploadServer
etag
"64d4e7d24346e15977725b3c16cd2f74"
vary
Accept-Encoding
x-goog-generation
1669769607706680
x-goog-hash
crc32c=sbimEQ==, md5=ZNTn0kNG4Vl3cls8Fs0vdA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
253108
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 14 Aug 2024 20:21:31 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
667d77669d19714ac96c979a077c8c1ddeb43e5d9b425bf78da585cb92935dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 22:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17848
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129791
x-xss-protection
0
server
cafe
etag
6482524881801658577
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 30 Aug 2024 22:38:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		56 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.benefitsandpensionsmonitor.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
09aa06d6fab5091123ebb092899db977cb61633bbd03e4a3734d4f2251a6e54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Fri, 01 Sep 2023 03:35:34 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/?random=1693539334863&cv=11&fst=1693539334863&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&hn=www.googleadservices.com&frm=0&tiba=Benefits%20and%20Pensions%20Monitor&auid=818068964.1693539335&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N54PC4S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c2715bb49acac0e05315dc77f23865fedfdece501545159ef31567892fe5e9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.min.js
c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2b5c06d11b49f1a09b3c617f06d571638820619a918df7141e86d0157a996c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 01 Sep 2023 02:45:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3007
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2F0k79L95n%2Bz%2BiEJv5wW3c27XoXRCqQChfdQ%2FoPzZKY0uTnl74KIr1I0Be56h8XmMpEJHlZaL5mB0wIFpnzKdUNz%2F4roPVQVTEc3%2F7UOuuAVyTd5l4Mi4OoTwikm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
content-encoding
br
cache-control
max-age=7200
cf-ray
7ffa76cb89bfa241-YYZ
tag.aspx
ml314.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?317
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:11:53 GMT
content-encoding
br
age
1421
x-guploader-uploadid
ADPycdtCjKeiUl7_iegfkEdx1fYkyJJoTqo0dlu8-_LOkQ1DUsvJHx4L6qDSD3_OplSSowNNrUCqE0fIOhGALbwelAcjRQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10515
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
YYZ-2ad17a5c
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6PGJWLVE01&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N54PC4S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
58ba5232b0e1a8b412486138c17d3ca160883ff364a4bb78d638c5975c8e112a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90555
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Sep 2023 03:35:34 GMT
7ffa76c6581fa1e4
www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5B40 		0
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/jsd/r/7ffa76c6581fa1e4
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7ffa76cc4da2a1e4-YYZ
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHBm3oF1%2ByxppKRlH%2Blo%2BEbC3HBXmSRvy%2FOrRok7LI8sm1jpXvHv0WY0SJ7rsdn6IbWFD8KPjio3oW%2BpuvM%2F3DORAu%2BvBM%2FCoKC1ht3BrkbIPMZ9%2B8N0cBUa4mOYlxuC4I5AiD54KBXlAOOdx%2FlQqL1CKXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
fancybox_sprite.png
www.benefitsandpensionsmonitor.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitsandpensionsmonitor.com/images/fancybox_sprite.png
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/css/site.min.css?v=4Uz-QjdTe9I_uZ19mVb33fA6hdUy1JsF8VK5U3G4NfQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/css/site.min.css?v=4Uz-QjdTe9I_uZ19mVb33fA6hdUy1JsF8VK5U3G4NfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4632
x-powered-by
ASP.NET
content-length
1362
request-context
appId=cid-v1:3e5da5d1-8666-48e5-9b24-889662c99d07
last-modified
Fri, 07 May 2021 01:38:57 GMT
server
cloudflare
etag
"1d742e1befc4bd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot5kT49zYlXAHoKGInprN2GEookbISAVCYytQWPt6ApR%2FUYR9zdV81Quzjx2XGWjiGD64o5%2BKzjPqS3DBQJUTJCFzU9qwqdVhQ63L9BqtBAyMyfM1Ph4T%2Bpal1F3wMCly85Dx2w2lCzX7jjOeoGyGKmoj3U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffa76cd9eaea1e4-YYZ
ads
securepubads.g.doubleclick.net/gampad/ 		254 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=511104358274274&correlator=2234078376203360&eid=31076475%2C31077538&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fifs&iu_parts=1042886%2Cbpm_homepage_640x480-prestitial%2Cbpm_homepage_970x250%2Cbpm_homepage_300x250%2Cbpm_homepage_300x600%2Cbpm_homepage_fluid-wallpaper%2Cbpm_homepage_oop-catfish&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F2%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=640x480%2C970x250%2C300x250%2C970x250%2C300x600%2C970x250%2C320x50%2C1x1&fluid=0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1693539335276&lmt=1693564535&adxs=-12245933%2C315%2C1181%2C315%2C1173%2C315%2C-12245933%2C0&adys=-12245933%2C120%2C1230%2C1620%2C2555%2C3632%2C-12245933%2C4213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C1%7C2%7C3%7C4%7C-1%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&vis=1&psz=0x-1%7C1600x330%7C299x250%7C1600x330%7C300x600%7C1600x330%7C1600x0%7C1600x4132&msz=0x-1%7C970x250%7C300x250%7C970x250%7C300x600%7C970x250%7C0x310%7C1600x0&fws=644%2C4%2C4%2C4%2C4%2C4%2C132%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=369381993.1693539335&ga_sid=1693539335&ga_hid=162984793&ga_fc=false&dlt=1693539334333&idt=866&prev_scp=%7Cposition%3D1%7C%7Cposition%3D2%7C%7Cposition%3D3%7C%7C&adks=3997940034%2C212881916%2C2931860529%2C212881918%2C2206214054%2C212881888%2C34642965%2C2537463320&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
fdba2f4a459517b25d2cb5d52122aa87296fcbde18c53a2303fd62db13e8db53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28129
x-xss-protection
0
google-lineitem-id
6372964226,6370830707,6358557042,6330245742,6370131516,6370131516,-2,6358552503
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138444776393,138444976054,138443098984,138436934871,138444757104,138444757107,-2,138442383066
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.benefitsandpensionsmonitor.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB2C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 03:35:35 GMT
expires
Sat, 31 Aug 2024 03:35:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
utsync.ashx
ml314.com/ 		644 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=89860&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&pv=1693539335378_zjvedkivu&bl=en-us&cb=351007&return=&ht=&d=&dc=&si=1693539335378_zjvedkivu&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7db9b9e9c0c8b1e3044085f6c1b663396441f9a9fa64f68dc3bc805add9d3877

