vetsbenefits.net Open in urlscan Pro
2606:4700:3030::6815:2267 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://vetsbenefits.net/
Submission: On February 10 via manual (February 10th 2024, 9:30:47 am UTC) from US — Scanned from DE

Summary HTTP 269 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 83 IPs in 8 countries across 55 domains to perform 269 HTTP transactions. The main IP is 2606:4700:3030::6815:2267, located in United States and belongs to CLOUDFLARENET, US. The main domain is vetsbenefits.net.

This is the only time vetsbenefits.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2606:4700:303... 2606:4700:3030::6815:2267	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
37	2606:4700:10:... 2606:4700:10::6814:2d0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:a600:12:7487:7980:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6814:2c0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.245.46.36 18.245.46.36	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4 19	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1 18	2606:4700:10:... 2606:4700:10::6814:d358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:264... 2600:9000:2644:5000:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2600:9000:267... 2600:9000:2670:1400:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.70.70.46 54.70.70.46	() ()
1	52.57.76.124 52.57.76.124	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:264... 2600:9000:2644:e800:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.245.31.35 18.245.31.35	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
9	18.245.47.29 18.245.47.29	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2.23.78.67 2.23.78.67	() ()
3	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:225... 2600:9000:225e:f000:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.35 13.32.99.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	54.76.95.112 54.76.95.112	() ()
2	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.162.236.57 35.162.236.57	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c04::54	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:7b5::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:480... 2a02:26f0:480:33::212:40d3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	173.0.146.6 173.0.146.6	() ()
1	96.46.186.186 96.46.186.186	() ()
2	2607:f8b0:400... 2607:f8b0:4007:818::2003	15169 (GOOGLE) (GOOGLE)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	108.128.175.244 108.128.175.244	16509 (AMAZON-02) (AMAZON-02)
1 2	2607:ae80:192... 2607:ae80:192:1::172	26558 (FREEWHEEL) (FREEWHEEL)
4	96.46.186.182 96.46.186.182	7979 (SERVERS-COM) (SERVERS-COM)
1 1	104.122.39.115 104.122.39.115	16625 (AKAMAI-AS) (AKAMAI-AS)
2	88.221.125.233 88.221.125.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1 1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	52.202.97.47 52.202.97.47	14618 (AMAZON-AES) (AMAZON-AES)
2 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.14.232.75 52.14.232.75	16509 (AMAZON-02) (AMAZON-02)
2	46.228.174.115 46.228.174.115	() ()
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2606:4700:10:... 2606:4700:10::ac43:4e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2602:803:c003... 2602:803:c003:200::91	26667 (RUBICONPR...) (RUBICONPROJECT)
2	89.149.192.240 89.149.192.240	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3	162.19.138.118 162.19.138.118	() ()
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.251.227.26 34.251.227.26	16509 (AMAZON-02) (AMAZON-02)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
269	83

19 2606:4700:3030::6815:2267 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vetsbenefits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700:10::6814:2d0a (United States)

ASN13335 (CLOUDFLARENET, US)

groups.tapatalk-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:a600:12:7487:7980:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pbxai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

fdyn.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:2c0a (United States)

ASN13335 (CLOUDFLARENET, US)

header.tapatalk-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-36.fra56.r.cloudfront.net

scripts.kiosked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 108.138.6.136 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::6814:d358 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.tapatalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:5000:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2670:1400:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.70.70.46 (Boardman, United States)

ASN- ()
PTR: ec2-54-70-70-46.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.76.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-76-124.eu-central-1.compute.amazonaws.com

floor.pbxai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2644:e800:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-35.fra56.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.245.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-47-29.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4bd8 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.23.78.67 (Düsseldorf, Germany)

ASN- ()
PTR: a2-23-78-67.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:225e:f000:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.95.112 (Dublin, Ireland)

ASN- ()
PTR: ec2-54-76-95-112.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.23.194 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.162.236.57 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-236-57.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c04::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:7b5::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:33::212:40d3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.0.146.6 (United States)

ASN- ()

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.186.186 (United States)

ASN- ()

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4007:818::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.175.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-175-244.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:ae80:192:1::172 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.122.39.115 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-122-39-115.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.125.233 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-125-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.97.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-97-47.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.14.232.75 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-232-75.us-east-2.compute.amazonaws.com

rtb.gamoshi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN- ()

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:4e7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::91 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.149.192.240 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.118 (Frankfurt am Main, Germany)

ASN- ()
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.227.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-227-26.eu-west-1.compute.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	tapatalk-cdn.com groups.tapatalk-cdn.com — Cisco Umbrella Rank: 104516 header.tapatalk-cdn.com — Cisco Umbrella Rank: 621617	1 MB
33	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 302 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 606 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	393 KB
19	vetsbenefits.net 1 redirects vetsbenefits.net	264 KB
18	tapatalk.com 1 redirects www.tapatalk.com — Cisco Umbrella Rank: 262059	96 KB
14	avantisvideo.com cdn.avantisvideo.com — Cisco Umbrella Rank: 41675 static.avantisvideo.com — Cisco Umbrella Rank: 46474 events1.avantisvideo.com — Cisco Umbrella Rank: 60243 cdn1.avantisvideo.com — Cisco Umbrella Rank: 68893 avm.avantisvideo.com — Cisco Umbrella Rank: 42653	569 KB
12	aniview.com play.aniview.com — Cisco Umbrella Rank: 26165 player.aniview.com — Cisco Umbrella Rank: 2372 go1.aniview.com — Cisco Umbrella Rank: 5359 track1.aniview.com — Cisco Umbrella Rank: 2747 sync.aniview.com — Cisco Umbrella Rank: 1782	290 KB
10	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649 apis.google.com — Cisco Umbrella Rank: 115 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 23	193 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	154 KB
8	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 539 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 452 image6.pubmatic.com — Cisco Umbrella Rank: 826	12 KB
8	btloader.com 3 redirects btloader.com — Cisco Umbrella Rank: 851 api.btloader.com — Cisco Umbrella Rank: 942	38 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 ad.doubleclick.net — Cisco Umbrella Rank: 157	469 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	442 KB
6	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 963 eus.rubiconproject.com — Cisco Umbrella Rank: 604 fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 token.rubiconproject.com — Cisco Umbrella Rank: 474	13 KB
6	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 920	36 KB
6	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1116	140 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 684 gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 3029	8 KB
5	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 376 c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1804	480 B
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 854 id5-sync.com — Cisco Umbrella Rank: 419	78 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 472	384 KB
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 459 ib.adnxs.com — Cisco Umbrella Rank: 252	4 KB
4	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 898	2 KB
3	openx.net u.openx.net — Cisco Umbrella Rank: 692 rtb.openx.net — Cisco Umbrella Rank: 651	854 B
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1664 a.ad.gt — Cisco Umbrella Rank: 1829	5 KB
3	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1802	29 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1228 syndication.twitter.com — Cisco Umbrella Rank: 1561	132 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 667	60 KB
2	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1678	674 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 809	205 B
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 570	1 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114	14 KB
2	facebook.net www.facebook.net Failed connect.facebook.net — Cisco Umbrella Rank: 171	88 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2173 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 4344 api.rlcdn.com — Cisco Umbrella Rank: 1091	35 KB
2	kiosked.com scripts.kiosked.com — Cisco Umbrella Rank: 40952	359 KB
2	pubwise.io fdyn.pubwise.io — Cisco Umbrella Rank: 43167	174 KB
2	pbxai.com cdn.pbxai.com — Cisco Umbrella Rank: 13353 floor.pbxai.com — Cisco Umbrella Rank: 12584	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	59 KB
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 1679	409 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 932	275 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2393	462 B
1	aaxads.com 1 redirects c.aaxads.com — Cisco Umbrella Rank: 4845	233 B
1	gamoshi.io rtb.gamoshi.io — Cisco Umbrella Rank: 7365	473 B
1	disqus.com ssp.disqus.com — Cisco Umbrella Rank: 1409
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 549	243 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 758	291 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 687
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 702
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 321	17 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102
1	browsiprod.com events.browsiprod.com — Cisco Umbrella Rank: 6943	101 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	2 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1810	628 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	82 KB
0	cloudfront.net Failed d31qbv1cthcecs.cloudfront.net Failed
269	55

