Submitted URL: http://mailer.mailer-unemploymentclaims.org/click.php/e145417/HdW5lbXBsb3ltZW50MTkwMjA2LHVuZW1wbG95bWVudCxodHRwczovL3VuZW1wbG95bWVudGNsYWltc...
Effective URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Submission: On April 09 via api from US

Summary

This website contacted 28 IPs in 4 countries across 29 domains to perform 94 HTTP transactions. The main IP is 3.23.162.14, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is career-assistance.org.
TLS certificate: Issued by Amazon on February 19th 2021. Valid for: a year.
This is the only time career-assistance.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 144.217.108.245 16276 (OVH)
1 52.40.196.31 16509 (AMAZON-02)
1 52.5.128.167 14618 (AMAZON-AES)
4 52.218.196.139 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 52.89.11.50 16509 (AMAZON-02)
15 3.23.162.14 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
8 116.202.46.88 24940 (HETZNER-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 199.232.137.44 54113 (FASTLY)
1 3 104.111.238.139 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 3.120.24.152 16509 (AMAZON-02)
7 142.250.185.162 15169 (GOOGLE)
2 2 35.244.174.68 15169 (GOOGLE)
2 2 35.186.253.211 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
2 2 2.18.234.21 16625 (AKAMAI-AS)
11 2606:4700::68... 13335 (CLOUDFLAR...)
94 28
Apex Domain
Subdomains
Transfer
17 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
211 KB
16 career-assistance.org
info.career-assistance.org
career-assistance.org
1 MB
11 bannerflow.net
c.bannerflow.net
112 KB
11 doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
34 KB
8 servedbyadbutler.com
servedbyadbutler.com
23 KB
4 bestcareerinfo.com
bestcareerinfo.com
128 KB
3 google-analytics.com
www.google-analytics.com
19 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 google.com
adservice.google.com
www.google.com
1 KB
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
64 KB
2 casalemedia.com
ssum-sec.casalemedia.com
2 KB
2 pubmatic.com
image6.pubmatic.com
2 KB
2 openx.net
rtb.openx.net
766 B
2 rlcdn.com
id.rlcdn.com
888 B
2 2mdn.net
s0.2mdn.net
41 KB
2 googletagservices.com
www.googletagservices.com
64 KB
2 google.de
adservice.google.de
2 KB
2 smpush.com
event.smpush.com
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
83 KB
1 rubiconproject.com
pixel.rubiconproject.com
461 B
1 agkn.com
d.agkn.com
665 B
1 quantserve.com
cms.quantserve.com
547 B
1 taboola.com
cdn.taboola.com
110 KB
1 googleadservices.com
partner.googleadservices.com
648 B
1 secureanalytic.com
secureanalytic.com
3 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
1 direct-market.com
api.direct-market.com
1 KB
1 unemploymentclaims.org
unemploymentclaims.org
1 KB
1 mailer-unemploymentclaims.org
mailer.mailer-unemploymentclaims.org
344 B
94 29
Domain Requested by
15 career-assistance.org bestcareerinfo.com
career-assistance.org
11 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
8 tpc.googlesyndication.com unemploymentclaims.org
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
8 servedbyadbutler.com career-assistance.org
8 pagead2.googlesyndication.com career-assistance.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 cm.g.doubleclick.net googleads.g.doubleclick.net
4 bestcareerinfo.com unemploymentclaims.org
bestcareerinfo.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
career-assistance.org
3 sb.scorecardresearch.com 1 redirects career-assistance.org
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 id.rlcdn.com 2 redirects
2 s0.2mdn.net unemploymentclaims.org
s0.2mdn.net
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 event.smpush.com secureanalytic.com
2 maxcdn.bootstrapcdn.com career-assistance.org
maxcdn.bootstrapcdn.com
2 ajax.googleapis.com bestcareerinfo.com
1 ade.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.google.com googleads.g.doubleclick.net
1 googleads4.g.doubleclick.net unemploymentclaims.org
1 cdn.taboola.com career-assistance.org
1 partner.googleadservices.com pagead2.googlesyndication.com
1 secureanalytic.com career-assistance.org
1 www.googletagmanager.com career-assistance.org
1 fonts.googleapis.com career-assistance.org
1 info.career-assistance.org 1 redirects
1 api.direct-market.com unemploymentclaims.org
1 unemploymentclaims.org
1 mailer.mailer-unemploymentclaims.org 1 redirects
94 36

This site contains links to these domains. Also see Links.

Domain
servedbyadbutler.com
Subject Issuer Validity Valid
unemploymentclaims.org
Amazon
2020-12-04 -
2022-01-02
a year crt.sh
api.direct-market.com
Go Daddy Secure Certificate Authority - G2
2020-08-03 -
2021-05-28
10 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
career-assistance.org
Amazon
2021-02-19 -
2022-03-20
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-01 -
2022-02-28
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
adbutler.io
Sectigo RSA Domain Validation Secure Server CA
2021-04-07 -
2021-08-01
4 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google.de
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
*.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
www.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh

This page contains 10 frames:

Primary Page: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Frame ID: 478F0C71B1B1A5639CA0C30316F24B1B
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Frame ID: D723EB9F7966D532B171476ABF196C41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&adk=1812271804&adf=3025194257&lmt=1617928339&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&ea=0&flash=0&pra=5&wgl=1&dt=1617928339203&bpp=9&bdt=796&idt=74&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1085133514450&frm=20&pv=2&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=92
Frame ID: 88FF00FC1938A4A385C30013F89CF8CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Frame ID: 78B5AF0BEA5D073E5F946636D43F3E83
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHVoiiK7ZLeGQvdy6pBMsXmlTZLmaK-DSYP62pteuA2pegkfR1WlYYM_fy2McMLLDkAXzApbW-x5BIlrRAc_yG7CnbggWvDUObMsPK57nGtb1giU90pFazxLwvBntfL4vs-or7sns_aiGRmRMiFt0gX6TGtuzqahU4pCH1BOlWeaG3mXpt-BZlBXE7WFHfhFogJD-RtVbgW1BcbaYR2rqscTqeDpUekNxmB2V4CCq5zhv_VWycIhYmGu0uHXpsS1UJ2MQzyzXg1YbGBvWn5h5ixwSYtinAWcKl0ySUbpgH3CdzuupNwo2CP5kvE9iC8y6lKdKKW2RrWr_Q09o8mEQH4gyJZbBwHZ2bcWD5fLcmo4OAJY0tLR6m4WRV_NBhsJd0962A4N7DmghPJbdVHSYcpR8r6nnHC3N6xSH42ZR-nNQ-z6jpcIacF_nhOEbgrH8Ewpu-rzS_PAoMS8nQii_ZjYKlxVGwr7mem9TYqpTfBJ_H7hESrOLG4ddSzCUVGmsgUJszjjKfvXfItYafAjjoFoSUKvRcihYEYD31GnFUKAAaTaDx5-Gcp9ifS0AA4-NM_8OEZ2YJXmfKFiaxb0KRdM6_P1S4CeIy19Dc4_kdQER6WNxfs7n74YPxapoOakQe70lOFX6obgEVxE1AL4CXzpGu7zkm-ahEzaC7Pjxsl610gntR18MilmViUY9g3QfdzO5p6wcPKRorRJ9TCofTajtanRy6RGLgqWqsP9XFOXP6x29y1KGGlcQHugp76idc_M0amcudcqyApBHfwNkhIs40c2-ET4SjNjCTN7yBAQJZmO3pJE-U8SCI75Um9cAbR-bePvi7hf1RX35cd0a3Ln6X8H_x2M9GFGZnmCZsGsMQprftnB11T3NxKyrBxmc29elk0s9X9SGeGbZwBjFiHMt5ZHRAS-HQqpvf3jFSGzxEN0pGds09cBOXKnzT04zxi_wcsYjKPR5VzactW0IlljorN-QK4Uftop8-pvgaRDRMcOtrOqysAHkAuAyDc_zw&sig=Cg0ArKJSzOHoFPIA18AuEAE&urlfix=1&adurl=&tpd=AGWhJmsTMOGiLurgQl5katwyHPRDfd7tNbvd74HfpCp8mvXwpg
Frame ID: C24ED1199D819863FEF9B1A30C143FF3
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 747570A8F4BD4B915488C0C69EEAFE71
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
Frame ID: CC0EC3CDFB521AE571D1A8083D86824A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 42BA386F4A7964AF92320398BC4370EE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B15AB16C0498B470C5B2B570117CCB06
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2F93fef7c3-ffaf-45a6-8418-fdafa20c7799.png&w=13&h=12&q=90&f=webp&rt=contain
Frame ID: DDF88C2A8F6240272DCB4F9DF41970CE
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://mailer.mailer-unemploymentclaims.org/click.php/e145417/HdW5lbXBsb3ltZW50MTkwMjA2LHVuZW1wbG95bWVudCxodHRwczovL3VuZ... HTTP 302
    https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749 Page URL
  2. http://bestcareerinfo.com/index.html?utm_source=tgy Page URL
  3. https://info.career-assistance.org/c/KoEeVDEG4R61BPQ3?src=em&pub={pubid}&cid={campaignid)&tg1={tg1}&tg2={tg2} HTTP 302
    https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