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:34 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
expires
0
ud.ashx
in.ml314.com/ 		20 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=3172023&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?317
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.56.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-56-174.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 03:35:35 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Sat, 02 Sep 2023 03:35:35 GMT
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/cid/ 		24 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/cid/04efff7793bfc7d9b702b19cc7b0db31?assign=false&callback=u_286600047629661060
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780ab4a7c1c3d4f6a0f184d02da6b7a1f40d7f6c66de3eaeb98eebd4298f6247
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
24
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMEbSfFiAWDv8kxcucRJ3liMQfLcc0PTqAWMrkKAHw85A%2BDmMByXcO0%2FVBxSPdlMds2rGaaMP8uol9XNvM%2BpFkM5XEE108SZ3HBwWTIj77B1y7241Ov3j5uFWKKJ"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
7ffa76ce5d7ea241-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
/
www.google.com/pagead/1p-user-list/948015301/ 		42 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/948015301/?random=1693539334863&cv=11&fst=1693537200000&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&frm=0&tiba=Benefits%20and%20Pensions%20Monitor&fmt=3&is_vtc=1&random=3021254775&rmt_tld=0&ipr=y
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/948015301/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/948015301/?random=1693539334863&cv=11&fst=1693537200000&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&frm=0&tiba=Benefits%20and%20Pensions%20Monitor&fmt=3&is_vtc=1&random=3021254775&rmt_tld=1&ipr=y
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
267 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6PGJWLVE01&gtm=45je38u0&_p=162984793&cid=369381993.1693539335&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693539335&sct=1&seg=0&dl=https%3A%2F%2Fwww.benefitsandpensionsmonitor.com%2F&dt=Benefits%20and%20Pensions%20Monitor&en=page_view&_fv=1&_ss=1&ep.debug_mode=true&ep.author=null
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PGJWLVE01&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefitsandpensionsmonitor.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1D99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiPAV3XSs0J-d4gkxIps1j16A7sa5fxKPme133Qaj4aQ7mE1rOFm8B-5NL-tgN-gSRUeWzW0ujdXePnF5LZgwsuCUwPUmHtgcHDt3CZt7t6_frIO6bt8HjymplHO0Qi_lgPV1-BYjfUpjxbTI3pwFGUIrimNguztQ0jKSJTbZ6V-0qyj2_lGNYF-wot3-YmXzX_7z42aDglUw8qPgeF5T74zQYnQ75dByGHzkaLiqZbfPGnkmI59lodJj9dqfy6QXB31rjbvTwDKiH3xM4iou4jC6K6HyL2n-bGbbY6b-mjJVfq9mel-hZ5ayyhikQeiYRcWqz6ksNnz-zFtNW0wq29_2ygZz5y82IDAot9NDK8m0woIfhfxquBuqFgsnFYHKj7MV6XqQkGQ8ntbvQbjyjkA4&sai=AMfl-YSYTJ9fn6m-bLCrNbGASPy41T0Z9x3hIRyZKjjw7WpCBgF4iBCyWbDLeCPmf-SMjq5Wbmg5etbtksrDX4eLYyDLzfBPEI4sDf0m9VVL2RGMhMaJdmEQOLGpmySqwtw&sig=Cg0ArKJSzJ3oBpRobgODEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 1D99 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
48898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 14:00:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D99 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:35:36 GMT
5309217833160978465
tpc.googlesyndication.com/simgad/ Frame 1D99 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5309217833160978465
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
e81b1fabcad383b9a055d05d4c601c353872536aa6cd7f83be4e44cebef904f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 00:12:13 GMT
x-content-type-options
nosniff
age
12203
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101131
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:24:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 31 Aug 2024 00:12:13 GMT
l
www.google.com/ads/measurement/ Frame 1D99 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRymtiUHNAdfrVuojRyd-AEV7eJas6R3LYSh080Dr0nvEWmHs59S4ONl7puUb_n8lxX8cXL6ma7g95mtNnfGUpmTg_4Gw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
utsync.ashx
ml314.com/ Frame EBDB 		43 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=BPMW_Medavie_Blue_Cross&cb=2105466321
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:35 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Fri, 01 Sep 2023 23:35:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EBDB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYVaDHkBX4wF707P0mJqaHxpQekIXy1PsXM4XUKZ8E9OtsS_udpAI6uIs79UbE4BWmPc5S5es4NPLDHf2BKOaE8PQIQPE9rzntD0YzPPfWi9JDvToi84lHCnhxYjq7cxE2D3qAN0fWrc5p_EySCpaHVx3LGIN3zSkY5Inp_YMRaubi0jTCAszDLyn2MIic6wpaspYJnHOT8oGPGS2wzSsMxSJUldoj8DLpu18UkPDrjA3yQbMzcnBasyl4relCK2ld_EzpPDRKusoID5ibOSOFhY75kn57HQeLVFig_M8fH31yY4YlP6bkl1HQYWkZOFHhkRtsRGFvuK3YTRxQCsep94M9jD4mreG_77k&sai=AMfl-YRC9ZiOY09GW83lSQPI1w9VNZLHuzKESSFqhqyZZBnCVxPMN9ibI_KhLuefT5oieags6lrsNI1WATNUc-xzLPT8ihrRbfbZuWSesYi4D8Ul9iBF7KHjYTVxykSZVuI&sig=Cg0ArKJSzLrXXefB5fXHEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame EBDB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
48898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 14:00:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EBDB 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:35:36 GMT
2453369684630933724
tpc.googlesyndication.com/simgad/ Frame EBDB 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2453369684630933724
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
ac449f31778db9344bb6418a7c6508c4e2ca63758ecb1a981c7ff1e3f850e026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:47:02 GMT
x-content-type-options
nosniff
age
218914
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134088
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 14:30:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Aug 2024 14:47:02 GMT
l
www.google.com/ads/measurement/ Frame EBDB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqKGOR8xW5NlOmuEFHSLt2OJcvhjp_v9s88Vn9kBPQ7KjTDt0RdVmvOK5TmAQUXEIrn1sPR20PmnDO7Rq0GUWPWswIAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
utsync.ashx
ml314.com/ Frame F827 		43 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=336938587
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:34 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Fri, 01 Sep 2023 23:35:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F827 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE_j0LKTW0WV7RshfbYRdR_PRo_V1qZR2QugEfw1XyGNq_Qq1ichXrorWUrS7PzKjrxcNsD_KYA7HmpOJbdWgX6TT-j0S6o-5mXwgK1xyrzym3Ac9h4AflVov6pT2Iw_eqqNSICQWEIkZc9CJlrq1meBbFbERFg-2jhb4GKxVxF7Qby-jxG1SQsfwzKv4q11bHPrzMPb82Oa6bn54Sk-IjDSjTAoXGUxXkezFqjJnNFTFM_Urar3tJiyckgfbIFhYzN_DrUClK647JtY6oGP2MP3qERFuvfgvn-16BWIlH_-bvEKCkd0-aJllEcwJrwD6Ze041fK1xTXP9QH_1FjhHLtD6AvvUxtMQHWwoaQY&sai=AMfl-YRr8Fa_du8nxes9Z2k1V7o5N5Dk5tVKDLn4iTrVD9zY1zPwfoffwuQ3LulHmJ1ubv3Kxi4ihTkOaw9u81c6L82WJpOEhEbjGKttXqI2ymWWtcdvgmSSVNwWfzl7OiM&sig=Cg0ArKJSzNQb4lIpdqWkEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame F827 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