	Domain	Requested by
37	groups.tapatalk-cdn.com	vetsbenefits.net
19	c.amazon-adsystem.com	4 redirects vetsbenefits.net c.amazon-adsystem.com cdn.avantisvideo.com blank
19	vetsbenefits.net	1 redirects vetsbenefits.net
18	www.tapatalk.com	1 redirects vetsbenefits.net www.tapatalk.com
9	aax.amazon-adsystem.com	c.amazon-adsystem.com
9	cdnjs.cloudflare.com	vetsbenefits.net cdnjs.cloudflare.com
6	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
6	secure.cdn.fastclick.net	vetsbenefits.net secure.cdn.fastclick.net
6	securepubads.g.doubleclick.net	www.googletagservices.com vetsbenefits.net securepubads.g.doubleclick.net
5	hbopenbid.pubmatic.com	player.aniview.com scripts.kiosked.com
5	player.aniview.com	cdn.avantisvideo.com player.aniview.com
5	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
4	c2shb.pubgw.yahoo.com	scripts.kiosked.com
4	sync.aniview.com	player.aniview.com
4	ad-delivery.net	vetsbenefits.net c.aaxads.com
4	api.btloader.com	1 redirects btloader.com c.aaxads.com
4	btloader.com	2 redirects vetsbenefits.net
4	cdn.avantisvideo.com	vetsbenefits.net cdn.avantisvideo.com
3	accounts.google.com	apis.google.com vetsbenefits.net www.gstatic.com
3	bcp.crwdcntrl.net	tags.crwdcntrl.net
3	fonts.gstatic.com	vetsbenefits.net fonts.googleapis.com
3	apis.google.com	www.tapatalk.com apis.google.com
3	cdn.id5-sync.com	vetsbenefits.net
3	cdn.hadronid.net	vetsbenefits.net
3	tags.crwdcntrl.net	vetsbenefits.net
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	fonts.googleapis.com	vetsbenefits.net www.tapatalk.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	scripts.kiosked.com static.criteo.net
2	id5-sync.com	player.aniview.com
2	rtb.openx.net	scripts.kiosked.com
2	prg.smartadserver.com	scripts.kiosked.com
2	ib.adnxs.com	scripts.kiosked.com
2	fastlane.rubiconproject.com	scripts.kiosked.com
2	bidder.criteo.com	scripts.kiosked.com
2	targeting.unrulymedia.com	player.aniview.com
2	secure.adnxs.com	2 redirects
2	ads.pubmatic.com	player.aniview.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	ads.stickyadstv.com	1 redirects player.aniview.com
2	csi.gstatic.com	imasdk.googleapis.com
2	pagead2.googlesyndication.com	imasdk.googleapis.com
2	imasdk.googleapis.com	cdn.avantisvideo.com imasdk.googleapis.com
2	connect.facebook.net	www.tapatalk.com connect.facebook.net
2	www.gstatic.com	www.google.com accounts.google.com
2	ad.doubleclick.net	vetsbenefits.net c.aaxads.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	events1.avantisvideo.com	vetsbenefits.net
2	platform.twitter.com	vetsbenefits.net platform.twitter.com
2	scripts.kiosked.com	vetsbenefits.net
2	header.tapatalk-cdn.com	vetsbenefits.net
2	fdyn.pubwise.io	vetsbenefits.net
2	www.googletagservices.com	vetsbenefits.net
1	mug.criteo.com
1	hb.yellowblue.io	cdn.avantisvideo.com
1	lb.eu-1-id5-sync.com	player.aniview.com
1	api.rlcdn.com	player.aniview.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	c.aaxads.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	rtb.gamoshi.io	player.aniview.com
1	ssp.disqus.com	player.aniview.com
1	ups.analytics.yahoo.com	player.aniview.com
1	u.openx.net	player.aniview.com
1	sync.1rx.io	1 redirects
1	prebid.a-mo.net	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ap.lijit.com	player.aniview.com
1	onetag-sys.com	player.aniview.com
1	track1.aniview.com
1	go1.aniview.com	player.aniview.com
1	s0.2mdn.net	imasdk.googleapis.com
1	play.aniview.com	cdn.avantisvideo.com
1	cdn.jsdelivr.net	cdn.avantisvideo.com
1	www.facebook.com	connect.facebook.net
1	a.ad.gt	cdn.hadronid.net
1	events.browsiprod.com	cdn.avantisvideo.com
1	www.google-analytics.com	www.tapatalk.com
1	www.google.com	www.tapatalk.com
1	syndication.twitter.com	platform.twitter.com
1	lh3.googleusercontent.com	vetsbenefits.net
1	geo.privacymanager.io	ats.rlcdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ats.rlcdn.com	vetsbenefits.net
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	floor.pbxai.com	fdyn.pubwise.io
1	static.avantisvideo.com	cdn.avantisvideo.com
1	www.googletagmanager.com	vetsbenefits.net
1	cdn.pbxai.com	vetsbenefits.net
0	d31qbv1cthcecs.cloudfront.net Failed	www.tapatalk.com
0	www.facebook.net Failed	vetsbenefits.net
269	92

This site contains links to these domains. Also see Links.