94
Requests

96 %
HTTPS

49 %
IPv6

29
Domains

36
Subdomains

28
IPs

4
Countries

1981 kB
Transfer

3593 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mailer.mailer-unemploymentclaims.org/click.php/e145417/HdW5lbXBsb3ltZW50MTkwMjA2LHVuZW1wbG95bWVudCxodHRwczovL3VuZW1wbG95bWVudGNsYWltcy5vcmcveGxwL3JfZ3VpZGUtZG93bmxvYWQuaHRtbA/qP3VpZD0mdmlkPTE3NzQ5/sc2ca68df66 HTTP 302
    https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749 Page URL
  2. http://bestcareerinfo.com/index.html?utm_source=tgy Page URL
  3. https://info.career-assistance.org/c/KoEeVDEG4R61BPQ3?src=em&pub={pubid}&cid={campaignid)&tg1={tg1}&tg2={tg2} HTTP 302
    https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mailer.mailer-unemploymentclaims.org/click.php/e145417/HdW5lbXBsb3ltZW50MTkwMjA2LHVuZW1wbG95bWVudCxodHRwczovL3VuZW1wbG95bWVudGNsYWltcy5vcmcveGxwL3JfZ3VpZGUtZG93bmxvYWQuaHRtbA/qP3VpZD0mdmlkPTE3NzQ5/sc2ca68df66 HTTP 302
  • https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749
Request Chain 40
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1617928339386&ns_c=UTF-8&cv=3.5&c8=Learn%20About%20Unemployment%20Benefits%20%7C%20Career-Assistance.org&c7=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&c9=http%3A%2F%2Fbestcareerinfo.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617928339386&ns_c=UTF-8&cv=3.5&c8=Learn%20About%20Unemployment%20Benefits%20%7C%20Career-Assistance.org&c7=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&c9=http%3A%2F%2Fbestcareerinfo.com%2F
Request Chain 68
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEasZJqtIxrzVVDtUUtJ9fc&google_cver=1&google_push=AQvitUL35cwEAe4jFVjELlMKzr8wGfnuKo8nBOYVeZpDdQcfxPqXcNgWwBSekgB56uWeJJ8TG7e8sAr93ePofSGkPqiTQohy2g6DAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VFYXNaSnF0SXhyelZWRHRVVXRKOWZj
Request Chain 69
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIfSix7DI-0ZZ3jk1uq-bdKjpZR9rsw8zEcwRfoD8iSIDFH68cJw8Cd6B3xpHVXN1c9U-Q9enChQJMoaDXGwEx1caf2Acx_ZA&google_gid=CAESELSG1525j2Hriw7G4FKJ8G0&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJTBvoMGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVJZlNpeDdESS0wWlozamsxdXEtYmRLanBaUjlyc3c4ekVjd1Jmb0Q4aVNJREZINjhjSnc4Q2Q2QjN4cEhWWE4xYzlVLVE5ZW5DaFFKTW9hRFhHd0V4MWNhZjJBY3hfWkE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcDlOTlpuLXc5Y3ZnZ01qazRxeTh3T2x4M01KRDNFekRNNmN4d3o1UlNvdw==&google_push
Request Chain 70
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKvbrn5jay8MvJCOaMpjmMg&google_cver=1&google_push=AQvitUI0TEsTaVZAcqUNpufmZ5MijBGqHw5rNr1JP3VvQ05BwKdZlK1_fn7aFuvTZL0tWJ9wIupWVybgukbNxHObrlbHBs8DMh4BGQ HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKvbrn5jay8MvJCOaMpjmMg&google_cver=1&google_push=AQvitUI0TEsTaVZAcqUNpufmZ5MijBGqHw5rNr1JP3VvQ05BwKdZlK1_fn7aFuvTZL0tWJ9wIupWVybgukbNxHObrlbHBs8DMh4BGQ&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI0TEsTaVZAcqUNpufmZ5MijBGqHw5rNr1JP3VvQ05BwKdZlK1_fn7aFuvTZL0tWJ9wIupWVybgukbNxHObrlbHBs8DMh4BGQ&google_hm=qTFbVO7JzF44o9KJClxpXA==
Request Chain 71
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENOW1M6goauSfYPsjN7kAsw&google_cver=1&google_push=AQvitULXzxbZyZc44FA5Dku9-EvKuWZhWVgtJbY6fO9opqZ5pO7117nUcHiLyw8voKSHIoyOxmitK8u-FUUBOthX-fQNARpUpXi49g HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENOW1M6goauSfYPsjN7kAsw&google_cver=1&google_push=AQvitULXzxbZyZc44FA5Dku9-EvKuWZhWVgtJbY6fO9opqZ5pO7117nUcHiLyw8voKSHIoyOxmitK8u-FUUBOthX-fQNARpUpXi49g&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nusb5ehAQfyxUZEy75AlCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULXzxbZyZc44FA5Dku9-EvKuWZhWVgtJbY6fO9opqZ5pO7117nUcHiLyw8voKSHIoyOxmitK8u-FUUBOthX-fQNARpUpXi49g
Request Chain 72
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB0N1nF1qG8OHbP9_EWwWpE&google_cver=1&google_push=AQvitUJoDZNFw7GrB-tbqVybWEzuNl89FHEsPOAKEgSCag5VDHzjhgpzjfmpnsIAGe28WAl_lg2iZdAos_md2EMwMFJB646it5NC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S045S1JESEgtMUstSUlFVg==&google_push=AQvitUJoDZNFw7GrB-tbqVybWEzuNl89FHEsPOAKEgSCag5VDHzjhgpzjfmpnsIAGe28WAl_lg2iZdAos_md2EMwMFJB646it5NC
Request Chain 73
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBcEVcVjhh7fAa2BUAnqEEQ&google_cver=1&google_push=AQvitUIHUgPAw0v3sU3w_AIkqBeSS7AJFhGC17wsXM50Da4ByQNwdZQR-ItIncXJgtXIG4vQxh61IyQluEz9Vu854BFGzCo4OpY_ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBcEVcVjhh7fAa2BUAnqEEQ&google_push=AQvitUIHUgPAw0v3sU3w_AIkqBeSS7AJFhGC17wsXM50Da4ByQNwdZQR-ItIncXJgtXIG4vQxh61IyQluEz9Vu854BFGzCo4OpY_&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YG-glO845JczLilRfOD_7QAABIoAAAIB&google_push=AQvitUIHUgPAw0v3sU3w_AIkqBeSS7AJFhGC17wsXM50Da4ByQNwdZQR-ItIncXJgtXIG4vQxh61IyQluEz9Vu854BFGzCo4OpY_&google_cver=1&google_gid=CAESEBcEVcVjhh7fAa2BUAnqEEQ

94 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
r_guide-download.html
unemploymentclaims.org/xlp/
Redirect Chain
  • http://mailer.mailer-unemploymentclaims.org/click.php/e145417/HdW5lbXBsb3ltZW50MTkwMjA2LHVuZW1wbG95bWVudCxodHRwczovL3VuZW1wbG95bWVudGNsYWltcy5vcmcveGxwL3JfZ3VpZGUtZG93bmxvYWQuaHRtbA/qP3VpZD0mdmlkPT...
  • https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749
889 B
1 KB
Document
General
Full URL
https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.196.31 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-196-31.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
0ec8c4e6fe6bebadc1d56985be2a5abb5a0a3569ac5f6f1c3edf2272b9074da5

Request headers

:method
GET
:authority
unemploymentclaims.org
:scheme
https
:path
/xlp/r_guide-download.html?uid=&vid=17749
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:16 GMT
content-type
text/html
content-length
889
x-amz-id-2
bC6kkebX65l0hdJLBxP86eiK0oibiuq2EKVsbGkhYJR+W58Ze1rLEwiOdN14JJmFoFIxw1oL+ZE=
x-amz-request-id
PEYX1NS0WARZT2SA
last-modified
Tue, 14 Apr 2020 17:33:51 GMT
etag
"03842d8557866f73e7fdd206e9e6f7be"
accept-ranges
bytes
server
AmazonS3

Redirect headers

Date
Fri, 09 Apr 2021 00:32:15 GMT
Server
Apache/2.4.46 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.27
X-Powered-By
PHP/7.3.27
Location
https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
lpclient.js
api.direct-market.com/client/
4 KB
1 KB
Script
General
Full URL
https://api.direct-market.com/client/lpclient.js
Requested by
Host: unemploymentclaims.org
URL: https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.128.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-128-167.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://unemploymentclaims.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:14 GMT
content-encoding
gzip
last-modified
Tue, 26 Jun 2018 16:29:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"06441da6add41:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1114
index.html
bestcareerinfo.com/
6 KB
7 KB
Document
General
Full URL
http://bestcareerinfo.com/index.html?utm_source=tgy
Requested by
Host: unemploymentclaims.org
URL: https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749
Protocol
HTTP/1.1
Server
52.218.196.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Host
bestcareerinfo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-amz-id-2
Z++MFv7PaQmZTXkfPJqYq7gBadcEsb3AdbXP1hw+Cu9Sxsu+w0dDY6zSRoU43XYuavyE8PC4DO4=
x-amz-request-id
PEYKAZ31PC51AQN6
Date
Fri, 09 Apr 2021 00:32:17 GMT
x-amz-meta-cb-modifiedtime
Fri, 11 Oct 2019 16:16:43 GMT
Last-Modified
Fri, 11 Oct 2019 16:17:55 GMT
ETag
"5eab951cbe0699139ff638fd066068da"
Content-Type
text/html
Content-Length
6497
Server
AmazonS3
style.css
bestcareerinfo.com/css/
120 KB
121 KB
Stylesheet
General
Full URL
http://bestcareerinfo.com/css/style.css
Requested by
Host: bestcareerinfo.com
URL: http://bestcareerinfo.com/index.html?utm_source=tgy
Protocol
HTTP/1.1
Server
52.218.196.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://bestcareerinfo.com/index.html?utm_source=tgy
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:18 GMT
ETag
"c2e868d8f7778d3bec8f01bbd4167e7c"
Last-Modified
Tue, 09 Jul 2019 21:26:13 GMT
Server
AmazonS3
x-amz-request-id
3AMXDB5G61S6EXEP
x-amz-meta-cb-modifiedtime
Tue, 12 Feb 2019 20:30:26 GMT
Content-Type
text/css
Content-Length
123047
x-amz-id-2
XwMpKLHD6GRNjG7gx8wu0hjGDjSPAsTnSYDhIGXew0gWV6Tyb3T7DYEpNzHkqs9m2wuTajGT2s8=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: bestcareerinfo.com
URL: http://bestcareerinfo.com/index.html?utm_source=tgy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bestcareerinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19170
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 19:12:47 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: bestcareerinfo.com
URL: http://bestcareerinfo.com/index.html?utm_source=tgy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bestcareerinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 17:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110150
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Apr 2022 17:56:27 GMT
bootstrap.min.js
bestcareerinfo.com/js/
0
0
Script
General
Full URL
http://bestcareerinfo.com/js/bootstrap.min.js
Requested by
Host: bestcareerinfo.com
URL: http://bestcareerinfo.com/index.html?utm_source=tgy
Protocol
HTTP/1.1
Server
52.218.196.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://bestcareerinfo.com/index.html?utm_source=tgy
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:16 GMT
Server
AmazonS3
x-amz-request-id
3AMYBEMXXCNB7TAQ
Content-Length
547
x-amz-id-2
xjmXcdVJisQMqssZo0YpfVU7Jg1HObTA2sA4Z0V7Qv9UlGSnb36pg1VC2qqrghi+DZadk3rFzc8=
Content-Type
text/html; charset=utf-8
ie10workaround.js
bestcareerinfo.com/js/
662 B
1 KB
Script
General
Full URL
http://bestcareerinfo.com/js/ie10workaround.js
Requested by
Host: bestcareerinfo.com
URL: http://bestcareerinfo.com/index.html?utm_source=tgy
Protocol
HTTP/1.1
Server
52.218.196.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://bestcareerinfo.com/index.html?utm_source=tgy
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:18 GMT
ETag
"cb70061bb97adbe73f7a82e851d94611"
Last-Modified
Tue, 09 Jul 2019 21:26:13 GMT
Server
AmazonS3
x-amz-request-id
3AMSAARA3VK7QNQ8
x-amz-meta-cb-modifiedtime
Mon, 11 Feb 2019 23:37:31 GMT
Content-Type
application/x-javascript
Content-Length
662
x-amz-id-2
N+QvbsYcHAl+Ny+Yks1+dpavXj0ZwLvftxaevRSV9gpSikZRS+nFtGdYTii2G4Q4Aq1cYzDEiBA=
Primary Request Cookie set /
career-assistance.org/unemployment-benefits/
Redirect Chain
  • https://info.career-assistance.org/c/KoEeVDEG4R61BPQ3?src=em&pub={pubid}&cid={campaignid)&tg1={tg1}&tg2={tg2}
  • https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
60 KB
60 KB
Document
General
Full URL
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Requested by
Host: bestcareerinfo.com
URL: http://bestcareerinfo.com/index.html?utm_source=tgy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
d82b648cf8307451e6631c318f0a101f457ce6b408be114b9dfbe700f54a387c