48898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 14:00:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F827 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:35:36 GMT
8141981464877924056
tpc.googlesyndication.com/simgad/ Frame F827 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8141981464877924056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
81f3524a047e935982417031e51ea8b28a6bb30e47d65a65d0c94b88178453ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 12:57:23 GMT
x-content-type-options
nosniff
age
311893
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28541
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 18:56:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Aug 2024 12:57:23 GMT
l
www.google.com/ads/measurement/ Frame F827 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1GlPy8tkO8xX9LQfa5Qt0al_rTIJFkNHTvTXQ1rwHaGyBAjGVyUrZYr6d9L2TwNXH0FgIaqVZKuGRsqozVmwjwG1hwg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame AB66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlXZRuViqQqWM8QXYIvEIM69fdMgRo2DKQa7_GKmpfUi1BC4SkzB_yT9TTg80QYP95yAZ19G75lPj5OemfIhWZ9AJO87jFTjGcRGP2YOyuB0bBYt2kdEgiCTAqzpeFwrlFleXd2YSQDVeujYlgQQrBgckayCNN2dNja7B3dtMuLBY-FetPEICMxxC1H0E9LX8NVBwyWkg_9-GD5CRNWSaGi4bONB2Y_ziqHu2bQpk5zDmCBmHNDUZlYKT6Wo7zOyh7G5Z0HHGzMH29bIzidxvqRcvqdV-oUROJryaUdRPY920sPdSp7szbQqmnaDdHHzQGawg4gMk0Ujt4BK9qETQmyVofXCZsRpUZp2M&sai=AMfl-YS_hu3HAo8sGSdMaugTUwSlBKpDMp9i1yJnzJjUOk1aIR3zegXZq6z9N_5AUPUPXDg7pzHD_1VQeOgW5eOhHp4SGYAr3glsu9keui4kMuk4TifRM5X6Eae5zteLeg0&sig=Cg0ArKJSzN0Nv_QVm_nTEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame AB66 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
48898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 14:00:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB66 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:35:36 GMT
2835067271640315872
tpc.googlesyndication.com/simgad/ Frame AB66 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2835067271640315872
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
bef2c56ac4dc5ac6175e313afae36e5ea0f1a1a4e5f717ec0ff66a6f5c8fb74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:15:16 GMT
x-content-type-options
nosniff
age
357620
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85693
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 15:26:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Aug 2024 00:15:16 GMT
l
www.google.com/ads/measurement/ Frame AB66 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhbdbeJYSlIQYkZkWdJ1uY2kcTmVCm3PzW0g-iE2LwIL907wdfVE3jHiAT_c6COGPf6d_aiMJY7ddfvBGZrwa5EBBs6w
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 0E1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzgh-5COsk2tOi58IfRLAyi2MRBnRfeD0Q1hwQk8xq3zz6gsKtfFuWqlA0QQs0CPfroSR8X1pxg5DrNa6JcybeBzazKAx9W3eBYlQ4Ae597OVZOCn_a2-8SxgKrZlv_xz6vQ7RzQVosicPZ8PiluVJS5Tji7L1Z0W9TcNZOAq5e7QcW28OdaaxIJbUNxNt8OSZzc1kvAm9unDa9WzpGlNFCBS4vPw3bh2n0RufQdpEV5wferkR26_NnRtNrbbyz-cQbdw5wdfbzsF3WVcjtmL9n45HqnBCIBX-nIbUYAAP9OqWcPEP3fevsHcZSiOPjH5K3gRoxehPPuyW_GOzR6DXfBRHwR8JTkOGdNY&sai=AMfl-YSlaXLjc38g1OW4vOZz7THxhARTi1e3YxlzJfBNl11jLoDRYXzj_R_7yAlAln2JULAh9tNpvoa91V7z0apE4PMfh7gMYC3jUze6MTSs8EatnVk2rBux-8_c9i8dFNo&sig=Cg0ArKJSzHO7ejI3N3E2EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 0E1B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
48898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 14:00:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E1B 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:35:36 GMT
13750746038314746937
tpc.googlesyndication.com/simgad/ Frame 0E1B 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13750746038314746937
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
57831e5d0327296d6be29fdbff260ba2d9293e42046ec3dba7b47237c8121bba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 00:12:13 GMT
x-content-type-options
nosniff
age
12203
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103525
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:19:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 31 Aug 2024 00:12:13 GMT
l
www.google.com/ads/measurement/ Frame 0E1B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFZNeaTp9fHmWc6YOyPSKAdERy9NKlRt6Br5f3sAHVmZsH6o3sVM3h0BidTaYln9DXjl_u9FuybPUWi1pVCuXgYjYb7A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 6782 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKRnJFCRLcY8jgsLNmjWuqMJ35fU0sOnOcejYG_SHAAmgXw_Go3t4EdPmNHXJ0-P2N1NP6LCmNJu2kkLF7EOxOmflnZRib3fpzfWJtMSAkeMcF_oDf4FBQiFNZAzSG6pyF5c4IRUPzMW09TQrsKE7zXs8KoS0obtP06dhYSUsXOxMzMYinGfgGySDtltZGIAAA2uVd45_LyQzOtyWQrzElPHtHaj_Mjk8_rz3jYJl-b3ed8EB91W2zSwuzw5o9yjbjUQTct2ccnD10OanWet2bXfsjgVZIvxmHT2hVyLEWGKxOgnqe1yGdX4RLNgl0IzoY1P1LZulZOQ_Quhcyw_XTfeJdfsypM3afltA&sai=AMfl-YTAQ4co4VfhBbtr7ICg9miMK58CoGDPlngHagsJq3fnVLmXU-0FHXxFviYSgtwe-rRTHlbBo48V_o9q_hnlY9LgJmAyRoK7n__VCdTyhjqklHN89-b8VwsnJ2y0vLI&sig=Cg0ArKJSzNOV1AS_PNsuEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 6782 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
48898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 14:00:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6782 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:35:36 GMT
2067408762714973922
tpc.googlesyndication.com/simgad/ Frame 6782 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2067408762714973922
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
ed88c46660034c43015d10f6267203692a277a5bcb4f130a8175f4f0828d53c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 00:12:14 GMT
x-content-type-options
nosniff
age
12202
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123171
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:19:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 31 Aug 2024 00:12:14 GMT
l
www.google.com/ads/measurement/ Frame 6782 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAcb9azE-xgTgADaR-7_QIyZz07e8ezjC-kaWexIdc6g_cxA-TAGP5OfGuL_nZrrHbFjTLPad-YRRcZP3Gwf3S-eE-Fw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
utsync.ashx
ml314.com/ Frame CA13 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=1203258409
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:35 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Fri, 01 Sep 2023 23:35:35 GMT
938868486417794075
tpc.googlesyndication.com/simgad/ Frame CA13
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXmmPOdEGlZOUaeXaIhCpbCyc24BArfNtw96iV58NLbQ0MlpIlj22NkA9A9_MfwSf_ednFYZqUA526B1N248v7hKdS4BGO92mphiEPfr8cQ502QHSvwFMkmORnOqT-HYtPzLqKEB4cV...