Domain
www.tapatalk.com
www.facebook.com
www.toysfortots.org
itunes.apple.com
play.google.com
www.linkedin.com
www.crunchbase.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
vetsbenefits.net E1	`2024-01-05` - `2024-04-04`	3 months	crt.sh
groups.tapatalk-cdn.com Cloudflare Inc ECC CA-3	`2023-03-22` - `2024-03-20`	a year	crt.sh
cdn.pbxai.com Amazon RSA 2048 M02	`2023-12-15` - `2025-01-12`	a year	crt.sh
fdyn.pubwise.io GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-12` - `2024-09-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.avantisvideo.com Amazon RSA 2048 M01	`2023-09-23` - `2024-10-21`	a year	crt.sh
floor.pbxai.com Amazon RSA 2048 M03	`2023-08-07` - `2024-09-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
id.hadron.ad.gt E1	`2024-01-27` - `2024-04-26`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-02-06` - `2024-05-06`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.gobrowsi.com Amazon RSA 2048 M02	`2023-12-20` - `2025-01-16`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-11` - `2024-09-11`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
ssp.disqus.com Amazon RSA 2048 M03	`2023-10-21` - `2024-11-17`	a year	crt.sh
*.gamoshi.io Amazon RSA 2048 M01	`2023-05-17` - `2024-06-14`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-17` - `2024-04-10`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh

This page contains 29 frames:

Primary Page: http://vetsbenefits.net/
Frame ID: 48171A1D09B242FBEEFFF1CE30CB7E2B
Requests: 138 HTTP requests in this frame

Frame: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Frame ID: 2B5973FF1258D3FA6EACE91D12232D71
Requests: 27 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 4A77C35FA39E2979EA451DB2E1702F9C
Requests: 2 HTTP requests in this frame

Frame: http://vetsbenefits.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 6872DAFD03ABF0EE43EA3B8449A8B8C6
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fvetsbenefits.net
Frame ID: DE51E116F1A7E469C98FFD1856652981
Requests: 2 HTTP requests in this frame

Frame: https://www.tapatalk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 39ABF27B301E138C8AD0C8300B808E47
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: B6BA57955363D97A3E7001E1278CB51B
Requests: 4 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 468DC9DA2D454789E71C3432991160B7
Requests: 18 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Frame ID: AAA433A88CD63AE2729B32E6E35218C7
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C06547E9843C77C7F41669F7DCADA28D
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Frame ID: A5FBA58DD7F50588AF1FBC7E16D0FE2F
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: E83239196568E9F7F8994AD053BDD80A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D18%26key%3D%24UID
Frame ID: 3FDF96952A2B93474AAF4405E187556A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=9cd0ce424c613c0f129aaae67ce57&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 714C2A2C368FEC21ABB210C521BA6154
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 65C1CE080116B2B0DB3F1CFF1A90E4F8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: D24F701E39A6877C9E7A8832507F28E0
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Frame ID: 25A2AD47001E35435D3430A5335B91E1
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=200&key=OPTOUT
Frame ID: 84129AEFE256410FC189164593E346AA
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D23%26key%3D
Frame ID: D4F04CA7D07FE929395B95A1AD141377
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D1%26key%3D
Frame ID: 9D49437E2537C6F2130A42E46CB1B5E5
Requests: 2 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=&gpp=&gpp_sid=
Frame ID: 8B086D966FD55CBF4681A466753385AA
Requests: 1 HTTP requests in this frame

Frame: https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D52%26key%3DBUYERUID
Frame ID: 979DF3703DBD6EF508EC2952915D6A35
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=55&key=7302052777624869392
Frame ID: 9B2888CF81997EE59F0564558114DA5A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gamoshi.io/user_sync?bidder=&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D71%26pid%3D59c9148628a0612da3689288%26key%3D%5Bgusr%5D
Frame ID: 3E751265FA234C4200FE629CF9B51A57
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 09970E7FEA1D6BD4DFA72EA3FD6E40E9
Requests: 24 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: A368EFC621B4EEF6F1837670AB573342
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C44A1E144D835AF53E546AE144ED97EB
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vetsbenefits.net
Frame ID: 15F426792E3F03FB2ADA7CD2A8E5A5AC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 89AEC69CC0624FFCB11224A25AA7FD37
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Veterans Benefits Network - Vets Helping Vets Since 2002

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

269
Requests

89 %
HTTPS

51 %
IPv6

55
Domains

92
Subdomains

83
IPs

8
Countries

5973 kB
Transfer

16291 kB
Size

37
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tapatalk.com/privacy_policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/
Title: HOME

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VetsVBN

Search URL Search Domain Scan URL

URL: https://www.toysfortots.org/Default.aspx
Title: USMC Toys For Tots

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/id307880732?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.quoord.tapatalkpro.activity

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/tapatalk_groups
Title: Tapatalk Groups

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/tapatalk_mobile
Title: Tapatalk Mobile App

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/groups/tapatalksupport
Title: Support Forum

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/security.php
Title: Submit Security Incident

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/quoord-systems-limited/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.crunchbase.com/organization/tapatalk
Title: Crunchbase

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/privacy_shield
Title: Privacy Shield

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/terms_of_use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/code_conduct
Title: Code of Conduct

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/end_user_license_agreement
Title: End-User License Agreement

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/forum_owner_license_agreement
Title: Site Owner License Agreement

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/api-tos.php
Title: Tapatalk API Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://c.amazon-adsystem.com/aax2/apstag.js

Request Chain 88

http://connect.facebook.net/en_UK/all.js?_=1707557441525 HTTP 307
https://connect.facebook.net/en_UK/all.js?_=1707557441525 HTTP 302
https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_UK%2Fall.js%3F_%3D1707557441525

Request Chain 89

http://btloader.com/tag?o=5764509824188416&upapi=true HTTP 301
https://btloader.com/tag?o=5764509824188416&upapi=true

Request Chain 90

http://vetsbenefits.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
http://vetsbenefits.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Request Chain 95

http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 137

https://www.tapatalk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.tapatalk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Request Chain 168

http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 188

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=9cd0ce424c613c0f129aaae67ce57&_fw_gdpr=1&_fw_gdpr_consent=