Request headers

Host
career-assistance.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://bestcareerinfo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
http://bestcareerinfo.com/index.html?utm_source=tgy

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Fri, 09 Apr 2021 00:32:18 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Link
<https://career-assistance.org/wp-json/>; rel="https://api.w.org/" <https://career-assistance.org/?p=115>; rel=shortlink
Pragma
no-cache
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
Set-Cookie
PHPSESSID=hovki3nv1n4f0i99fma7achb02; path=/
X-Powered-By
PHP/7.0.33
transfer-encoding
chunked
Connection
keep-alive

Redirect headers

Cache-Control
no-cache, private
Content-Type
text/html; charset=UTF-8
Date
Fri, 09 Apr 2021 00:32:17 GMT
Location
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Server
nginx/1.10.3 (Ubuntu)
Set-Cookie
XSRF-TOKEN=eyJpdiI6Im11dTdvYXRtaHhjWU9SQmR0Z0pUaFE9PSIsInZhbHVlIjoiRHFXc0IwVGl3SXBaWXcxWEErZTB3OWs0UmwxUFc4U3JKYVVvbUdvSVlqUUdIcmk3R3Y3eExJNVFxUGhId0p1bSIsIm1hYyI6ImExNGYwN2VkODRlYTYwZmM2ZmU1MDU1YWRlZjdkNjJmNmEwNWUxY2RjMjIwNTBhOWNhOGQ5YjBkZTU0NzA3NWUifQ%3D%3D; expires=Wed, 14-Apr-2021 00:32:17 GMT; Max-Age=432000; path=/ laravel_session=eyJpdiI6Ik41eWJKXC9wY2dKV3JUNWk0VThIKzFnPT0iLCJ2YWx1ZSI6Iis5YWRJalNBdm1FU0I3TEhQalczbHRwMStibE5Ocnl0Vm9oRU5UdVhGMEs1ZUJsazRiMnlLaXVkZ29cLytzVGV1IiwibWFjIjoiYmJiZWJhYTYzMjNlMDRhYTI3OGMzYzUzZmJiYTlmMDNkNjZlYjAxNjI1NGFjYTg3ZDAzN2E2N2FlYTU5MjAxZCJ9; expires=Wed, 14-Apr-2021 00:32:17 GMT; Max-Age=432000; path=/; httponly
Content-Length
686
Connection
keep-alive
css
fonts.googleapis.com/
2 KB
671 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dc4c088d91f1dcbde2840ebfd2bb0e34b7f7226bbd96fb15f78d9567c6be4f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 00:06:37 GMT
server
ESF
date
Fri, 09 Apr 2021 00:32:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 00:32:18 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617
age
2523887
cdn-cachedat
2021-03-10 20:26:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0955a4540200004ea4ce1ff000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ac51d65409f7a6c773e04411dc506557
cf-ray
63cfa3333ea74ea4-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
style.min.css
career-assistance.org/wp-includes/css/dist/block-library/
25 KB
25 KB
Stylesheet
General
Full URL
https://career-assistance.org/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:18 GMT
Last-Modified
Thu, 09 May 2019 18:08:02 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"643a-5887854c0573c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25658
main.css
career-assistance.org/wp-content/plugins/channels-notice-box/assets/dist/
195 KB
196 KB
Stylesheet
General
Full URL
https://career-assistance.org/wp-content/plugins/channels-notice-box/assets/dist/main.css
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
2bbcab2afd9060508c78b929877cc16bc61b2e9f8926644791797d79c31b7270

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:18 GMT
Last-Modified
Fri, 25 Oct 2019 13:41:39 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"30dea-595bc4f418785"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
200170
main.min.css
career-assistance.org/wp-content/plugins/wp-custom-blog//public/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://career-assistance.org/wp-content/plugins/wp-custom-blog//public/css/main.min.css
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
46ad015138245e96627020c6f97d5ecf8c0ea9ddc58f5e3458a66390cb4fb4bf

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:18 GMT
Last-Modified
Sat, 10 Aug 2019 01:46:35 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"6ce-58fb9760d530e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1742
app.min.css
career-assistance.org/wp-content/plugins/wp_op_infinite_scroll/public/dist/css/
432 B
715 B
Stylesheet
General
Full URL
https://career-assistance.org/wp-content/plugins/wp_op_infinite_scroll/public/dist/css/app.min.css
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
c6b53ff2edb8bb9fcebf078c54383b394a32f5b5cf8d696025dff7cfef4984cc

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:18 GMT
Last-Modified
Mon, 08 Jun 2020 16:03:48 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"1b0-5a794c198c420"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
432
bundle.89a5dfc0a5257af07aed.css
career-assistance.org/wp-content/themes/wp_axsense_theme/dist/css/
217 KB
217 KB
Stylesheet
General
Full URL
https://career-assistance.org/wp-content/themes/wp_axsense_theme/dist/css/bundle.89a5dfc0a5257af07aed.css
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
18c4ce27729f4613409d59fd8892bbe45fce745d055dbe5818a781697d7e3604

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:18 GMT
Last-Modified
Thu, 09 May 2019 19:27:40 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"36236-588797188363e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
221750
app.e3e834dc57fa2feba6e9.css
career-assistance.org/wp-content/themes/wp_career-assistance_child_theme/assets/dist/css/
4 KB
4 KB
Stylesheet
General
Full URL
https://career-assistance.org/wp-content/themes/wp_career-assistance_child_theme/assets/dist/css/app.e3e834dc57fa2feba6e9.css
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
11e9c1ee2ce118b85f2e69e9dbf5ae05859f187c3d7ff9975b3705e40231be77

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:18 GMT
Last-Modified
Mon, 08 Jun 2020 16:02:29 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"e9a-5a794bce24972"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3738
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
135 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95ff1ad4decf8d07bf149c9625f8e01a2c8cfebccac5e2b4e64482c92256047b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48440
x-xss-protection
0
server
cafe
etag
10815487621706771417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 09 Apr 2021 00:32:19 GMT
logo-main.png
career-assistance.org/wp-content/themes/wp_career-assistance_child_theme/assets/images/
5 KB
5 KB
Image
General
Full URL
https://career-assistance.org/wp-content/themes/wp_career-assistance_child_theme/assets/images/logo-main.png
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
8c43b8c339b0cb5e2b7d5c5aad3a5707c4b20342fbf9fd29717c42442c97544b

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:19 GMT
Last-Modified
Mon, 08 Jun 2020 16:02:29 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"1466-5a794bce24972"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5222
shutterstock_591044579-300x225.jpg
career-assistance.org/wp-content/uploads/2019/05/
15 KB
15 KB
Image
General
Full URL
https://career-assistance.org/wp-content/uploads/2019/05/shutterstock_591044579-300x225.jpg
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
4e50bba7f19996b5c54a6d7df5a82aa4001b45c85d165db3f5e094cb4ae4f79d

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:19 GMT
Last-Modified
Fri, 17 May 2019 18:01:24 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"3c2f-589192bbc4bbc"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15407
js
www.googletagmanager.com/gtag/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-148707727-1
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8d1c922a81a9d221d9143766faf73c2629c78811aa040c9492bb40eed192bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39123
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Apr 2021 00:32:19 GMT
main.js
career-assistance.org/wp-content/plugins/channels-notice-box/assets/dist/
88 KB
89 KB
Script
General
Full URL
https://career-assistance.org/wp-content/plugins/channels-notice-box/assets/dist/main.js
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
0326ce90b5c9190487e27bf626c458c3fc90a9e9f5864b4d4e1f9ae18ead8baf

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:19 GMT
Last-Modified
Mon, 04 Nov 2019 16:02:06 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"1619f-596876ff0d966"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90527
app.min.js
career-assistance.org/wp-content/plugins/wp_op_infinite_scroll/public/dist/js/
162 KB
162 KB
Script
General
Full URL
https://career-assistance.org/wp-content/plugins/wp_op_infinite_scroll/public/dist/js/app.min.js
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
5c144185716935b49306c92e8db9d38f952c1e72cc461e9af63f4ffd3a74c5fe

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:19 GMT
Last-Modified
Mon, 15 Jun 2020 20:40:26 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"28630-5a8256fce4560"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
165424
app.e3e834dc57fa2feba6e9.js
career-assistance.org/wp-content/themes/wp_career-assistance_child_theme/assets/dist/js/
2 KB
3 KB
Script
General
Full URL
https://career-assistance.org/wp-content/themes/wp_career-assistance_child_theme/assets/dist/js/app.e3e834dc57fa2feba6e9.js
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
3463e40c26e34421661adb500b84f5ded6d7f6aa46e7c8a7169793bc4f093f8d

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:19 GMT
Last-Modified
Mon, 08 Jun 2020 16:02:29 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"966-5a794bce24972"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2406
bundle.89a5dfc0a5257af07aed.js
career-assistance.org/wp-content/themes/wp_axsense_theme/dist/js/
169 KB
169 KB
Script
General
Full URL
https://career-assistance.org/wp-content/themes/wp_axsense_theme/dist/js/bundle.89a5dfc0a5257af07aed.js
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
35406a4de3b803cce2ad04629a7784b4b899397ba069535b0f6cc9bddc8b37a4

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:19 GMT
Last-Modified
Thu, 09 May 2019 19:27:40 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag
"2a41c-588797188845e"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
173084
loader.js
career-assistance.org/taboola/
273 KB
29 KB
Script
General
Full URL
https://career-assistance.org/taboola/loader.js
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
d069d5c57b7a17840ee989800fe21e757f46fffa65e0cf215ccb83e49a5d8b8a

Request headers

Referer
https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:19 GMT
Content-Encoding
gzip
Age
27
X-Cache
HIT
Connection
keep-alive
x-amz-request-id
4TA44Y1MKJX1YZW6
x-amz-id-2
FgkRmVPxmWxtTDjh1fyRX/QXSuL0gkhaIOcHH9osoNzAJrFpbwWEUhn0cG1h6M5MMkbSUKdRJWs=
X-Served-By
cache-lga21949-LGA
Accept-Ranges
bytes
Last-Modified
Tue, 06 Apr 2021 10:23:05 GMT
Server
AmazonS3
X-Timer
S1617928339.226787,VS0,VE1
ETag
"cff179adcf07151743113234e1ee7432"
Vary
Accept-Encoding
x-amz-version-id
bqIBLlfUBut_8i0NRkX9_KDpzE74ZLrt
Via
1.1 varnish
Cache-Control
private,max-age=14401
Content-Length
28942
Content-Type
application/javascript; charset=utf-8
abp
38
X-Cache-Hits
1
z0gr1nodx9
secureanalytic.com/scripts/push/script/
7 KB
3 KB
Script
General
Full URL
https://secureanalytic.com/scripts/push/script/z0gr1nodx9?url=career-assistance.org
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6d10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaedd41765d335cf7c3fbf824b87f4f32fa6ac1b1c2a3d97575174f1775c6be1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
27
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0955a456c900004dca5280f000000001
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SQ%2FPdfRwFUnQnanaG5S2NGhLtIOZWcmGmKGIk%2Bg3%2BdJAa1%2FU2Ipsd%2BLTVKTdWFJBsI6YXS1elL48KWhveYod6JfZt69lm8Z8H0GXsSwgFsMufhs0I3I9l3N1AHK9M54%3D"}]}
content-type
application/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray
63cfa337aaa64dca-FRA
expires
0
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://career-assistance.org
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
66891
cdn-cachedat
2021-04-07 13:42:27
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
0955a456c700004dbe9e9f6000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
05bb0ba8cbc307113f23efb310ff5c6f
accept-ranges
bytes
cf-ray
63cfa337ab034dbe-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
;ID=167981;size=0x0;setID=399494;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/
7 KB
7 KB
Script
General
Full URL
https://servedbyadbutler.com/adserve/;ID=167981;size=0x0;setID=399494;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.46.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d6edb3a76c5cdab66058d4faee40b0aa315d5fb52c5dd15423b27f4445ad5267