  • https://tpc.googlesyndication.com/simgad/938868486417794075?
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/938868486417794075?
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
ecc48c5d07bc999ce015cb02d037832476425803ebb65d21392c34f8c827121c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 00:15:16 GMT
x-content-type-options
nosniff
age
357620
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29544
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 18:53:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Aug 2024 00:15:16 GMT

Redirect headers

date
Fri, 01 Sep 2023 03:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://tpc.googlesyndication.com/simgad/938868486417794075?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 1D99 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
821967e98729d5564ad48944dd2434f34a262f13c70ffd886ba9befc7aabced0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EBDB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2792fa81d4cca0ba021c36ac27ded96d24a6605cad98262885cf3bbdfa1193a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F827 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0832abc08ed189fa1e8cb7edf4829b4c9492ed5249641c4e5db34e3e9f7d5b58

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AB66 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e756ecacf63174d7c0a2b5642afbb213e3a0d420982030bd0ff7625664dd6f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0E1B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebfeecc910237be4bc8eb2b537298f796b2ebe688d6f11d11a9cde5c1cc3ec62

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6782 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cbc79dcc2e338cfddb918cbbd24ec55f691ad11dadcb4dbaf3febc229a9c036

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
5cb8e04d-c2f1-48b0-bc91-18c36efbd0e0
c.lytics.io/api/personalize/04efff7793bfc7d9b702b19cc7b0db31/user/_uid/ 		129 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/personalize/04efff7793bfc7d9b702b19cc7b0db31/user/_uid/5cb8e04d-c2f1-48b0-bc91-18c36efbd0e0?segments=true&mergestate=true&state=%7B%22_uid%22%3A%225cb8e04d-c2f1-48b0-bc91-18c36efbd0e0%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A-7%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.benefitsandpensionsmonitor.com%2F%22%2C%22_v%22%3A%223.0.33%22%7D&ts=1693539335799&callback=u_441902720920983800
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af068428232286206e3d84b7772b98ca92f2a631c7a24834c6f336759964ec8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBm4TVpxdI146OT%2B%2Bq%2BzSkTB5i1gMaorRpwF4L6BDbUOeK2irpcuQ20dI%2F%2BCZXmQOehTpAuCC7QxKvclPwEyb%2FiLz8Z06yZx7R2LksjSKgKeu8UAQGGMgGz924KM"}],"group":"cf-nel","max_age":604800}
cf-ray
7ffa76d0d846a241-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/c/ 		35 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/04efff7793bfc7d9b702b19cc7b0db31?_e=pv&_sesstart=1&_tz=-7&_ul=en-US&_sz=1600x1200&_ts=1693539335399&_nmob=t&_device=desktop&url=www.benefitsandpensionsmonitor.com%2F&_v=3.0.33&_uid=5cb8e04d-c2f1-48b0-bc91-18c36efbd0e0&_getid=t
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FN7o263ASnzph8y6zwBouLOIwj1nzxDd8r2XZk7w95r0sTlvA17hKozOdvJ8vE6R9e24vzN54jB7TZ7KBZ0LJC0CGqTp8h518O67mUtp2qDfidyFyzpKVmbh33XR"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
7ffa76d0d857a241-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3638205844146356254&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638205844146356254&redir=
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638205844146356254&redir=
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
HTTP/1.1
Server
35.174.26.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-26-129.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-01a1d8c7a.edge-va6.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6fDbCOvKTKY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v049-073f507fa.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
vGww0tR4S6s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638205844146356254&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3638205844146356254
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzODIwNTg0NDE0NjM1NjI1NBAAGg0IiLjFpwYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=5904e7c8a7969fc55114a1d5569bb958c9c54e874112e62a111703f15e9f13e0f4cb09cee1a4f8eb&person_id=3638205844146356254&eid=50082
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=5904e7c8a7969fc55114a1d5569bb958c9c54e874112e62a111703f15e9f13e0f4cb09cee1a4f8eb&person_id=3638205844146356254&eid=50082
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 01 Sep 2023 23:35:36 GMT

Redirect headers

date
Fri, 01 Sep 2023 03:35:36 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=5904e7c8a7969fc55114a1d5569bb958c9c54e874112e62a111703f15e9f13e0f4cb09cee1a4f8eb&person_id=3638205844146356254&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csync.ashx
ml314.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=0af96244-d699-40fe-b695-33241c7aa728&gdpr=0&gdpr_consent=
  • https://ml314.com/csync.ashx?fp=0af96244-d699-40fe-b695-33241c7aa728&person_id=3638205844146356254&eid=53819
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=0af96244-d699-40fe-b695-33241c7aa728&person_id=3638205844146356254&eid=53819