Request Chain 190

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 191

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1

Request Chain 192

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=200&key=OPTOUT

Request Chain 197

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1707557444172-172028141088-000154-000-008494%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=55&key=7302052777624869392

Request Chain 202

http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://c.amazon-adsystem.com/aax2/apstag.js

Request Chain 218

https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=vetsbenefits.net&ver=1.2 HTTP 302
https://btloader.com/tag?aax_id=AAX413QP4&domain=vetsbenefits.net&ver=1.2&upapi=true HTTP 302
https://btloader.com/tag?o=5080945107927040&domain=vetsbenefits.net&upapi=true

Request Chain 222

http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 237

https://api.btloader.com/websiteconfig?o=5080945107927040&w=vetsbenefits.net HTTP 302
https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=vetsbenefits.net

Request Chain 249

http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://c.amazon-adsystem.com/aax2/apstag.js

Request Chain 268

http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://c.amazon-adsystem.com/aax2/apstag.js

Request Chain 272

https://gum.criteo.com/sid/json?origin=publishertag&domain=vetsbenefits.net&sn=ChromeSyncframe&so=0&topUrl=vetsbenefits.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cv1V73x6ejRJWGYyczBGZCsybjlwdDEvdnY0dURYSStLRHJsekRVR24vVVBKS1FZSHN1aDVMUVphbG5mbUg5Z3BPNUNJY1plS09TbDBMQUM5WnNyRGFYTUNVaGlvSFJ2Y1J4dUdzeXhtZXprNWNiUm9Gb2pxR2JyRXVUSGJPY3Qwbkg0NEp5SlYveHZQcm56NHBaY3B6MFVkWFZQc2xZM2xrVlVvdXRJSWFRQ21rcmFmbWRTcGxTQVp4Q2dMSWxReFZJMmcvcGx1R3kxcC8rU0RFdTNnL20rbTNEODJ5dVVMUEwyc1FIUmw0Rkk4V0ExU2VpQzBqTEVuYzBnNzdDS0R5QnpzcEk4RzZPZU1xRDl6T2V6ZUlwRXZNSW1RWTR3NW9wcXE2SG1TQTdrQ3Fncz18&cppv=2

269 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
vetsbenefits.net/ 129 KB
24 KB 479ms
450ms Document
text/html 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vetsbenefits.net/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e228e9e6976b8d9ba5a4276d8658e3f80865d35196fed37ac1e4817b89d9bd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 853355b058989193-FRA
Cache-Control: private, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 10 Feb 2024 09:30:40 GMT
Expires: Sat, 10 Feb 2024 09:30:40 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o51NDDYt1Maia%2FOq2ine8Bqs0pxSNaf2%2FXFNM8H7YVPZ31bbv%2BTh3s0HMocK3PvWN2VkAzYpCE0Lrp8dWMlMBjxcXmcREnP%2Fb4k6PZA%2FUlemer17ItuuMyR9%2BpJpvQFaaBC%2FGNAE%2Fy6pX25CC0xG"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK css
fonts.googleapis.com/ 35 KB
3 KB 40ms
20ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto|Roboto+Mono|Google+Sans:%20400,500,600,700|Material+Icons|Google+Sans+Display

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bc1a478cf0ea3a9fc2bb9cb3300a4c8de3ef63a712da62a8222d9bcf298ecf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sat, 10 Feb 2024 09:30:40 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 10 Feb 2024 09:30:40 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 44ms
21ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 720989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIoY%2Ff9SHN1C%2FKZXqCVwjkrRjDyut45pFxEaQ2My3lJesL1omtVYUnEIH44%2BKjzjlJbNGwk9lN7mljBBaxybiNyccXCLkdUPJyriXh1hHXG0xDxz6q0U2b4EaPu0Q1TiuhCMxecvKRQJD7Vc%2FjT5RdyI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853355b35d2b2c29-FRA
expires: Thu, 30 Jan 2025 09:30:40 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.0/ 94 KB
30 KB 41ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6335484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30024
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1787d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmWy2lw%2Fd%2FnIrvAoZCfOu%2Bdk8wqFhj9PEVqjwtAsLbvwcMN15uUSUlyhRBstuf26Cd%2BeOVSQgA1oBE1CQJeF8ZfJ99CHZ6SyDYXW4bsaerJrmFFvOTVYNPZCnH3DbFou7I8pU1IU5KrP6o2KatXzESD3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853355b35d2e2c29-FRA
expires: Thu, 30 Jan 2025 09:30:40 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
30 KB 126ms
48ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66668842e6a5a69c0772c108de441eb4c1034cf78841f7d85283b57f5f2da456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29808
x-xss-protection: 0
server: cafe
etag: 275 / 19763 / m202402060101 / config-hash: 3544666277437429358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 09:30:40 GMT

GET
H2 200 customAdsConfig.js Show response
vetsbenefits.net/assets/javascript/ 2 KB
1012 B 244ms
218ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/assets/javascript/customAdsConfig.js?v=18
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d90bd9eeac89130a445d8b701e6051963c91c94ca083fcfcbc6ba33201962a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Mar 2023 16:23:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64246617-997"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8g9d3KQNJH5yjzmv9zsLWkbrMwERZ5PBe9vE%2FpqJ9URsYQVj%2BDydm%2FnYNCXMZwZKOivUKHIQsUU23ZwGFl%2FXT3dWaNHpMDlHIC8sucbKvOFi9pssMOpRqDAWCuerT711d49%2FsYLkM24p9nL3GAz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b36c223a73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 default_variable.js Show response
vetsbenefits.net/assets/javascript/ 5 KB
2 KB 246ms
220ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/assets/javascript/default_variable.js?v=6
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 804af38b9c4c400175da0fe7a4e8176ee4c15386f4577d61db58078a9023e698