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:19 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
q2go3ozgrv
event.smpush.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.smpush.com/register/event_log/q2go3ozgrv
Requested by
Host: secureanalytic.com
URL: https://secureanalytic.com/scripts/push/script/z0gr1nodx9?url=career-assistance.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expires
0
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GEUcDmwUpNPjzlFBaHic1AgiYJmzodzgeUTkFwDFS2knEsouaCsZLP9U0u5b0D65%2FdHW7WAVDQay1Trf3pdvjQGnnAo41JM1ZycEcS2GKMzzw9sD%2Fh3rYhPSgJpY"}],"max_age":604800}
access-control-allow-origin
https://career-assistance.org
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-request-id
0955a4589600004e13ea8a0000000001
access-control-allow-credentials
true
cf-ray
63cfa33a8aa14e13-FRA
x-pushplatformapp-params
q2go3ozgrv
event.smpush.com/register/event_log/ Frame
0
0
Preflight
General
Full URL
https://event.smpush.com/register/event_log/q2go3ozgrv
Protocol
H2
Server
2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://career-assistance.org
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
content-length
0
access-control-allow-headers
content-type
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-allow-origin
https://career-assistance.org
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-max-age
1800
cf-cache-status
DYNAMIC
cf-request-id
0955a4570600004e13b29b9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wbRTcMZEZ1RWptifJEjOMYrysIftZ%2B4mwpbsknqYbUCqRLsWOdRUFx47PL2boyBevBcObacu3oC8dzB94fUCLMDpeP1ATQv6j6iVUUt1W%2BxBFjNE8B%2Fva3Q%2FnzhK"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
63cfa33808124e13-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/
219 KB
82 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83926
x-xss-protection
0
server
cafe
etag
9615343531509228114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 09 Apr 2021 00:32:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/ Frame D723
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210406/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://career-assistance.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://career-assistance.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 08 Apr 2021 14:06:23 GMT
expires
Thu, 22 Apr 2021 14:06:23 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
37556
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
211 B
648 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=career-assistance.org&callback=_gfp_s_&client=ca-pub-4323713306936742
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
5998fe41433740fa2a1b330ab192a807e17b90d35c0a16f44f89c132ee0be31a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=career-assistance.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=career-assistance.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 88FF
54 B
596 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&adk=1812271804&adf=3025194257&lmt=1617928339&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&ea=0&flash=0&pra=5&wgl=1&dt=1617928339203&bpp=9&bdt=796&idt=74&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1085133514450&frm=20&pv=2&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=92
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4323713306936742&output=html&adk=1812271804&adf=3025194257&lmt=1617928339&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&ea=0&flash=0&pra=5&wgl=1&dt=1617928339203&bpp=9&bdt=796&idt=74&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1085133514450&frm=20&pv=2&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://career-assistance.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://career-assistance.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 09 Apr 2021 00:32:19 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 09-Apr-2021 00:47:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 09 Apr 2021 00:32:19 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795245888949"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 09 Apr 2021 00:32:19 GMT
impl.20210406-4-RELEASE.js
cdn.taboola.com/libtrc/
476 KB
110 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/taboola/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83d8954d30034cc91b28572289b43478e10982fa4149cc358456a2493c2b1d66

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-amz-version-id
rLJ92lBU3RqOJMTJh5LXtsaSRAioZ1uE
content-encoding
br
etag
"3a83308a8fe7086bc32fe56d25665737"
age
2823
x-cache
HIT
content-length
111743
x-amz-id-2
Pi39iwY3X2JbJp01BFHzbvmsboe8VKjl2WO9O1O2mOHe4Zu4hmGzHjMdcQ8kPK9wG5SLFJmJeZc=
x-served-by
cache-hhn11578-HHN
last-modified
Tue, 06 Apr 2021 07:27:59 GMT
server
AmazonS3-br
x-timer
S1617928339.375325,VS0,VE5
date
Fri, 09 Apr 2021 00:32:19 GMT
vary
Accept-Encoding
x-amz-request-id
2DFNPWZQKMJ7RDBQ
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
28
x-cache-hits
3042
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/taboola/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Sat, 10 Apr 2021 00:32:19 GMT
;ID=167981;size=0x0;setID=399495;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/
7 KB
7 KB
Script
General
Full URL
https://servedbyadbutler.com/adserve/;ID=167981;size=0x0;setID=399495;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.46.202.116.clients.your-server.de
Software
nginx /
Resource Hash
6ec7d61b6d2b29335b4c5e89c79bf88445210e346353fa28cdbde23592f68e6e

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:19 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1617928339386&ns_c=UTF-8&cv=3.5&c8=Learn%20About%20Unemployment%20Benefits%20%7C%20Career-Assistance.org&c7=https%3A%2F%2Fcareer-assis...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617928339386&ns_c=UTF-8&cv=3.5&c8=Learn%20About%20Unemployment%20Benefits%20%7C%20Career-Assistance.org&c7=https%3A%2F%2Fcareer-assi...
0
248 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617928339386&ns_c=UTF-8&cv=3.5&c8=Learn%20About%20Unemployment%20Benefits%20%7C%20Career-Assistance.org&c7=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&c9=http%3A%2F%2Fbestcareerinfo.com%2F
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 00:32:19 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617928339386&ns_c=UTF-8&cv=3.5&c8=Learn%20About%20Unemployment%20Benefits%20%7C%20Career-Assistance.org&c7=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&c9=http%3A%2F%2Fbestcareerinfo.com%2F
Pragma
no-cache
Date
Fri, 09 Apr 2021 00:32:19 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
;ID=167981;size=0x0;setID=423926;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/
96 B
342 B
Script
General
Full URL
https://servedbyadbutler.com/adserve/;ID=167981;size=0x0;setID=423926;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.46.202.116.clients.your-server.de
Software
nginx /
Resource Hash
7c7a26f51bbfcf7102b9957c3aef210088491784c13cf30e848be4ed3484e3f5

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:19 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
blank.gif
servedbyadbutler.com/error/
42 B
216 B
Image
General
Full URL
https://servedbyadbutler.com/error/blank.gif
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.46.202.116.clients.your-server.de
Software
nginx /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:19 GMT
last-modified
Thu, 14 Mar 2019 17:47:37 GMT
server
nginx
etag
"5c8a93b9-2a"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42
expires
Sat, 09 Apr 2022 00:32:19 GMT
;ID=167981;size=0x0;setID=399496;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/
7 KB
7 KB
Script
General
Full URL
https://servedbyadbutler.com/adserve/;ID=167981;size=0x0;setID=399496;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.46.202.116.clients.your-server.de
Software
nginx /
Resource Hash
298e10f00cd85008fa34904d721247e5df017c80f9e0de2d96e661537b711e1c

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:19 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
;ID=167981;size=0x0;setID=428305;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/
96 B
342 B
Script
General
Full URL
https://servedbyadbutler.com/adserve/;ID=167981;size=0x0;setID=428305;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.46.202.116.clients.your-server.de
Software
nginx /
Resource Hash
7c7a26f51bbfcf7102b9957c3aef210088491784c13cf30e848be4ed3484e3f5

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:19 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
;ID=167981;size=0x0;setID=424171;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/
96 B
342 B
Script
General
Full URL
https://servedbyadbutler.com/adserve/;ID=167981;size=0x0;setID=424171;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.46.202.116.clients.your-server.de
Software
nginx /
Resource Hash
7c7a26f51bbfcf7102b9957c3aef210088491784c13cf30e848be4ed3484e3f5

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:19 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
;ID=167981;size=0x0;setID=428307;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/
565 B
811 B
Script
General
Full URL
https://servedbyadbutler.com/adserve/;ID=167981;size=0x0;setID=428307;type=js;sw=1600;sh=1200;spr=1;kw=;pid=1061096;place=0;rnd=1061096;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.46.202.116.clients.your-server.de
Software
nginx /
Resource Hash
735cd1bcef0572d335927c7e0fcfc0aef61742761cf0cd57e39df97b775e3bb8