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:35 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 01 Sep 2023 23:35:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:36 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
location
https://ml314.com/csync.ashx?fp=0af96244-d699-40fe-b695-33241c7aa728&person_id=3638205844146356254&eid=53819
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Fri, 01 Sep 2023 23:35:36 GMT
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638205844146356254
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638205844146356254
  • https://ml314.com/csync.ashx?fp=5fd60f2e2dba0ec7241206ac02137610&eid=50146&person_id=3638205844146356254
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=5fd60f2e2dba0ec7241206ac02137610&eid=50146&person_id=3638205844146356254
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 01 Sep 2023 23:35:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:36 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=5fd60f2e2dba0ec7241206ac02137610&eid=50146&person_id=3638205844146356254
cache-control
no-cache
x-server
10.40.3.156
content-length
0
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2vN5fvbthjyA2OGGXQKKam1tFH-R6bj7Pp0fick4f24Q&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ml314.com/csync.ashx?fp=2vN5fvbthjyA2OGGXQKKam1tFH-R6bj7Pp0fick4f24Q&person_id=3638205844146356254&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by
Host: www.benefitsandpensionsmonitor.com
URL: https://www.benefitsandpensionsmonitor.com/
Protocol
HTTP/1.1
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 01 Sep 2023 03:35:36 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date
Fri, 01 Sep 2023 03:35:36 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
expires
Fri, 01 Sep 2023 23:35:36 GMT
truncated
/ Frame CA13 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13cf170da16ee0165056ea7d310e09c8a08abd0359a536f4e253763ef18277cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1D99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxuSwC_HXTrsgsQGR9anovOc2VikfRdFaMhj2s5WEuvzbOj2m_xcJ3qp07Fg83qKJRiXuSw6B3Be1NvmPR22CbgQRMTvQ5GXD50ZkT58eYWVBJXJrWIsLPuq7dG3FcAV_F3gG3m9a-rgMMZoaidPSQGOqc0IqxFEDcL2lu_g4C_XW5e_cZr_UEob2jwPxA9wDPv8AID9bkdjkOYKrL3LW1SgewpbC8b3rcR8TtyrEuUVYGe6WzPLOdIOWfIN38ZClYfFzjjTlmhpWVnie4hjWmFPgEf4d6UMvfwkB_mJLTjuQucpFhmwr4O6DS98jvHnIBeyxFiANILq5lqdo3dFtJukwUUL8MQTghbejx78Dp1_qnaTeWCSoK&sai=AMfl-YRpJPAV6QR8UpT6BFlcEUzdac8_KlF-qyJtDEt6AG8vgFSLZTlpGOfubAxq1d0mSzICYAHoqxgrjqTGkpv8CnuKnzRciKAFYdRKckg3-fx18sEQt2zlwdK0uYZYd20&sig=Cg0ArKJSzPsInCxdr_0gEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 03:35:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F827 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQeYy60_aDrOUum2N2AkrURcFLpFhhyyfMTgwaoHZYrI3YCQ44AElZD8xPQmr8NJxLqo3QMIPrnkQPLoOF7qmWP9_Ckpf7DMjVS51zHzF0yakCJsOU5pEQRY08f4FdrRdvC3ECBm_Htys1D9MPXzA7pJoj9A3r5VSU2k2xZhXDZcur1tTygENgrfgQIMFQaBUwBXWkUyZnsBS6lZiImNRgVQhN9CBwc9X67iACdJD4PCZaZ8ni8QjDWk-SgqNCZU6EzLlTomjE39tW_I03DuDDQ86Ps4IKuT7wnj7fPVm-iomBsxCsN3xck_xjNpJXRGubwcDRebmwT3G4edIngRGyrCkHyIttmhy0nL7H7PaIUA&sai=AMfl-YQAyAIXIuXKML3S7GJtfS1bJEFzqHiGdu4fxlReh_bUDMN9tTrNG6kqC9UDBcL8gcnj74D9gdMxDkHlHh2Gku_7WpMxaUtmSZk7BwDWQ8GudN5oVMKNWwBfyOa3iHQ&sig=Cg0ArKJSzFvxg0F5Ki9IEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 03:35:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EBDB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAK2MZNesRFefcpsKytSMizzwWetAkCyKnTcXj3Kk2UCVK-xFkkhgusUbaIfVg2qtvoOqZ-N2TCgWCyjf51dxhJTL77dXgOpuYJdDRc0fNTpmyjTnb6Vx4cg5J8b4ZPU2BwUsjzKRo40sMFXylwAQzaVfnfea9IcxS9JSs8rRDPVkogYHIZYn_TTVDqokZq8TeMIh40F-3w4sU6eNuX1bbPU-C99WJ_m66-ckIGZoCm-OVU2RdPiCEcEwVhsehde6VHM3boHrj8B3ZW_iRE5cR39hmKsO_x7ZTJOWA0oIjkYgR2bawBw95v9mMW4JrW6nz63FsGKq0s7XYiDOgPC1PrG-tLApuYOBuWlDkVw&sai=AMfl-YTnc3PY-sTCNmpdZu70dYC_jk5B2v3Q_aou9E_hBhZZuI1MJf_D6SQGLR6mt_H9Lynp_9a-Rl2hyu3EKL1CPccrEPqtcMwC9ZMJPZNuLb9AepFxGqGn5kZ8AMQ0FeA&sig=Cg0ArKJSzKEyQymbMSQxEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 03:35:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZWe5VwnZO_Zj7D-EG09INhS-rrWBcoBrWF6F51g9MpuNlBUG1Fr8UWkMBopf5WRkcysRJcBuvQcMKebSxuw9ynRJJUK4wdeHv-JpP81TApYWSESJI1YiqHnFtcFFOLxt7LNqJXeMe17EFzZxi17TmBefuRrA47tdROSn4sHdj1DXJKabpMRnbJeogeYw4Zlv_wWk5McNOYV-pHQJ-Gev1Jw0sSoUQW62eUiBxIoGsEp6zW6fLrqttGAMyjw0r9fygKg6WpnOf2A-6kTQfCK6XtQaoXM7QxXlqIpwejk22OVVJwboDy5RAtr858q9WnsoU2vDN3MOlLXFknP4DAnwYswIS8ppoDFsBl3nXuA&sai=AMfl-YTBQv0uyZ0F-RjidtahhuHTm3wQ7a9_XrvIwFhQ7D0zdk139WK6NKr4i-clgbWVyGteN14DSnirL5vVXln9XTyGyZ8S7kbvCnsOd9QWh62Kv83cvst2mapWvcICj-c&sig=Cg0ArKJSzDJugVcYX2VZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 03:35:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AB66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvqlFu5rZ7npidQXZpizThM466NZ_jktlRvDhoBSGU-2AfVVZzFGbzFY2x9RjwsfQyt8hwiKRu8kT0jMTrl8sLLcSYZ7K1G1pofKBj7zjJ0xM6AmDKcXuCwUR15LFDH3kyA-0DkRlPhbGwoRc1KI2XjYeq1kmCom8j_Ajim6ubnZo9K40fVOmdQxygL8zrVPo7wn3DEXj4XTdD4diF4Z6mCcQefGaChgr_F62otbyuLWxL0j0dgL_O-7gDCwxPwi_e_btZH1ak33vv7zc21kcMBQZPrP6S6afdeMCfpPS-gBCPgaQ4tWPl6eqLFBmSer9JIhD8b1gs8AispqWsXUwgiiSO0u8h65Me-nt66A&sai=AMfl-YS1ug3l9TwbNAL-cn0OFZuGNxef08tD54KD0mKmVdovPKJ-YnlhGdDgIh0VadqWsX9rVDEEYvJiwiMFkEqX-4Y8hZQKbqeaS6axJH89Ic3rs8rLF68NYMbBGiLg47U&sig=Cg0ArKJSzDakMHmx8QnsEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 03:35:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6782 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXBAEfKAg7vEMCjqQzWyRMn0KUVCBGVJnAgbudcz-aUCVaV564kTiFG_8M0NIKOWbCufX7J_WQcrvHQbQvSZGGwI-i_tnM3vteePUWRE67FxObxe61sgcTAl-ycL7nEENBBrZFQdNTLAdIq1roIJundg6gAWZeu-HfoFm3uS1uxSbv_snWzEe3DDL_iCB-2ORiXlc9FY-skO7ahIraFzEAzOlIkkKfiWDB5Xj0d5tHwxOmlvjdEq91-JfQmUGSMgu5U58nkTwt9bZz3sjnWbgITc6GLAjKe3iYABzHYr_yv2HOqAcEcZr7OhU9ohWe3wW096M0uL84bB7TUsZEOfTziqF4D0VZBwUdqgESZA&sai=AMfl-YRg-eIkQmodi0dCvi5NRaCEh39KUq-vTtQxTKsNDnA-_5yEpDYPJndEYeL4nmoFxdKkTYxHLr_OhuemdeAaoF-dESADK29IoCf8DErBH4d-RB1ymEoo3I_pjxHl6Uc&sig=Cg0ArKJSzF5lSLHWJ7Q_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 03:35:36 GMT