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 29 Jan 2022 09:58:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61f50fa9-143a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qG7ps2iCYXdd6nNie3apOjp4sNgyv1Sbzlc8RtZygvP1pqG1RbcQtvDvs%2BLDwuizPbr9xQXshpoosrZZHfBKdhOl1ZxMSksqY%2FKUW%2BLjfg6akDnnBgSmyZiRum4zMrFjBueuSheuT5AG6iOe0Tby"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b36c1f3a73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 functions.js Show response
vetsbenefits.net/assets/javascript/ 3 KB
2 KB 237ms
211ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/assets/javascript/functions.js?v=1.0
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6fc320fec7d2c5aff040c91ed4463d42a5d9bedd6a332baf9a36c5bf60fcfee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 17 Mar 2020 02:19:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e7033ae-d74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka8CQMQ12Fr%2BHgbRT%2FL0KoTGRu0oYr5x52HPZOMKfjr4wf3YJ%2FHUcjpdAZFElH%2FiC072F2YyCAK%2FCq%2FyJNSwBh6kRxLQKpmlL8%2BTpy9oxO1rx63Z7ZJG2YsGf6M9wDsIBtGqeg%2F7idZb9lg3Pq%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b36c213a73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 en.js Show response
groups.tapatalk-cdn.com/language/default/ 2 KB
938 B 76ms
39ms Script
text/plain 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://groups.tapatalk-cdn.com/language/default/en.js?v=1682530716
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ea4afa041c55c0384b6c14446512cb6fd9c4689ec4e7be919406530f868b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 17:38:36 GMT
server: cloudflare
age: 495
etag: W/"315c3c2e33f867ec339d76b6a15c01cb"
vary: Accept-Encoding
content-type: text/plain
cache-control: max-age=31536000
cf-ray: 853355b379d565c6-FRA

GET
H3 200 check.js Show response
vetsbenefits.net/assets/javascript/ 15 KB
5 KB 216ms
215ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/assets/javascript/check.js?v=1.6
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce260c06792b23a4097e058e3abfda42b815b57a65ad4bcf33881c5bc94b0f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 17 Mar 2020 02:19:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e7033ad-3b20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRITB3n0Ch6vKNYJjN%2BC4nvwvPtgPQ1YS%2F%2F1ZPKRVQ8C6WaFsBLCjXp2zkDwwldeMJB7j9JJy8le%2B%2BnOkPsgtIJFiohRZ2vIwW2TLjGEp8%2BFcEeBm7Mi%2BJuKwZbY3pi%2BXIOBATKQwgoyxWMoj%2Bee"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b988602c5e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adshelperpubwise.js Show response
vetsbenefits.net/assets/javascript/ 90 KB
12 KB 437ms
412ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/assets/javascript/adshelperpubwise.js?assets_version=356
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad260e6c5ca4f4deb663ae9d89f5247b52d4bb96c108e435a11cef6ae9c2923

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 17:54:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ba895b-168b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbN2tRnvL%2BQNN4tf8KGZtWO84BhoPEyn%2B0I1T%2F6sUUtL7yy5AbnJwjifKjl8ostdyxyVcRXGllpDu%2FEziEs4%2Bp%2FpD%2FdZ0ofdxhfGHGuNrN7VYNyk5luX5u7%2BT7FiqQ4524xey%2B5Qfq3jEeWi99q9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b36c1e3a73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 734de3ba-6ab2-4834-afcf-01dd1534f3ec.js Show response
cdn.pbxai.com/ 6 KB
2 KB 85ms
11ms Script
application/javascript 2600:9000:211e:a600:12:7487:7980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbxai.com/734de3ba-6ab2-4834-afcf-01dd1534f3ec.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a600:12:7487:7980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e50289ec3c68f4e983c1af573cf2b50e4f55bfdecb7a90699750c3f6dbd6a6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:15:24 GMT
x-amz-version-id: KdT1qEQXffGqqdJrqeUBUZNz7KRIb5Z2
content-encoding: br
last-modified: Thu, 13 Jul 2023 11:35:38 GMT
server: AmazonS3
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"7ec064dd27f29088e495c5e47cc0348c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 11717
cache-control: max-age=3600
x-amz-cf-id: Ro6tpAuAZjXV5XIr0FwbpvIHOLUyQlNycE4mbr-IQIznHACQ64sbiw==

GET
H2 200 pre_pws.js Show response
fdyn.pubwise.io/script/fd214620-ffba-486b-b852-91de693c4a85/v3/dyn/ 520 B
610 B 58ms
16ms Script
text/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fdyn.pubwise.io/script/fd214620-ffba-486b-b852-91de693c4a85/v3/dyn/pre_pws.js?type=support
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0adf7db5a4e951f5c6e295cb11ede6d3a46b1b3b65b0a4cda91dfea4f748c0ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: gzip
age: 1464
x-cache: HIT, HIT
x-goog-meta-surrogate-key: bef0645822ec6865aa473badff31de14 bfb208e51d1babde4353c71f89b5ea20
content-length: 300
x-pw-gzip: 1
last-modified: Thu, 13 Jul 2023 20:04:21 GMT
x-timer: S1707557441.559913,VS0,VE9
etag: "e098a392594500c0826eb74282072335"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=21600
accept-ranges: bytes
x-cache-hits: 27, 1

GET
H2 200 pws.js Show response
fdyn.pubwise.io/script/fd214620-ffba-486b-b852-91de693c4a85/v3/dyn/ 582 KB
173 KB 10ms
8ms Script
text/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fdyn.pubwise.io/script/fd214620-ffba-486b-b852-91de693c4a85/v3/dyn/pws.js?type=support
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 224b5d3adfc2542159a930ea44dc3094d7753560dfe0a8e0c3b0ed9dfd048796

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: gzip
age: 3941
x-cache: MISS, HIT
x-goog-meta-surrogate-key: bef0645822ec6865aa473badff31de14 9e665743fa6f0f87fd3c01010edf816e
content-length: 177034
x-pw-gzip: 1
last-modified: Thu, 13 Jul 2023 20:04:31 GMT
x-timer: S1707557442.522384,VS0,VE2
etag: "c933d4e4bcdc0215664e1420827376ed"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=21600
accept-ranges: bytes
x-pw-frac: 10
x-cache-hits: 0, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 95ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1H02GELQQB

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62531a87eb398f1f074796f001dd4a3ab25018a38b29576c595443cd5bdb1fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Feb 2024 09:30:41 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 41ms
22ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 207604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1541
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFXWlq0jHSu7lfu8QwTtQnqJ7lNkK8ltsTnKLXb5p9kG%2BHXW8mDCoNYV%2BX52E%2FxBlc2x5jY9CoLUDrlgyTAzPzMV%2BJ%2F%2BAy8rJmpGIHwu%2FoJutNZfXAtpINdlQQ0ryPfCvtMPyn2iigTSFMCzBlrcyiTl"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853355b35d292c29-FRA
expires: Thu, 30 Jan 2025 09:30:40 GMT

GET
H2 200 c1924176.jpeg
header.tapatalk-cdn.com/ 9 KB
10 KB 291ms
260ms Image
image/jpeg 2606:4700:10::6814:2c0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://header.tapatalk-cdn.com/c1924176.jpeg?v=1672856607
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:2c0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7464368e7d1ecdfae0f1f9c24e97e6ba58e476764ede5532f59eaa2814345a30