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:19 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
777 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=career-assistance.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=career-assistance.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 00:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 78B5
64 KB
27 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ce7a5f117db17bca1b986cae4fa7f26ba48e8f57aa03e498bd2afa168a93278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://career-assistance.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://career-assistance.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 09 Apr 2021 00:32:20 GMT
server
cafe
content-length
27557
x-xss-protection
0
set-cookie
IDE=AHWqTUnQI3f1q8vcQgt9hNiDba_1GB7tEIZsh_nnsYcKGrNCqc495yFvItoy4dcT7_Q; expires=Wed, 04-May-2022 00:32:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 09 Apr 2021 00:32:20 GMT
cache-control
private
fa-solid-900.woff2
career-assistance.org/wp-content/themes/wp_axsense_theme/dist/fonts/
66 KB
66 KB
Font
General
Full URL
https://career-assistance.org/wp-content/themes/wp_axsense_theme/dist/fonts/fa-solid-900.woff2
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/wp-content/themes/wp_axsense_theme/dist/css/bundle.89a5dfc0a5257af07aed.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.162.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-162-14.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Origin
https://career-assistance.org
Referer
https://career-assistance.org/wp-content/themes/wp_axsense_theme/dist/css/bundle.89a5dfc0a5257af07aed.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 00:32:20 GMT
Last-Modified
Thu, 09 May 2019 19:27:40 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection
keep-alive
Accept-Ranges
bytes
ETag
"10748-58879718874be"
Content-Length
67400
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148707727-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
6334
date
Thu, 08 Apr 2021 22:46:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Fri, 09 Apr 2021 00:46:46 GMT
collect
www.google-analytics.com/j/
1 B
70 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1179419142&t=pageview&_s=1&dl=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&dr=http%3A%2F%2Fbestcareerinfo.com%2F&ul=en-us&de=UTF-8&dt=Learn%20About%20Unemployment%20Benefits%20%7C%20Career-Assistance.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=324686408&gjid=1142702006&cid=640306074.1617928339&tid=UA-148707727-1&_gid=245701074.1617928340&_r=1&gtm=2ou3v0&z=1703857626
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://career-assistance.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
63 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1179419142&t=pageview&_s=2&dl=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&dr=http%3A%2F%2Fbestcareerinfo.com%2F&dp=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&ul=en-us&de=UTF-8&dt=Learn%20About%20Unemployment%20Benefits%20%7C%20Career-Assistance.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=&gjid=&cid=640306074.1617928339&tid=UA-148707727-1&_gid=245701074.1617928340&gtm=2ou3v0&z=1702301968
Requested by
Host: career-assistance.org
URL: https://career-assistance.org/unemployment-benefits/?og1=ed84bb88-9fcb-44ab-b9ff-2ac4a1bab19b&cid=cid28389
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52123
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C24E
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHVoiiK7ZLeGQvdy6pBMsXmlTZLmaK-DSYP62pteuA2pegkfR1WlYYM_fy2McMLLDkAXzApbW-x5BIlrRAc_yG7CnbggWvDUObMsPK57nGtb1giU90pFazxLwvBntfL4vs-or7sns_aiGRmRMiFt0gX6TGtuzqahU4pCH1BOlWeaG3mXpt-BZlBXE7WFHfhFogJD-RtVbgW1BcbaYR2rqscTqeDpUekNxmB2V4CCq5zhv_VWycIhYmGu0uHXpsS1UJ2MQzyzXg1YbGBvWn5h5ixwSYtinAWcKl0ySUbpgH3CdzuupNwo2CP5kvE9iC8y6lKdKKW2RrWr_Q09o8mEQH4gyJZbBwHZ2bcWD5fLcmo4OAJY0tLR6m4WRV_NBhsJd0962A4N7DmghPJbdVHSYcpR8r6nnHC3N6xSH42ZR-nNQ-z6jpcIacF_nhOEbgrH8Ewpu-rzS_PAoMS8nQii_ZjYKlxVGwr7mem9TYqpTfBJ_H7hESrOLG4ddSzCUVGmsgUJszjjKfvXfItYafAjjoFoSUKvRcihYEYD31GnFUKAAaTaDx5-Gcp9ifS0AA4-NM_8OEZ2YJXmfKFiaxb0KRdM6_P1S4CeIy19Dc4_kdQER6WNxfs7n74YPxapoOakQe70lOFX6obgEVxE1AL4CXzpGu7zkm-ahEzaC7Pjxsl610gntR18MilmViUY9g3QfdzO5p6wcPKRorRJ9TCofTajtanRy6RGLgqWqsP9XFOXP6x29y1KGGlcQHugp76idc_M0amcudcqyApBHfwNkhIs40c2-ET4SjNjCTN7yBAQJZmO3pJE-U8SCI75Um9cAbR-bePvi7hf1RX35cd0a3Ln6X8H_x2M9GFGZnmCZsGsMQprftnB11T3NxKyrBxmc29elk0s9X9SGeGbZwBjFiHMt5ZHRAS-HQqpvf3jFSGzxEN0pGds09cBOXKnzT04zxi_wcsYjKPR5VzactW0IlljorN-QK4Uftop8-pvgaRDRMcOtrOqysAHkAuAyDc_zw&sig=Cg0ArKJSzOHoFPIA18AuEAE&urlfix=1&adurl=&tpd=AGWhJmsTMOGiLurgQl5katwyHPRDfd7tNbvd74HfpCp8mvXwpg
Requested by
Host: unemploymentclaims.org
URL: https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 00:32:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame C24E
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: unemploymentclaims.org
URL: https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:02:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19816
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Apr 2021 19:02:04 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C24E
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: unemploymentclaims.org
URL: https://unemploymentclaims.org/xlp/r_guide-download.html?uid=&vid=17749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 11:02:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48596
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 11:02:24 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame C24E
30 KB
12 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b50775a86effc03381449c6753c834fe2ab4f4b85fdcd434b0063856612d2d03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 23:14:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12019
x-xss-protection
0
server
cafe
etag
14063525893811147733
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 23:14:16 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame C24E
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 23:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 23:49:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C24E
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 00:32:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame C24E
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 00:11:52 GMT
l
www.google.com/ads/measurement/ Frame C24E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbzfTsyHzqiSEgsXh-pO2arrCvzj1_FYCSwKwBWGRwWQXEkOE2-F3ss-4F9Y85wRKdY7Ux5HK7pk3RK8nlvWirTeoQFg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame C24E
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 23:51:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17914786394753848863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 23:51:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7475
1 KB
854 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 08 Apr 2021 03:14:09 GMT
expires
Fri, 09 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
76691
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
s0.2mdn.net/6418128/1617814958816/ Frame CC0E
4 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
924c4a89295112cc9bdd0fe61b8da36e260eb0dbc88f8102c8d7e907299629d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1427
date
Thu, 08 Apr 2021 17:07:26 GMT
expires
Fri, 09 Apr 2021 17:07:26 GMT
last-modified
Wed, 07 Apr 2021 17:02:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
26694
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C24E
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fca6fd8c1d80efa604938e1b33cab2d12d1c447435cda3df3d285604ea417385

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 42BA
22 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 05 Apr 2021 17:24:05 GMT
expires
Tue, 05 Apr 2022 17:24:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
284895
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame 7475
35 B
547 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGkhQQm2Qc_Zkcblm9ZpJ94&google_cver=1&google_push=AQvitUJBdzqsBDYvPaZoCyW57bf3EsRY3wsmjDitNiGe5A0zFSRbVB1LEhIlW8SxpddDKGXXa-J-BGZ7ndGJ0lPp5YJbdLsT7QjuWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7475
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEasZJqtIxrzVVDtUUtJ9fc&google_cver=1&google_push=AQvitUL35cwEAe4jFVjELlMKzr8wGfnuKo8nBOYVeZpDdQcfxPqXcNgWwBSekgB56uWeJJ8TG7e8sAr93ePofSGkPqiTQohy2g6DAg
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VFYXNaSnF0SXhyelZWRHRVVXRKOWZj
170 B
484 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VFYXNaSnF0SXhyelZWRHRVVXRKOWZj
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 00:32:20 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VFYXNaSnF0SXhyelZWRHRVVXRKOWZj
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7475
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIfSix7DI-0ZZ3jk1uq-bdKjpZR9rsw8zEcwRfoD8iSIDFH68cJw8Cd6B3xpHVXN1c9U-Q9enChQJMoaDXGwEx1caf2Acx_ZA&google_gid=CAESELSG1525j2Hriw7G4FKJ8G0&g...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJTBvoMGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVJZlNpeDdESS0wWlozamsxdXEtYmRLanBaUjlyc3c4ekVjd1Jmb0Q4aVNJREZINjhjSnc4Q2Q2QjN4cEhWWE4xYzlVLVE5ZW5DaFFKTW9hRF...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcDlOTlpuLXc5Y3ZnZ01qazRxeTh3T2x4M01KRDNFekRNNmN4d3o1UlNvdw==&google_push
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcDlOTlpuLXc5Y3ZnZ01qazRxeTh3T2x4M01KRDNFekRNNmN4d3o1UlNvdw==&google_push
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 09 Apr 2021 00:32:20 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcDlOTlpuLXc5Y3ZnZ01qazRxeTh3T2x4M01KRDNFekRNNmN4d3o1UlNvdw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7475
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKvbrn5jay8MvJCOaMpjmMg&google_cver=1&google_push=AQvitUI0TEsTaVZAcqUNpufmZ5MijBGqHw5rNr1JP3VvQ05BwKdZlK1_fn7aFuvTZL0tWJ9wIupWVybgukbNxHObrlbHBs8DMh4BGQ
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKvbrn5jay8MvJCOaMpjmMg&google_cver=1&google_push=AQvitUI0TEsTaVZAcqUNpufmZ5MijBGqHw5rNr1JP3VvQ05BwKdZlK1_fn7aFuvTZL0tWJ9wIupWVybgukbNxHObrlbHBs8DMh4BG...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI0TEsTaVZAcqUNpufmZ5MijBGqHw5rNr1JP3VvQ05BwKdZlK1_fn7aFuvTZL0tWJ9wIupWVybgukbNxHObrlbHBs8DMh4BGQ&google_hm=qTFbVO7JzF44o9KJClxpXA==
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI0TEsTaVZAcqUNpufmZ5MijBGqHw5rNr1JP3VvQ05BwKdZlK1_fn7aFuvTZL0tWJ9wIupWVybgukbNxHObrlbHBs8DMh4BGQ&google_hm=qTFbVO7JzF44o9KJClxpXA==
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:19 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI0TEsTaVZAcqUNpufmZ5MijBGqHw5rNr1JP3VvQ05BwKdZlK1_fn7aFuvTZL0tWJ9wIupWVybgukbNxHObrlbHBs8DMh4BGQ&google_hm=qTFbVO7JzF44o9KJClxpXA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
jen4h83dleh3l1rc8nnlu00etm5osmv0
pixel
cm.g.doubleclick.net/ Frame 7475
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nusb5ehAQfyxUZEy75AlCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nusb5ehAQfyxUZEy75AlCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULXzxbZyZc44FA5Dku9-EvKuWZhWVgtJbY6fO9opqZ5pO7117nUcHiLyw8voKSHIoyOxmitK8u-FUUBOthX-fQNARpUpXi49g
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nusb5ehAQfyxUZEy75AlCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULXzxbZyZc44FA5Dku9-EvKuWZhWVgtJbY6fO9opqZ5pO7117nUcHiLyw8voKSHIoyOxmitK8u-FUUBOthX-fQNARpUpXi49g
Date
Fri, 09 Apr 2021 00:32:18 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7475
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB0N1nF1qG8OHbP9_EWwWpE&google_cver=1&google_push=AQvitUJoDZNFw7GrB-tbqVybWEzuNl89FHEsPOAKEgSCag5VDHzjhgpzjfmpnsIAGe28WAl_lg2...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S045S1JESEgtMUstSUlFVg==&google_push=AQvitUJoDZNFw7GrB-tbqVybWEzuNl89FHEsPOAKEgSCag5VDHzjhgpzjfmpnsIAGe28WAl_lg2iZdAos_md2EMwMFJB646it5NC
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S045S1JESEgtMUstSUlFVg==&google_push=AQvitUJoDZNFw7GrB-tbqVybWEzuNl89FHEsPOAKEgSCag5VDHzjhgpzjfmpnsIAGe28WAl_lg2iZdAos_md2EMwMFJB646it5NC
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S045S1JESEgtMUstSUlFVg==&google_push=AQvitUJoDZNFw7GrB-tbqVybWEzuNl89FHEsPOAKEgSCag5VDHzjhgpzjfmpnsIAGe28WAl_lg2iZdAos_md2EMwMFJB646it5NC
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7475
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBcEVcVjhh7fAa2BUAnqEEQ&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBcEVcVjhh7fAa2BUAnqEEQ&google_push=AQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YG-glO845JczLilRfOD_7QAABIoAAAIB&google_push=AQvitUIHUgPAw0v3sU3w_AIkqBeSS7AJFhGC17wsXM50Da4ByQNwdZQR-ItIncXJgtXIG4vQxh61IyQluEz9Vu854B...
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YG-glO845JczLilRfOD_7QAABIoAAAIB&google_push=AQvitUIHUgPAw0v3sU3w_AIkqBeSS7AJFhGC17wsXM50Da4ByQNwdZQR-ItIncXJgtXIG4vQxh61IyQluEz9Vu854BFGzCo4OpY_&google_cver=1&google_gid=CAESEBcEVcVjhh7fAa2BUAnqEEQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 00:32:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YG-glO845JczLilRfOD_7QAABIoAAAIB&google_push=AQvitUIHUgPAw0v3sU3w_AIkqBeSS7AJFhGC17wsXM50Da4ByQNwdZQR-ItIncXJgtXIG4vQxh61IyQluEz9Vu854BFGzCo4OpY_&google_cver=1&google_gid=CAESEBcEVcVjhh7fAa2BUAnqEEQ
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Fri, 09 Apr 2021 00:32:20 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7475
0
227 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGdFp5KQjCaNsrNB8J_2GGA6Mw0zKbEQXLQOcpr0IZA14cfDuEMBkhGtXkvHYJVc1MSQz9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4323713306936742&output=html&h=280&slotname=4552932493&adk=1399812461&adf=4251583766&pi=t.ma~as.4552932493&w=743&fwrn=4&fwrnh=100&lmt=1617928339&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fcareer-assistance.org%2Funemployment-benefits%2F%3Fog1%3Ded84bb88-9fcb-44ab-b9ff-2ac4a1bab19b%26cid%3Dcid28389&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617928339956&bpp=5&bdt=1549&idt=5&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393c8a56807dd311-226595a6ffba009e%3AT%3D1617928339%3ART%3D1617928339%3AS%3DALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ&prev_fmts=0x0&nras=1&correlator=1085133514450&frm=20&pv=1&ga_vid=640306074.1617928339&ga_sid=1617928339&ga_hid=1179419142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737564%2C44740079%2C44739387&oid=3&pvsid=3034750051073820&ref=http%3A%2F%2Fbestcareerinfo.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7CtkhloluC&p=https%3A//career-assistance.org&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:20 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/
9 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210406&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46de154c0f8957ec732dd72b811a2c77a966f5d4c3d92974e427b5732179ff0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 00:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6655
x-xss-protection
0
UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js
pagead2.googlesyndication.com/bg/ Frame 42BA
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52786c86811c129ec151d880a742f4955bc63aea2f85fa641fa14c9bfb4b64ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 18:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
109008
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5661
x-xss-protection
0
expires
Thu, 07 Apr 2022 18:15:32 GMT
606de563b3521e8b1b19f4f5
c.bannerflow.net/a/ Frame CC0E
54 KB
18 KB
Script
General
Full URL
https://c.bannerflow.net/a/606de563b3521e8b1b19f4f5?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvApYrYuXX9QiLrt96DosBAvhILpfD-7mSviQ30d80v6PN1wgkCnuJJh2x_DVJLiWSWXhNu53_4lRn8Am_RYGjXvV0AHdSNi2UEu6jAT3ADTyBrDIDmnKOrXaS_6Zbn8sUHn48YcQqfUXTZbPGNrRVowPeAzsbkznxvSMdVFUPS38DAh3krqHMrnTtvcMWwF3mxM6o0Urgz9BaGgZNFQhprG07OsY_0WkkRFOQWv5mPU6KhoKhSIgPxo-LN0qBDnvrMj3r_LzMTGEe86MTtuL_2eVI3yaGBP6_IMaKGfwMQG536J04zsgiJ5CT0ucepGOuGqCgeotMGX0JapLHjyaxlPg4vxd9EaVvnCmTSCWjUxGbnJ8V462kXuN2ng0OE8sIFsSTKpn6E2CTZRqIfnSqq0eebZDyhMIPBnHRPzMxirhxbeRMGCQ3vHpLqHsZDMW1qn0dZmRMMnpErMSF7_wyT2HS4OoYSkv4eBwqwpdTc98a1s_Hy1SnAjq7V8n4FZAyPYoCutAObieUdFlbMsgv9aA-mFCRSqFqI8jMHYOm5nrETA2qX5tGGOzNdNDhxFsZU5jjPJyeESLjIdvOzMNG3ZwyUi5IavDBNcmWa7TjNH-FUcA-uyGvM2rMjPxUpwhG7Xe7gzsKrp3aP_CIMNGUa9C1EmY61sqUwemD_rcQjUpcRYvBL9xhKC-v3cLIJwfE01OTctPxRX-SVIKBQSGguIwLCfqdS99r_RiPmvjujij16suRWB0bRB7wH2NE6pUKLEP2cqqNz2aOKt-3vjd98E4VifOG5wCJqZ4M-IILojNrVJWr3aJuLZik6VjGBF25sFWjYgs63S9CO3N6neFEv5RFHVLIF3miGDNY40K7mCa3kZxtwc9ZqS5jOhJsoIsRglIic9MqYlOZ8Z1Axio2oZ0sEhsl0OIZZTYfedqO6FhbjLBM9ntZwkfl9vppPSqa4OOqN978SC7KrZEHw0J7fiJELLG074l4IBVeCeOKVGyigoO38%26sig%3DCg0ArKJSzHPfDjgggLlqEAE%26urlfix%3D1%26rm_eid%3D4192616%26adurl%3Dhttps%253A%252F%252Fwww.cmcmarkets.com%252Fde-de%252Flp%252Ffixekommissionen%253Fdclid%253D%2525edclid!%2526utm_source%253Dgdn%2526utm_medium%253Ddisplay%2526utm_term%253Dprogrammatic%2526utm_campaign%253Dde-prospecting
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9668279270c48288a1de56fb52bd7729dfa17a066eba91e5b38036db92cdc65e