pathfora.min.js
c.lytics.io/static/ 		102 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 01 Sep 2023 02:41:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3222
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIERaqsjbGUaReJlxRjFIacAPqOGvK5eNwlPf5gOiXkxIEmweDoxYHI26HRUWX2mvJyKFKJ1MBvsAhRCuOcWdS76AorC%2FPDXqiz5JLluWN10j82FgDwBtUm0LjXO"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
7ffa76d60e46a241-YYZ
pathfora.min.css
c.lytics.io/static/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 01 Sep 2023 02:11:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5051
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEkjspDcv4fudO7gcxrnDT0s9b%2FdX1rWh0pxbXWLf%2B4dnOjIlJh31RiERlC1%2F%2BZsd%2FsIXBRDX7v4DUoXLCXikOS1vEWQlgodzK00Gzposa2w%2Bk1vBhJP2tiER7uG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
7ffa76d69ee9a241-YYZ
keymedia-overrides.css
s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-keymedia/ 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-keymedia/keymedia-overrides.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.245.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
60af7613cf5b70b4cd558546dd7ecab78792b7ed6b8effa9545dac4d3aa1fed3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 03:35:38 GMT
x-amz-version-id
RoULxZLa8MySYtKed9nogc1kMebkcN9D
Last-Modified
Tue, 27 Jun 2023 19:28:34 GMT
Server
AmazonS3
x-amz-request-id
NDCTWBZ9262EDWTJ
ETag
"f8c3b423a6979b406e7c46d98bf9680f"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
59588
x-amz-id-2
xVBahXRp283oPxCKZi5rAwz9fQYxlZTk2MErZ4FROnBYGJP1fdoEDkf1Q+t6NR9916iqsj4S0WY=
config.js
c.lytics.io/api/program/campaign/config/04efff7793bfc7d9b702b19cc7b0db31/ 		399 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/program/campaign/config/04efff7793bfc7d9b702b19cc7b0db31/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3944e77604c3af0b15334cfddc46ab697ef0bf9c323f50b7186c90e8b5c13b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:36 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 01 Sep 2023 01:52:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6211
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAzlptbl8%2FAxEnFpLqzsnDnU34TCbzQ7gQWy8etVzjx5mq0GRoDrX38Ap4h3pPwIu%2FsNPFyaJc3MYi92cQkYMemjBPJ1wtUeZekGnWQgPxDVShM125nN8RnJFHSj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
content-encoding
br
cache-control
max-age=7200
cf-ray
7ffa76d69eeaa241-YYZ
activeview
pagead2.googlesyndication.com/pcs/ Frame 1D99 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzwn5hVQE384kJeKUomKQxdpb7PXGBGWd9bH4NYMeSbem51T4DJzHLQc7Sd_LVm2eXSpm365UsR-REBJMNw8L5rmOqceAxBwFnxcnRss2Atvxrx3ZG7CuKqJh7uqf8&sig=Cg0ArKJSzDmVL9v7u_78EAE&id=lidar2&mcvt=1045&p=296,480,776,1120&mtos=1045,1045,1045,1045,1045&tos=1045,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3997940034&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693539335549&rpt=719&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EBDB 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgaPKfHYfuyi-ui53NpsvaodjU32GBl-tndxeY41QMmFdUxDxNhT0v0B9oYyR1-uXtbCYkJblpaZEYJjkRxyUZPxOL5TZT0V88ElaHmhb7Dw-tgf1yqPVH2TycGR7U&sig=Cg0ArKJSzMMk9-C3Ir8aEAE&id=lidar2&mcvt=1049&p=120,315,370,1285&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=212881916&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693539335570&rpt=759&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 03:35:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308300101&st=env
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d5e0a1dad05d86085ed016e1fba682639854b9a4ba10a755f3392d294666a223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11749
x-xss-protection
0
track
eastus-8.in.applicationinsights.azure.com//v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eastus-8.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.188.247.146 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.benefitsandpensionsmonitor.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 01 Sep 2023 03:35:36 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-request-id
615860d3-16b6-44cd-9835-abdcaddf4635
track
eastus-8.in.applicationinsights.azure.com//v2/ 		49 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eastus-8.in.applicationinsights.azure.com//v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.188.247.146 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 03:35:37 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
x-request-id
410ca178-d425-4778-a8af-e0604a5df860
content-type
application/json; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 03:35:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A8B0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
499571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Aug 2023 08:49:26 GMT