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
cf-cache-status: MISS
last-modified: Wed, 04 Jan 2023 18:23:27 GMT
server: cloudflare
x-amz-request-id: BJCQ0FXC5NBJF9T6
etag: "e8428fd9fde9838734beaeadb7338685"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b368861c30-FRA
content-length: 9722
x-amz-id-2: Xp3aFXv58CNbWsdNfAx01OwDrV3u1lx1DMzo5nUuOWPIQdzfBKJ1d8WOyECYdu79c6FzkT1IO9s=

GET
H2 200 no_avatar.png
groups.tapatalk-cdn.com/static/image/ 874 B
1016 B 30ms
28ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/no_avatar.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9689131173d43d55d787f8e29754b0c91c7da34ab138b5bc1aa5041288f6a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:09 GMT
server: cloudflare
age: 1860
cf-polished: origFmt=png, origSize=2318
etag: "911fb4ba78bf129f3bf352a2f55d7e4d"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="no_avatar.webp"
accept-ranges: bytes
cf-ray: 853355b98c0d65c6-FRA
content-length: 874

GET
H2 200 stylesheet-custom.css
vetsbenefits.net/styles/Tapatalk/theme/ 486 KB
130 KB 684ms
683ms Stylesheet
text/css 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/styles/Tapatalk/theme/stylesheet-custom.css?v=2024011901
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78d12c2aa30b4570b79a6bc28fcb6a3f6515049529e214d9bfc5898a986793f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 19 Jan 2024 20:36:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65aadd6b-7965f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=st0QJixygwBkwh4qlmPTkd%2Fmv1W%2BPlowq0i89aUeZDI5WqCLK%2BTPo17B52JA2mQJL186CoXNepY%2FGAKcYE5tkzPc0ib%2FBbGo8vYcglANVbZZqc0uhObKirmCSihXog9R2DX8JI5I1vCGfdjGNLE9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 853355b38c593a73-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 1f449.svg
cdnjs.cloudflare.com/ajax/libs/emojione/2.2.7/assets/svg/ 2 KB
976 B 91ms
91ms Image
image/svg+xml 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/emojione/2.2.7/assets/svg/1f449.svg

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fdc2c24fe99e041add7be38fdb7b69461c773154af6899b1958e1ede34a4c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 615
last-modified: Mon, 04 May 2020 16:09:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e53-756"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8dvZAFNFU0dNjNd5TPMp0QAq5TFXoqz2sl1b3pxfZmf8cxm0R4YHtnfEbiE7sNYv06BbDrZwjg9sJIeWGwZ5OpGYjA2sXTLos8EUg0f3yZQCvY91k8S1ZuSy4p%2BJuR0W1RNYj0HLJQK%2BuN4te%2F%2FZers"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853355b3cdd42c29-FRA
expires: Thu, 30 Jan 2025 09:30:40 GMT

GET
H3 200 1f448.svg
cdnjs.cloudflare.com/ajax/libs/emojione/2.2.7/assets/svg/ 2 KB
1 KB 300ms
300ms Image
image/svg+xml 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/emojione/2.2.7/assets/svg/1f448.svg

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6641befd0b9bf206398cb57c11093edc045cbc3d9ce536101c117eae26ae0f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 640
last-modified: Mon, 04 May 2020 16:09:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e53-74f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPmckEQ0fvG8%2BSaxKvL2HEwK%2F3EHnj0jj8VrHyua77DMOjosmmpVBQtDU7rTw8FR3v3TbQaLVXjavzTx%2BgXHoDabU55m%2BHkteVsEIteddeepP9D0eeHP45QDbwTf3QrqkEscOWjgjq2YCBxuLDXW8b8p"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853355b45aa6910c-FRA
expires: Thu, 30 Jan 2025 09:30:40 GMT

GET
H2 200 members-team.png
groups.tapatalk-cdn.com/static/image/ 824 B
1 KB 81ms
80ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/members-team.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaccf4b40a4872feaa4615a2efd90340b9be0fd64762984eba7441fa6cb14cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:09 GMT
server: cloudflare
cf-polished: origFmt=png, origSize=1010
etag: "203b551a5c39d06c3d71ed126d520476"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="members-team.webp"
accept-ranges: bytes
cf-ray: 853355b51c9065c6-FRA
content-length: 824

GET
H2 200 members-contact.png
groups.tapatalk-cdn.com/static/image/ 716 B
863 B 25ms
25ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/members-contact.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89efc39e57db6035c833e62d076a08745b4667834bd88e201681144ac5708f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:09 GMT
server: cloudflare
age: 1370
cf-polished: origFmt=png, origSize=950
etag: "add75036de51e7f4c9fb8064442c849f"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="members-contact.webp"
accept-ranges: bytes
cf-ray: 853355b59d4865c6-FRA
content-length: 716

GET
H2 200 donation_2x.png
groups.tapatalk-cdn.com/static/image/ 6 KB
6 KB 31ms
30ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/donation_2x.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09094c4775d55ac73048ca199cfa058ac343f9320e83bb9ed3e196131e6741f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:09 GMT
server: cloudflare
age: 112
cf-polished: origFmt=png, origSize=11336
etag: "7f5187c7669ad092635636c6f38bf493"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="donation_2x.webp"
accept-ranges: bytes
cf-ray: 853355b98c0f65c6-FRA
content-length: 5972

GET
H/1.1 200
OK email-decode.min.js Show response
vetsbenefits.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://vetsbenefits.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

HTTP/1.1

Server

2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Feb 2024 15:36:02 GMT
Server: cloudflare
ETag: W/"65bd0be2-4d7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9UPri4Ph6jRctlSkDBdYXCK7O5hlktRBpaG1axXIcaYWn0%2FyxjAOvdB555tcMbi%2BagpOcg6wuy8bYyAc1dPWr3OvrtRIBJeea8uVZTD2vVK%2F%2FyKP%2BcLTX%2FNsaH2cw7SUo8bK5tRshSXsKFCq1wx"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 853355b5c8959193-FRA
Expires: Mon, 12 Feb 2024 09:30:40 GMT