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
63cfa341981e4e0d-FRA
link
<https://c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/preload.jpg>; rel=preload; as=image
cf-request-id
0955a45d0000004e0d7dbe7000000001
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4323713306936742&plah=career-assistance.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 09 Apr 2021 00:32:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B15A
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://career-assistance.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://career-assistance.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 08 Apr 2021 18:41:14 GMT
expires
Fri, 08 Apr 2022 18:41:14 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
21066
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
preload.jpg
c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/ Frame CC0E
15 KB
15 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/preload.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b9ca40006f602db21d8c8d3b5a7ebef00530a16af0f6744dc578141f2c11f7c

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 00:32:20 GMT
cf-cache-status
HIT
age
113122
content-length
15269
cf-request-id
0955a45d2c00004e0de43a9000000001
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 17:01:43 GMT
server
cloudflare
etag
0x8D8F9E6D20377D4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
41acf350-901e-004f-76d0-2b9c72000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
63cfa341e8634e0d-FRA
cf-bgj
h2pri
UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js
pagead2.googlesyndication.com/bg/ Frame B15A
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52786c86811c129ec151d880a742f4955bc63aea2f85fa641fa14c9bfb4b64ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 18:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
109008
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5661
x-xss-protection
0
expires
Thu, 07 Apr 2022 18:15:32 GMT
document.4b5a4c912f.js
c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/ Frame CC0E
86 KB
10 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/document.4b5a4c912f.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/606de563b3521e8b1b19f4f5?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvApYrYuXX9QiLrt96DosBAvhILpfD-7mSviQ30d80v6PN1wgkCnuJJh2x_DVJLiWSWXhNu53_4lRn8Am_RYGjXvV0AHdSNi2UEu6jAT3ADTyBrDIDmnKOrXaS_6Zbn8sUHn48YcQqfUXTZbPGNrRVowPeAzsbkznxvSMdVFUPS38DAh3krqHMrnTtvcMWwF3mxM6o0Urgz9BaGgZNFQhprG07OsY_0WkkRFOQWv5mPU6KhoKhSIgPxo-LN0qBDnvrMj3r_LzMTGEe86MTtuL_2eVI3yaGBP6_IMaKGfwMQG536J04zsgiJ5CT0ucepGOuGqCgeotMGX0JapLHjyaxlPg4vxd9EaVvnCmTSCWjUxGbnJ8V462kXuN2ng0OE8sIFsSTKpn6E2CTZRqIfnSqq0eebZDyhMIPBnHRPzMxirhxbeRMGCQ3vHpLqHsZDMW1qn0dZmRMMnpErMSF7_wyT2HS4OoYSkv4eBwqwpdTc98a1s_Hy1SnAjq7V8n4FZAyPYoCutAObieUdFlbMsgv9aA-mFCRSqFqI8jMHYOm5nrETA2qX5tGGOzNdNDhxFsZU5jjPJyeESLjIdvOzMNG3ZwyUi5IavDBNcmWa7TjNH-FUcA-uyGvM2rMjPxUpwhG7Xe7gzsKrp3aP_CIMNGUa9C1EmY61sqUwemD_rcQjUpcRYvBL9xhKC-v3cLIJwfE01OTctPxRX-SVIKBQSGguIwLCfqdS99r_RiPmvjujij16suRWB0bRB7wH2NE6pUKLEP2cqqNz2aOKt-3vjd98E4VifOG5wCJqZ4M-IILojNrVJWr3aJuLZik6VjGBF25sFWjYgs63S9CO3N6neFEv5RFHVLIF3miGDNY40K7mCa3kZxtwc9ZqS5jOhJsoIsRglIic9MqYlOZ8Z1Axio2oZ0sEhsl0OIZZTYfedqO6FhbjLBM9ntZwkfl9vppPSqa4OOqN978SC7KrZEHw0J7fiJELLG074l4IBVeCeOKVGyigoO38%26sig%3DCg0ArKJSzHPfDjgggLlqEAE%26urlfix%3D1%26rm_eid%3D4192616%26adurl%3Dhttps%253A%252F%252Fwww.cmcmarkets.com%252Fde-de%252Flp%252Ffixekommissionen%253Fdclid%253D%2525edclid!%2526utm_source%253Dgdn%2526utm_medium%253Ddisplay%2526utm_term%253Dprogrammatic%2526utm_campaign%253Dde-prospecting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6068bc400d961927d7312dbdaa75895571d4c1cca9b17d4224a1318777bdfbbb