expires
Sun, 25 Aug 2024 08:49:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2454 		829 B
978 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
a0f10243baaa03371733f0c4561496cc856b69af89611f4967ae5af94c3c1873
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GO_12GWgvGWF0havgcM7OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.benefitsandpensionsmonitor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-GO_12GWgvGWF0havgcM7OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 03:35:37 GMT
expires
Fri, 01 Sep 2023 03:35:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
pagead2.googlesyndication.com/bg/ Frame A8B0 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:24:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
220270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14930
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:24:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2454 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308300101&jk=511104358274274&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A8B0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5zb3mw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 03:35:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308300101&jk=511104358274274&bg=!BQalBknNAAYHwnCgJ8I7ADQBe5WfOBRTzOMGhL90G1sDGkjJnbGO3dd389Ix_l2SiEyLkG0sBvoHq9lGouyHqi212uApAgAAAOdSAAAACGgBB5kCxC_hYKSUO4G_9ZZqIMnGnV6X1LsEL1zlto3fZAOFjBB--sseni3EuHlZI7T6uN176U-BP7dxJieU-2j4yaWGxTl4_rs0vOdi7oaoTz1woGCA5g2QYEcieSFHhf8U30oYhhSil-GcLGWMzZHHHxaRNdIKT251GTFgPT5L9ZvQFgIaiBLjxn_O8j2vT8t-OjnkER9Brz6AgqcW8deKflTz77cm2YG-DUtn9PgPDQE9jTMgejm5vjjbYmr9w6IfYn_RLhpFz86HB__dLiBlDTA1bxHLaJ5aLGbUcC4PYeoLhE7wcyLfAWfeoTKJpbPCLCPJ3SggOEjAyHH9cd_kW5sNF5VtDsV-Scj9GGzPtWlbd65jyvHZodkFKw_-p-p_MS7GHC2mt0ib-gM-KkVqjhP6Msxep6Jjgnpdt-xfGhJPE1dZNTzEvAE7b3dyDcHBaSeD7ad_LqxcHG9o8Rjv39_gUZdPZppYof7c9b7pu11M3pQVYJUe9GmUOsn1zHUMB_-woDE-Bhtwvb6wpSK3y3rTHyeGkRVkWH5mVoGuIQrQaYBHgA5EIvh40w8YuztGf75hEYIqw5C6-ZXHgcYIcUob3KzktNp3wdssSysiGpkbR7rzFJrFbQvHEolPmXNIhg6pCO7p0TZDvIC_GSFb5JoSZVlHqNsha6cISDrxq_eIyB7oqK60r3y2wTtQXwwBSE-7oq6-Twb0uP9tLhg9hXrDrsTfgl9G_grwB_h6_toDz1hm-TjoLwATcn5BbffYvhHRkcqhrAhhiL-zRxknfYTufhzUyt0vqerhIv91wd_cYhSwm0fyJzEaYPAodBuiMaXMnOCldouNdg0bfDK_F61CCpWiDGtb542CHCzuD8epqNKhbJ7sxU-2J2kLfxWNOkAHf-H-xptkqll0oH7EVO8aG3yuQz8hnZakMwHJNFr7I98_o-0mKw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.benefitsandpensionsmonitor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| googletag object| dataLayer object| appInsights function| whichTransitionEndEvent function| dismissIntromercial function| _ function| ListPager function| requestPostitialOnScroll object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| GooglebQhCsO object| jstag object| _ml object| regeneratorRuntime undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| __lytics__jstag__ undefined| u_286600047629661060 function| e object| n string| t object| r object| o object| a string| u object| c object| s object| f object| d object| Microsoft object| __dynProto$Gbl function| onYouTubeIframeAPIReady undefined| u_441902720920983800 object| pathfora object| GoogleGcLKhOms object| google_image_requests

27 Cookies

Domain/Path Name / Value
.www.benefitsandpensionsmonitor.com/ Name: ARRAffinity
Value: be8e3dd333164ca79388c17e0e4056ca18576f131f2dc72d8c5c96ccf4cad0f9
.www.benefitsandpensionsmonitor.com/ Name: ARRAffinitySameSite
Value: be8e3dd333164ca79388c17e0e4056ca18576f131f2dc72d8c5c96ccf4cad0f9
.benefitsandpensionsmonitor.com/ Name: _gcl_au
Value: 1.1.818068964.1693539335
.benefitsandpensionsmonitor.com/ Name: cf_clearance
Value: m8BjbjFn2mWbKZAQAmBwAUbDyYcTAw8wFPb_LY9Jbfg-1693539335-0-1-26f6478b.cb8def34.71f7186b-0.2.1693539335
.www.benefitsandpensionsmonitor.com/ Name: seerses
Value: e
www.benefitsandpensionsmonitor.com/ Name: ai_user
Value: 7nafnsLy83xW3wHGkI7Crp|2023-09-01T03:35:35.424Z
.doubleclick.net/ Name: IDE
Value: AHWqTUlAMbjiZfsn-CLP-WhHEw46LdzF0y50W9Nwo06Iefpq8SGg9NOEhOXGSP7afN4
.benefitsandpensionsmonitor.com/ Name: _ga_6PGJWLVE01
Value: GS1.1.1693539335.1.0.1693539335.0.0.0
.benefitsandpensionsmonitor.com/ Name: _ga
Value: GA1.1.369381993.1693539335
.benefitsandpensionsmonitor.com/ Name: __gads
Value: ID=eaac3d74621d1692:T=1693539335:RT=1693539335:S=ALNI_MZJGuRNNQOVZbKklOmON9Qnoyc-rA
.benefitsandpensionsmonitor.com/ Name: __gpi
Value: UID=00000d8f3d41df51:T=1693539335:RT=1693539335:S=ALNI_ManSdIKFMDOH5kCC3C5mGtUnjWvPw
.ml314.com/ Name: u
Value: aHR0cHM6Ly93d3cuYmVuZWZpdHNhbmRwZW5zaW9uc21vbml0b3IuY29tLw==
.ml314.com/ Name: pi
Value: 3638205844146356254
.ml314.com/ Name: tp
Value: 4%3b8%2f31%2f2023+11%3a35%3a35+PM%3b0
.www.benefitsandpensionsmonitor.com/ Name: seerid
Value: 5cb8e04d-c2f1-48b0-bc91-18c36efbd0e0
.lytics.io/ Name: seerid
Value: 5cb8e04d-c2f1-48b0-bc91-18c36efbd0e0
.rlcdn.com/ Name: rlas3
Value: 5fXoG6GPp/uY4Q/EazdVNp6h0Ad5+BMAiuRad3KELjk=
.demdex.net/ Name: demdex
Value: 33726384873974857122814781702604803842
.adsrvr.org/ Name: TDID
Value: 0af96244-d699-40fe-b695-33241c7aa728
.eyeota.net/ Name: mako_uid
Value: 18a4ecf804b-3fba0000010a4c4e
.eyeota.net/ Name: SERVERID
Value: 19534~DM
.rlcdn.com/ Name: pxrc
Value: CIi4xacGEgUI6AcQABIFCNtOEAA=
.dpm.demdex.net/ Name: dpm
Value: 33726384873974857122814781702604803842
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHZDB0cm8xahILCJCpwZrRqZU8EAUYBSABKAIyCwjWi_bE56mVPBAFOAE.