GET
H/1.1 200
OK kiosked-loader.js Show response
scripts.kiosked.com/loader/ 581 KB
179 KB 34ms
8ms Script
application/javascript 18.245.46.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: HTTP/1.1
Server: 18.245.46.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-36.fra56.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 2c05bfd857e468a34ce7085020a1658c69f14ece8fed4bdec53039ef593c20ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:23:27 GMT
Content-Encoding: gzip
Via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
Server: nginx/1.14.2
X-Amz-Cf-Pop: FRA56-P9
Age: 434
ETag: W/"2c05bfd857e468a34ce7085020a1658c69f14ece8fed4bdec53039ef593c20ed"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
P3P: CP="KIOSKED"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=1200
Connection: keep-alive
Timing-Allow-Origin: *
X-Amz-Cf-Id: tiVT5AoU3usyDzTFfknc917Kpsk5kyAPo6kf48YWA_fdxk-2V77DMg==

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.0/ 94 KB
30 KB 22ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1866499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30024
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1787d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2jjMiATkXsf6kOo4Np10%2FFFa4lHvN7FF7DljZQ4ByKtYuZNwLMlsbGZclAXWytq7oOHRAdWyyJKRkz3%2B09KglEM1EpfGvIKmVKsNBoxlYq89Co01ugg6zTlR9tTRal44Usak7RdKgHWT88ZEI%2F1AwWZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853355b5cc49910c-FRA
expires: Thu, 30 Jan 2025 09:30:40 GMT

GET
H2 200 ttg.min.js Show response
vetsbenefits.net/styles/Tapatalk/template/ 201 KB
53 KB 223ms
223ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/styles/Tapatalk/template/ttg.min.js?v=2024011901
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4664152e0011ccdf05e86d6d759db491cc6c0cd8cb5096134f2ce1eff53b6f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Jan 2024 09:34:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"659fb60e-32206"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7ncnk1V%2FWaeiVkwLdc3fqoJC0O%2FulRdwtCqKSRBltJ2Z%2B9DXpeZtc8ydiDzyggPNgrFFxC%2Brd4zykXKS1uzMwCm6RMGGGVDAUB4frL1Aiib9IeF3RiV3npoq25uKkSqbSD%2FpyGqTsiQaWZYt334"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b6084f3a73-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ajaxpagination.js Show response
vetsbenefits.net/styles/Tapatalk/template/ 26 KB
6 KB 219ms
219ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/styles/Tapatalk/template/ajaxpagination.js?v=2024011901
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6cbd54bcd68ae1b2ec8f8544982399e404a77488c8983055df3abb38c98e474

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 27 Oct 2023 18:05:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653bfbed-6821"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FBDyO%2BF8RKTuWmZwYZJetS07zIfPNDjkOMq30R%2BxPa%2BdE91tgRP6eJMl0kbaI0BJSS4vugAulW0IGy45ycMtQdi89tMmrO4FCP6Mi5Yy9hVFhL8HhLNx1YCtpOWmGqRLEXjR9ROXZQ%2FCKzIBklj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b63b422c5e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 moderate_tool.js Show response
vetsbenefits.net/styles/Tapatalk/template/ 60 KB
9 KB 235ms
235ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/styles/Tapatalk/template/moderate_tool.js?v=2024011901
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17da48c548b11732f608ff6e3a176fd0db75de64ea529050c67ba06e87e78a4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 10 Sep 2019 08:12:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d775b01-f1a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9oWXIc7s3hCq938y4LCON4fhlSjas8eI6ASgUt%2BT%2BAI6%2FLPafd2hO0WfrV1PTS1%2FQzQktbV5u%2B2fbpfAOHeUKM2DLEcaLG8%2Fw8S5j9OCje43Hk0UbQP4H7esRAR%2BX2cwWu98N1VVsax31j3xyjD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b78d182c5e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6236303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1399
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d41jPu22NmqA5O0t4QvtN3dXOom6hmbuomRbap%2Bq%2BUUUyM4Ki4XCMbn0FfOB47PRstHfguYcnRWtubi0qCZweuoAJSKWDgXldCahSuMsX9SqCoJb5%2BFpNFIWzTGZOmlQPiz3JzD3qeagcMjvg30Zxwlt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853355b79e5a910c-FRA
expires: Thu, 30 Jan 2025 09:30:41 GMT

GET
H3 200 payment_gold_point.js Show response
vetsbenefits.net/styles/Tapatalk/template/ 9 KB
3 KB 131ms
131ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/styles/Tapatalk/template/payment_gold_point.js?v=57
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3d4d2eb18517fb31fd998fe301a7bafa9b442f825271654b25c5b563e3c1e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Jul 2023 17:22:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64c1565a-23dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FjvZLYlbTn7TMtTRVfzAgBOH7gzduRlDKJOBKRi4bUxPNxsD%2FkS1ygeIGEWajXf%2BvGxyqV0TSn4eITkckR5luO1bIgv4iDTxQ%2F7dsBlQTFQ9pCmg6kqsA2k0io%2BL8RcbQRLlgxFJlS0LOy0iEzg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b7bd432c5e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 faceMocion.css
vetsbenefits.net/styles/Tapatalk/template/emotions/css/ 5 KB
2 KB 215ms
215ms Stylesheet
text/css 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/styles/Tapatalk/template/emotions/css/faceMocion.css?v=2024011901
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3fad9dfdd54970fe7da9b01b790bfc680ce300b3436b22653246cce867da24e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Mar 2023 16:23:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64246617-15cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epPBgvHcJ0oyAk9KWkm2O9x3zEER3ZVr9D%2BxpQ8tFvu%2F0mp%2BLWn1j1rhL8ukSIPTEAolKZUd5GQThdStXdUO9mXIdedKvGEdUoNxIDPdc2xhw34XvcUey0%2FXw%2BzNxDkQWLyNmRLu7LP2Q7zjJnbD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 853355b88eb22c5e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 faceMocion.js Show response
vetsbenefits.net/styles/Tapatalk/template/emotions/js/ 4 KB
2 KB 213ms
212ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/styles/Tapatalk/template/emotions/js/faceMocion.js?v=2024011901
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56cc0e19a11c509f9df52251865d5db3ed39c39c6e332e9cd44c81e7f7395dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 02 Apr 2021 03:34:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"606690df-111a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDi6z4RpEavDiFlAABKG%2BIBeUTpv6wFbAFKbDo3aahA3p8eeg1HCY%2FUnvD2osC7ZEfs%2BYavlyg6pP1WA6elYDibTGUhF3b%2B7YYs390F0so9xp0Yuvh8OxnPqh9TGH6mCqxT94GVEqdPulyqPDjJ%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b8ff3f2c5e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 overall_footer.js Show response
vetsbenefits.net/styles/Tapatalk/template/ 6 KB
2 KB 125ms
124ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/styles/Tapatalk/template/overall_footer.js?assets_version=356
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b097b0b221476789322f85e18b71848dc128875d6cada319cd1e7ef46a2311