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 00:32:20 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
S1pMkS9iH2acYeEx44SzIA==
age
113120
cf-polished
origSize=97167
cf-request-id
0955a45d3500004e0d76b81000000001
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 17:01:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e62e7cc7-d01e-0013-71d0-2bc92a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
63cfa341e8764e0d-FRA
cf-bgj
minify
animated-creative.d2b931beb0c8e53510f4.js
c.bannerflow.net/scripts/ Frame CC0E
126 KB
39 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.d2b931beb0c8e53510f4.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/606de563b3521e8b1b19f4f5?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvApYrYuXX9QiLrt96DosBAvhILpfD-7mSviQ30d80v6PN1wgkCnuJJh2x_DVJLiWSWXhNu53_4lRn8Am_RYGjXvV0AHdSNi2UEu6jAT3ADTyBrDIDmnKOrXaS_6Zbn8sUHn48YcQqfUXTZbPGNrRVowPeAzsbkznxvSMdVFUPS38DAh3krqHMrnTtvcMWwF3mxM6o0Urgz9BaGgZNFQhprG07OsY_0WkkRFOQWv5mPU6KhoKhSIgPxo-LN0qBDnvrMj3r_LzMTGEe86MTtuL_2eVI3yaGBP6_IMaKGfwMQG536J04zsgiJ5CT0ucepGOuGqCgeotMGX0JapLHjyaxlPg4vxd9EaVvnCmTSCWjUxGbnJ8V462kXuN2ng0OE8sIFsSTKpn6E2CTZRqIfnSqq0eebZDyhMIPBnHRPzMxirhxbeRMGCQ3vHpLqHsZDMW1qn0dZmRMMnpErMSF7_wyT2HS4OoYSkv4eBwqwpdTc98a1s_Hy1SnAjq7V8n4FZAyPYoCutAObieUdFlbMsgv9aA-mFCRSqFqI8jMHYOm5nrETA2qX5tGGOzNdNDhxFsZU5jjPJyeESLjIdvOzMNG3ZwyUi5IavDBNcmWa7TjNH-FUcA-uyGvM2rMjPxUpwhG7Xe7gzsKrp3aP_CIMNGUa9C1EmY61sqUwemD_rcQjUpcRYvBL9xhKC-v3cLIJwfE01OTctPxRX-SVIKBQSGguIwLCfqdS99r_RiPmvjujij16suRWB0bRB7wH2NE6pUKLEP2cqqNz2aOKt-3vjd98E4VifOG5wCJqZ4M-IILojNrVJWr3aJuLZik6VjGBF25sFWjYgs63S9CO3N6neFEv5RFHVLIF3miGDNY40K7mCa3kZxtwc9ZqS5jOhJsoIsRglIic9MqYlOZ8Z1Axio2oZ0sEhsl0OIZZTYfedqO6FhbjLBM9ntZwkfl9vppPSqa4OOqN978SC7KrZEHw0J7fiJELLG074l4IBVeCeOKVGyigoO38%26sig%3DCg0ArKJSzHPfDjgggLlqEAE%26urlfix%3D1%26rm_eid%3D4192616%26adurl%3Dhttps%253A%252F%252Fwww.cmcmarkets.com%252Fde-de%252Flp%252Ffixekommissionen%253Fdclid%253D%2525edclid!%2526utm_source%253Dgdn%2526utm_medium%253Ddisplay%2526utm_term%253Dprogrammatic%2526utm_campaign%253Dde-prospecting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b802b44819289fdb059a102d74115535379bee52041fa52583dbab4e3282b7

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 00:32:20 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
x/M5KPZN780/Go5GcYCOHQ==
age
127185
cf-polished
origSize=129416
cf-request-id
0955a45d3600004e0df9a50000000001
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 11:56:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b4893ac2-101e-007e-4eaf-2b7d61000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
63cfa341f87a4e0d-FRA
cf-bgj
minify
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42BA
0
111 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEw_2k6BvYL6BPJqX-gav8qeoCAAAAAA4AeAEAg&bg=!vL-lv_vNAAY56aLOOek7ACkAdvg8Wl-rjjONNjXImt58pHpgNZaosLGQ2MTdmxaCfvo-HE5NElyz_wIAAABJUgAAABxoAQcKAMwFzwPN4ypa-2trzMUze7nVO_WU95Y8XoASvegmi13K-KG8dnekF3pGEJR4RLy_87NPhnm-SGaUWo1HnbvDdMpYMMVjJwsRYcHDJ3lwBaDj4PVfec0Xv6XqvaPm1TQPW5VobBWWsU6nAhua2czhDs6Iut8ReHqOAUvLR5RU1q9HA3Od8gQ7IW7SRHnIeGMYXF8me7JZaZBAgWWpu21kWfEURM6Vm58DCy8bzymVUrPU3oFUVtGjmfAMN9ux66BcBxtksDewdcOU7EH-Mk-ZAmsRuXTIIOhpfYabci_lAkkMsiABaN52adkxreEB6HVgDWhQE6OjWO-3ahkNKvYCTiyvnS5ZMTW_sELyrgxQROgXWUk8B5NqC1N-is4xtEoi-6__krhk-WryuEcGxQuxPnJd4md3Rip0p7g7Pg6JlIXOrwSdDiWGcT4zlVLPjP2KYd2UAU9eogSkH1JrdJ7pOTI5KV88wxWwqTx4iV1B_htYlFQkchuV2v23zQb_Bb2vTEAVgbdLHfTKhtn95VUe67GWCJmRdxRbj6gJ0cwQFwKc1U-eyn91C6yNqM1qLZiJTLsMbfVYrvQcj0qH-h5MUZnbsj9v5wRL2BSyEWBhRvXggogfXnhBESB8IJbWF50hspQeqRnLw9s4YL9xHnalaRelWc04xjLBZJtOyMd_mHya8B6HAjtLJNfT61A6GExh4V805o40bKaP4OdajmUZ99Ci-5-muyn9vHHQpUHBWOYUQhfx-cldJmdM4Pc444R3jWBWiT2g_lpHFF9IeWLFmMH0K4DcnPPD45e_OBMoNET_FO99FRDRI0y5ouddK4yhHRqELEKcrME9XK1DbPPINDgFkoel6lMDvtY-hbzuIK5GcqExh4AYtMlEtMU7h42yMSFNaePCJBP3B7pi5UyuoHx23D8u74gBHBXPsHvmCgd877M7K8f2tbCkEWquTuWRVe6HGuympiE8AIUDeRE7vT2rNTEziSuyRBXCgmZegweYSGjL6tTT9RuFdxtNLDG-Vy5x0ucfD6G_JzwNwNUIvDqaZwkDdPbD6UuO58BIwANBPv5uHC5m_GTOfta-jTM5lirDeaT3dpsX6TdK
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210406&jk=3034750051073820&bg=!R0SlRADNAAY56aLOOek7ACkAdvg8Wq_1S6Vbq2wDDbebvpxRfLLoO6YfOdRgfVSOos023AVmZCs8OgIAAABUUgAAAAtoAQcKAYgy0KU9R2HpMi-zy_UIYe3enoFtUE_RV9xSLW1MBrMlZNL6OwosUaZziE7uOYBzFifOsqUMYIIFnOOGRbqHqAgol8VgY7UPq0QHFXXH4W-3j3L58eLuL5rhIqpXbQdr-336gh1s9CsJHdvkahHalBUTTcltSXO2WEj5KoAOB1MTOux4gpNCFKy6KBCeNXnr0h2qHtpElgJH2aXfnEMh7vODo41798Pef6aDfiCiRXynFtIgbq8enWQZyqDIqH-B53xV_k7dnHtmqCjWxd2msLw-z5gjuYN-IOEY2_U026G13iBWX_MIhpmITI_Bvp3n13xoHfhmXe0Z4-vDCCtr-UGH7MQe4U0pjMlcpGC3KNqwz_QoQL-aga4rdnHARhy7e3MknH3nVmmxkgBBXaqZ0q7oC-TE22Ur_rtHClU-aumZmom6t6iJiu-YbxCELzdqQclVPrad3DaHDwZJQIoS-WxG1jjPH03xe2GD4MhnLRcEWkANQ_okhVkRHfzFhFrmWljQfNOQuXqX7JkB8LqP35aklXrbWyQXl9ZVXnIaRboeesfuOaR2Wcn-ghK_fDpSREb1IYDTcGg_67xbHvGho6yOrrcRpLtTE32HQlyRc2_zlaHkiPE4V7FW9TWEBjbX7zWzSqmIS0zSTtfrcY4ZnVtm3gfTWnY1FwQRii7bI2c8UucWRS1A_L2x-QmaoFpBh9-hKo19dfd3qXiLU2WzCIqTXQLLcb2uQIDqVtqbr3NH9pp0mbMmjEIOoeUqiZ6nITv_0mMoBdoUaK_P8ug1juUk2iwuHiLAhAt_irdJIEarXF61FvukFjpfykkInkQXqQXPsM-JUvrtwUyeoSg7evbnWYHxuHfXV3IiWGWLGP_fLw63pxlAc5tLoqnWi4I2BtqXGHS6a1Ya3OgXU3XRn27z3e1cyVW8cYyN9EpUViMNej2forwlQ_0zyXRXlZTSb0WJ6LgOiHM6Ow9QdP689FzKEULR51mdi_QDquvnUlTVKr3zvvLgfdZ1ePsT08dC4zdooxHRTfZQ0E0hSSWl3g9aylgnAWF2rcQSHW-hZllPlI2ktekJMiU2MAMRtgw3sNJB28P8E7gIgpRTL8CeS4dZ8GQ4FfgkNc4-iAmnvFPE7HBl8DoNKY_n_8boc6ESrL0k5lGa7_QuGjXD9B3b4tD8d5XARUG1QJ_YPCI
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://career-assistance.org/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame CC0E
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Content-Type
image/webp
font
c.bannerflow.net/fs/api/v2/ Frame CC0E
8 KB
9 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F560bd8d24d47fc28fc84259d%2F34270135-00c1-4a61-88c5-45e4f527aa4f.woff&t=%20%24%2C.015%3AACDEFGHIKMNRSTVXabcdefghiklmnoprstuvwxz%7C%C3%9F%C3%A4%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbc02266383e8d25b6a8cc4e9d33c87e0aaf18965fdec86d97008173c49f23a

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:20 GMT
cf-cache-status
HIT
server
cloudflare
age
113205
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=34270135-00c1-4a61-88c5-45e4f527aa4f-subset.woff
cf-ray
63cfa3430cbf2b95-FRA
cf-request-id
0955a45dea00002b95262aa000000001
expires
Thu, 07 Apr 2022 17:05:35 GMT
font
c.bannerflow.net/fs/api/v2/ Frame CC0E
7 KB
7 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F560bd8d24d47fc28fc84259d%2F34467d9a-b412-4353-984f-b34c15f2df1c.woff&t=%20%25-.37ACDFGHKSUabdefgiklmnorstv%C2%A0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb25cee52584cc030f231156f4db072ec5680ac5dba1fe29f51ae7c755565de

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:20 GMT
cf-cache-status
HIT
server
cloudflare
age
113205
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=34467d9a-b412-4353-984f-b34c15f2df1c-subset.woff
cf-ray
63cfa3430cc12b95-FRA
cf-request-id
0955a45dea00002b952eb37000000001
expires
Thu, 07 Apr 2022 17:05:35 GMT
optimize
c.bannerflow.net/io/api/image/ Frame DDF8
208 B
294 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2F93fef7c3-ffaf-45a6-8418-fdafa20c7799.png&w=13&h=12&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ad9cfb927fab49bdf7b66b725a1f65c4effb48dbd9d0a7f4c483edd2a82354

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:21 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
26672
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
63cfa3446b304e0d-FRA
content-length
208
cf-request-id
0955a45ec300004e0d96b21000000001
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame DDF8
190 B
281 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2F93fef7c3-ffaf-45a6-8418-fdafa20c7799.png&w=12&h=12&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc659fa86b72f1b72e3b158c031aa1fdceaf7c14824bc5dd87331c5d9019926