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 5fd60f2e2dba0ec7241206ac02137610
www.benefitsandpensionsmonitor.com/ Name: ai_session
Value: 7Khy/X1mZvKYM98PBsxM/O|1693539337508|1693539337508

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com
c.lytics.io
cdn-res.keymedia.com
cdn.sajari.com
cdnjs.cloudflare.com
dpm.demdex.net
eastus-8.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
in.ml314.com
js.monitor.azure.com
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
ps.eyeota.net
s3.us-west-2.amazonaws.com
securepubads.g.doubleclick.net
sync.crwdcntrl.net
tpc.googlesyndication.com
use.fontawesome.com
www.benefitsandpensionsmonitor.com
www.bpmmagazine.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.17.24.14
104.21.78.22
104.26.15.213
104.26.2.22
104.26.8.198
13.107.253.40
142.250.80.104
172.217.13.130
172.217.13.131
172.217.13.138
172.217.13.161
172.217.13.162
172.217.13.163
172.217.13.193
172.217.13.194
172.217.13.196
172.64.102.11
216.239.32.178
34.111.234.236
35.174.26.129
35.190.50.98
35.190.60.146
44.206.56.174
52.188.247.146
52.218.245.104
52.223.40.198
52.55.144.0
54.236.146.227
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
0832abc08ed189fa1e8cb7edf4829b4c9492ed5249641c4e5db34e3e9f7d5b58
09aa06d6fab5091123ebb092899db977cb61633bbd03e4a3734d4f2251a6e54a
0b2b5c06d11b49f1a09b3c617f06d571638820619a918df7141e86d0157a996c
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0ce5ab2ba42b06635fc31861575b5c6d6c0dfd0408f42dbff8e688f49cb5fd2c
0d31a69f7ae0d174b9e6054ebedb533ffa1c85de012409db3fc16fcdf9cc525b
12807f50ffe0732ac3d06433a7c4b9ff18886679969f2f969140cdcab188a9f1
13cf170da16ee0165056ea7d310e09c8a08abd0359a536f4e253763ef18277cc
155d083e71e7ab6e2eb5da29b26f8913c992b80198db9664167bce6808af23b9
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed
1cbc79dcc2e338cfddb918cbbd24ec55f691ad11dadcb4dbaf3febc229a9c036
22f7d96cec1bb8460edaad31832a5a5eb464d5fea528118c7ac2de337dafc2e1
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
278fbba3583522a49245597896e90e2c0f993460684f186255e4ca36fff4fd83
2792fa81d4cca0ba021c36ac27ded96d24a6605cad98262885cf3bbdfa1193a9
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3d9139eb008a6920449b04b7f2d0f7a2695867ca922bb43436f48c2eb88a9f70
3db368eb2198fb7fabd18447ec5818684af2d37c2d278147e382dd9091908f49
4650d312f8c19f7d298668d579d9fbfebbd6617ec6adf053fc6b1b981ff37295
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d5b1ac53005189384f74813e302b0a37aecef86ed8ebad03303f66c39e3642f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57831e5d0327296d6be29fdbff260ba2d9293e42046ec3dba7b47237c8121bba
58ba5232b0e1a8b412486138c17d3ca160883ff364a4bb78d638c5975c8e112a
5b11731cad9b522e095aa57c5323bc4e60bf5c5ec3ca537507708dc6e4c6596a
60af7613cf5b70b4cd558546dd7ecab78792b7ed6b8effa9545dac4d3aa1fed3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
667d77669d19714ac96c979a077c8c1ddeb43e5d9b425bf78da585cb92935dad
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
780ab4a7c1c3d4f6a0f184d02da6b7a1f40d7f6c66de3eaeb98eebd4298f6247
785c1f4b0f336168b4c4a5a048fbdb936d8b0c2c2eac51aed8413c143c41ac37
7db9b9e9c0c8b1e3044085f6c1b663396441f9a9fa64f68dc3bc805add9d3877
7e756ecacf63174d7c0a2b5642afbb213e3a0d420982030bd0ff7625664dd6f2
81b2a42fe9601870364f23ee6cfb94073cfdd6a03a70802a54bd242b88cce769
81f3524a047e935982417031e51ea8b28a6bb30e47d65a65d0c94b88178453ab
821967e98729d5564ad48944dd2434f34a262f13c70ffd886ba9befc7aabced0
9144bec734c58e9d3572af36cff4da4bf48e51fb34480657a8991191ac1d33b1
986234269574843718b280cee20a2027b06a5a4d4ed4a2109e4702c91980ee81
99ae26c1a22048b879b145ace32446b3b92cae268ade305cd6e89bb885b5bcc4
a0f10243baaa03371733f0c4561496cc856b69af89611f4967ae5af94c3c1873
a3944e77604c3af0b15334cfddc46ab697ef0bf9c323f50b7186c90e8b5c13b0
ac449f31778db9344bb6418a7c6508c4e2ca63758ecb1a981c7ff1e3f850e026
aebf9956840a795c31489aa11afd8f9ae40e6b39805e04b6e43c9b57165dca8c
af068428232286206e3d84b7772b98ca92f2a631c7a24834c6f336759964ec8d
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
aff5c482161de24d68eaddba9e083af6a0c933fbfe8a019e8cd9a84fbe5d4786
b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3672e8f53d4cd14250c0d76315fa94c7311da3ce7235696d1aa6fa39388dcb6
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bba85d52f419bb9365d86381e26312d66637098838f5a2a5aba5a2a50bd0babe
bef2c56ac4dc5ac6175e313afae36e5ea0f1a1a4e5f717ec0ff66a6f5c8fb74f
c2715bb49acac0e05315dc77f23865fedfdece501545159ef31567892fe5e9f4
c758a5543c7690899adf42a579f60ed96110e2af132187b42ea17dba62c506ef
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d5e0a1dad05d86085ed016e1fba682639854b9a4ba10a755f3392d294666a223
dc765890aaaca37c31fb572ff9db7356e17cb243265b78533e19d97f32752b42
dd9999fadf0bb627e2350c27cdc9e2e9eaf4054833b7431a2a4df092ae3554c9
de5cd45cccf973d02676e44e13c0209769eb7d8cfce2fcf8139238ee982f47ab
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81b1fabcad383b9a055d05d4c601c353872536aa6cd7f83be4e44cebef904f2
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ebfeecc910237be4bc8eb2b537298f796b2ebe688d6f11d11a9cde5c1cc3ec62
ecc48c5d07bc999ce015cb02d037832476425803ebb65d21392c34f8c827121c
ed88c46660034c43015d10f6267203692a277a5bcb4f130a8175f4f0828d53c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1
fdba2f4a459517b25d2cb5d52122aa87296fcbde18c53a2303fd62db13e8db53