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:21 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
26672
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
63cfa3446b324e0d-FRA
content-length
190
cf-request-id
0955a45ec300004e0dbc282000000001
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame DDF8
12 KB
12 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2Fbd038b86-adff-4382-83f7-3a5e61a783ec.png&w=311&h=231&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33fb7cb72d25a25211a8ba449bb30b998b577d39939f583b765d0745a59e12d1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:21 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
27516
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
63cfa3446b354e0d-FRA
content-length
12020
cf-request-id
0955a45ec300004e0df30f9000000001
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame DDF8
2 KB
2 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2F0f7d384c-494d-4b00-b910-80b6777b7929.png&w=132&h=101&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e58673d51613d17e9cff942a292face4e268e841809201f07c8c34a86c5143

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:32:21 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
27516
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
63cfa3449b644e0d-FRA
content-length
1854
cf-request-id
0955a45edb00004e0d99bd7000000001
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
pixel
c.bannerflow.net/tr/v2/ Frame CC0E
0
187 B
Other
General
Full URL
https://c.bannerflow.net/tr/v2/pixel
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/606de563b3521e8b1b19f4f5?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvApYrYuXX9QiLrt96DosBAvhILpfD-7mSviQ30d80v6PN1wgkCnuJJh2x_DVJLiWSWXhNu53_4lRn8Am_RYGjXvV0AHdSNi2UEu6jAT3ADTyBrDIDmnKOrXaS_6Zbn8sUHn48YcQqfUXTZbPGNrRVowPeAzsbkznxvSMdVFUPS38DAh3krqHMrnTtvcMWwF3mxM6o0Urgz9BaGgZNFQhprG07OsY_0WkkRFOQWv5mPU6KhoKhSIgPxo-LN0qBDnvrMj3r_LzMTGEe86MTtuL_2eVI3yaGBP6_IMaKGfwMQG536J04zsgiJ5CT0ucepGOuGqCgeotMGX0JapLHjyaxlPg4vxd9EaVvnCmTSCWjUxGbnJ8V462kXuN2ng0OE8sIFsSTKpn6E2CTZRqIfnSqq0eebZDyhMIPBnHRPzMxirhxbeRMGCQ3vHpLqHsZDMW1qn0dZmRMMnpErMSF7_wyT2HS4OoYSkv4eBwqwpdTc98a1s_Hy1SnAjq7V8n4FZAyPYoCutAObieUdFlbMsgv9aA-mFCRSqFqI8jMHYOm5nrETA2qX5tGGOzNdNDhxFsZU5jjPJyeESLjIdvOzMNG3ZwyUi5IavDBNcmWa7TjNH-FUcA-uyGvM2rMjPxUpwhG7Xe7gzsKrp3aP_CIMNGUa9C1EmY61sqUwemD_rcQjUpcRYvBL9xhKC-v3cLIJwfE01OTctPxRX-SVIKBQSGguIwLCfqdS99r_RiPmvjujij16suRWB0bRB7wH2NE6pUKLEP2cqqNz2aOKt-3vjd98E4VifOG5wCJqZ4M-IILojNrVJWr3aJuLZik6VjGBF25sFWjYgs63S9CO3N6neFEv5RFHVLIF3miGDNY40K7mCa3kZxtwc9ZqS5jOhJsoIsRglIic9MqYlOZ8Z1Axio2oZ0sEhsl0OIZZTYfedqO6FhbjLBM9ntZwkfl9vppPSqa4OOqN978SC7KrZEHw0J7fiJELLG074l4IBVeCeOKVGyigoO38%26sig%3DCg0ArKJSzHPfDjgggLlqEAE%26urlfix%3D1%26rm_eid%3D4192616%26adurl%3Dhttps%253A%252F%252Fwww.cmcmarkets.com%252Fde-de%252Flp%252Ffixekommissionen%253Fdclid%253D%2525edclid!%2526utm_source%253Dgdn%2526utm_medium%253Ddisplay%2526utm_term%253Dprogrammatic%2526utm_campaign%253Dde-prospecting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 09 Apr 2021 00:32:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
63cfa344bb824e0d-FRA
content-length
0
cf-request-id
0955a45eee00004e0dc5873000000001
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
dc_oe=ChMI_pbo3_Tv7wIVmoveCh0v-QmFEAEYACCpu4VH;met=1;&timestamp=1617928350691;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C24E
42 B
498 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_pbo3_Tv7wIVmoveCh0v-QmFEAEYACCpu4VH;met=1;&timestamp=1617928350691;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 00:32:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| advanced_ads_ready object| adsbygoogle object| _taboola number| rnd number| pid399494 number| plc399494 string| abkw string| absrc function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| TRC object| _tblConsole undefined| msg object| _comscore number| pid399495 number| plc399495 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| udm_ object| ns_p object| COMSCORE function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| pid423926 number| plc423926 number| pid399496 number| plc399496 number| pid428305 number| plc428305 number| pid424171 number| plc424171 number| pid428307 number| plc428307 number| google_lpabyc function| gtag object| dataLayer function| jquery function| jQuery function| $ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnQI3f1q8vcQgt9hNiDba_1GB7tEIZsh_nnsYcKGrNCqc495yFvItoy4dcT7_Q
.career-assistance.org/ Name: _gid
Value: GA1.2.245701074.1617928340
.career-assistance.org/ Name: _gat_gtag_UA_148707727_1
Value: 1
.career-assistance.org/ Name: _ga
Value: GA1.2.640306074.1617928339
.career-assistance.org/ Name: __gads
Value: ID=393c8a56807dd311-226595a6ffba009e:T=1617928339:RT=1617928339:S=ALNI_MbSXFE0GjGEoTa0k3Ca-YTPSphkLQ
career-assistance.org/ Name: PHPSESSID
Value: hovki3nv1n4f0i99fma7achb02

1 Console Messages

Source Level URL
Text
console-api warning URL: https://secureanalytic.com/scripts/push/script/z0gr1nodx9?url=career-assistance.org(Line 1)
Message:
Push messaging is not supported

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.direct-market.com
bestcareerinfo.com
c.bannerflow.net
career-assistance.org
cdn.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
event.smpush.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
info.career-assistance.org
mailer.mailer-unemploymentclaims.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
sb.scorecardresearch.com
secureanalytic.com
servedbyadbutler.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
unemploymentclaims.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.111.238.139
116.202.46.88
142.250.185.130
142.250.185.162
142.250.185.66
144.217.108.245
185.64.190.78
199.232.137.44
2.18.234.21
2606:4700:3030::ac43:c831
2606:4700::6810:d40
2606:4700::6812:acf
2606:4700:e0::ac40:6d10
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:808::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
3.120.24.152
3.23.162.14
35.186.253.211
35.244.174.68
52.218.196.139
52.40.196.31
52.5.128.167
52.89.11.50
69.173.144.165
02ad9cfb927fab49bdf7b66b725a1f65c4effb48dbd9d0a7f4c483edd2a82354
0326ce90b5c9190487e27bf626c458c3fc90a9e9f5864b4d4e1f9ae18ead8baf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
0ec8c4e6fe6bebadc1d56985be2a5abb5a0a3569ac5f6f1c3edf2272b9074da5
11e9c1ee2ce118b85f2e69e9dbf5ae05859f187c3d7ff9975b3705e40231be77
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e58673d51613d17e9cff942a292face4e268e841809201f07c8c34a86c5143
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
18c4ce27729f4613409d59fd8892bbe45fce745d055dbe5818a781697d7e3604
1b9ca40006f602db21d8c8d3b5a7ebef00530a16af0f6744dc578141f2c11f7c
298e10f00cd85008fa34904d721247e5df017c80f9e0de2d96e661537b711e1c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bbcab2afd9060508c78b929877cc16bc61b2e9f8926644791797d79c31b7270
2dc4c088d91f1dcbde2840ebfd2bb0e34b7f7226bbd96fb15f78d9567c6be4f1
33fb7cb72d25a25211a8ba449bb30b998b577d39939f583b765d0745a59e12d1
3463e40c26e34421661adb500b84f5ded6d7f6aa46e7c8a7169793bc4f093f8d
35406a4de3b803cce2ad04629a7784b4b899397ba069535b0f6cc9bddc8b37a4
3dc659fa86b72f1b72e3b158c031aa1fdceaf7c14824bc5dd87331c5d9019926
46ad015138245e96627020c6f97d5ecf8c0ea9ddc58f5e3458a66390cb4fb4bf
46de154c0f8957ec732dd72b811a2c77a966f5d4c3d92974e427b5732179ff0a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4bb25cee52584cc030f231156f4db072ec5680ac5dba1fe29f51ae7c755565de
4ce7a5f117db17bca1b986cae4fa7f26ba48e8f57aa03e498bd2afa168a93278
4e50bba7f19996b5c54a6d7df5a82aa4001b45c85d165db3f5e094cb4ae4f79d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52786c86811c129ec151d880a742f4955bc63aea2f85fa641fa14c9bfb4b64ab
5998fe41433740fa2a1b330ab192a807e17b90d35c0a16f44f89c132ee0be31a
5c144185716935b49306c92e8db9d38f952c1e72cc461e9af63f4ffd3a74c5fe
6068bc400d961927d7312dbdaa75895571d4c1cca9b17d4224a1318777bdfbbb
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec7d61b6d2b29335b4c5e89c79bf88445210e346353fa28cdbde23592f68e6e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
735cd1bcef0572d335927c7e0fcfc0aef61742761cf0cd57e39df97b775e3bb8
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c7a26f51bbfcf7102b9957c3aef210088491784c13cf30e848be4ed3484e3f5
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d8954d30034cc91b28572289b43478e10982fa4149cc358456a2493c2b1d66
8c43b8c339b0cb5e2b7d5c5aad3a5707c4b20342fbf9fd29717c42442c97544b
924c4a89295112cc9bdd0fe61b8da36e260eb0dbc88f8102c8d7e907299629d1
95ff1ad4decf8d07bf149c9625f8e01a2c8cfebccac5e2b4e64482c92256047b
9668279270c48288a1de56fb52bd7729dfa17a066eba91e5b38036db92cdc65e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cbc02266383e8d25b6a8cc4e9d33c87e0aaf18965fdec86d97008173c49f23a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
b50775a86effc03381449c6753c834fe2ab4f4b85fdcd434b0063856612d2d03
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973
c2b802b44819289fdb059a102d74115535379bee52041fa52583dbab4e3282b7
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6b53ff2edb8bb9fcebf078c54383b394a32f5b5cf8d696025dff7cfef4984cc
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
d069d5c57b7a17840ee989800fe21e757f46fffa65e0cf215ccb83e49a5d8b8a
d6edb3a76c5cdab66058d4faee40b0aa315d5fb52c5dd15423b27f4445ad5267
d82b648cf8307451e6631c318f0a101f457ce6b408be114b9dfbe700f54a387c
d8d1c922a81a9d221d9143766faf73c2629c78811aa040c9492bb40eed192bac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaedd41765d335cf7c3fbf824b87f4f32fa6ac1b1c2a3d97575174f1775c6be1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fca6fd8c1d80efa604938e1b33cab2d12d1c447435cda3df3d285604ea417385