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Sep 2023 10:49:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64fafc31-168b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw%2Bm6TgGwmJRoIB%2F2zLfbrl3qcqpZThk5HC6Bx8yF72dsWTwss0QDhEmjdmKlvIMG6%2Frk4gLRp7yCMmYwiz8bW2OdRedGsvINWFsKIiRwbmkiFJwGXS2iwrrBIARHFH9KM2264OLm40z9Gmn07OQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b988612c5e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lazysizes.min.js.js Show response
vetsbenefits.net/styles/Tapatalk/template/ 7 KB
4 KB 217ms
216ms Script
application/javascript 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vetsbenefits.net/styles/Tapatalk/template/lazysizes.min.js.js?v=1.0
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ca25760ed2f1d32d211b03c1884610f9c1929adaa41f1dc708ca5ce4a6558ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 17 Mar 2020 02:19:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e7033ae-1c8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXquyisz3wYkzWE%2FGaCbXIg2HrWHOWsko6jiSj9m3yXixu4uK15ZgjHxTX54F1pqnHEa08qxXgqJhBOpzVc32GWqPO7zoqKQp1uLltsJ5vluIqAqpdxnqFMcqPV5ts28wppvXpBBLJ8ziww%2FcMU3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 853355b988652c5e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ 436 KB
137 KB 126ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 09 Feb 2024 15:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63634
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 16226629560626727405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 08 Feb 2025 15:50:07 GMT

GET
H2 200 728035918 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 116ms
35ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/728035918?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8824a51fcd05114942d3b85f8e7a29cb4ebfa3e5e56ab8d93551cb48c122d1ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LJBc7e4HoYnY6bnCpl4Myg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-LJBc7e4HoYnY6bnCpl4Myg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsOoxSXF4KghxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8fUlkwQQqwHxO8lXTN-AeIePB8ub8OmsbBHTWePqprPmADHfuumsmuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWACD-nDmD9TcQ-9TPYI0CYiEejoMtc9exCbzYdWclEwCirE9O"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
29 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30d0c4184d3e9698d71232ad1bf146af3797410eb41a1830da293e4138ccfa4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29808
x-xss-protection: 0
server: cafe
etag: 341 / 19763 / m202402060101 / config-hash: 3544666277437429358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 09:30:41 GMT

GET
H2

200

apstag.js Show response
c.amazon-adsystem.com/aax2/
Redirect Chain

http://c.amazon-adsystem.com/aax2/apstag.js
https://c.amazon-adsystem.com/aax2/apstag.js

286 KB
71 KB

32ms
14ms

Script
application/javascript

108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:01:50 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 20:22:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1732
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: uRiAG0NRQx_AzecsiFq6q5__D7uhh1jeShaRk2vq8pQQOI1MqGoWzQ==

Redirect headers

Date: Sat, 10 Feb 2024 09:30:41 GMT
Via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P6
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://c.amazon-adsystem.com/aax2/apstag.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: pegVpfjZX2DgA5csBgqZxWKjSKacssR7lkmuUy5wTNkVkKkKrqDysA==

GET
H2 200 logo_t.png
groups.tapatalk-cdn.com/static/image/ 6 KB
6 KB 22ms
21ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/logo_t.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a73e1103df25e2c3e5f749433a05b9430bcd9df3cbebac720d2a0e4a0ee50dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:10 GMT
server: cloudflare
age: 495
cf-polished: origFmt=png, origSize=12090
etag: "f422e2ca62a551cbe954f2a42cee1394"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="logo_t.webp"
accept-ranges: bytes
cf-ray: 853355b98c1065c6-FRA
content-length: 6334

GET
H2 200 register Show response
www.tapatalk.com/connect/ Frame 2B59 12 KB
4 KB 474ms
431ms Document
text/html 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf2d9b717908c1ccaa9f15e865761754c61b29fd39d5dd6bf75920bcbc56f53c

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate no-cache
cf-cache-status: DYNAMIC
cf-ray: 853355ba3aac3616-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 10 Feb 2024 09:30:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare

GET
H2 200 no_avatar.png
groups.tapatalk-cdn.com/static/image/ 874 B
934 B 32ms
32ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/no_avatar.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9689131173d43d55d787f8e29754b0c91c7da34ab138b5bc1aa5041288f6a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:09 GMT
server: cloudflare
age: 1860
cf-polished: origFmt=png, origSize=2318
etag: "911fb4ba78bf129f3bf352a2f55d7e4d"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="no_avatar.webp"
accept-ranges: bytes
cf-ray: 853355b98c1665c6-FRA
content-length: 874

GET
H/1.1 200
OK video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 20 KB
7 KB 61ms
7ms Script
application/javascript 2600:9000:2644:5000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.avantisvideo.com/avm/js/video-loader.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: HTTP/1.1
Server: 2600:9000:2644:5000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5304f37ec679055b6af2f922bd433c1d8a62d9edb81bcb6f8044765da364d818

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: yXRP71YjdFw82MpMYPiQIT.KRiAhJwq8
Content-Encoding: gzip
Via: 1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
Date: Sat, 10 Feb 2024 08:06:23 GMT
X-Amz-Cf-Pop: FRA60-P6
Age: 5059
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 06 Feb 2024 11:45:50 GMT
Server: AmazonS3
ETag: W/"2121f96a82edd3f94653fe3bd4d2da68"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Amz-Cf-Id: bAgiUZ8ClMyf1xIiR7ySz5G829OolqtjV4PsEAkwdX3Vd_Govvtw6g==

GET
H2 200 icon-search.png
groups.tapatalk-cdn.com/static/image/icons/png/ 462 B
628 B 36ms
35ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/icons/png/icon-search.png
Requested by: Host: vetsbenefits.net
URL: https://vetsbenefits.net/styles/Tapatalk/theme/stylesheet-custom.css?v=2024011901
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf120ae70e0add018bfcb935282460c0d31862eb2214f658fa16cb77ac8a7b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:14 GMT
server: cloudflare
age: 485
cf-polished: origFmt=png, origSize=705
etag: "6fe85bd9395085fee4a3bf79ec3afd24"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="icon-search.webp"
accept-ranges: bytes
cf-ray: 853355b99c2d65c6-FRA
content-length: 462

GET
H2 200 1924176.jpg
header.tapatalk-cdn.com/ 22 KB
22 KB 234ms
234ms Image
image/webp 2606:4700:10::6814:2c0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://header.tapatalk-cdn.com/1924176.jpg?v=1653012231
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:2c0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b26398fc782c5ace2a7580f5989df18ad95f5e8fec6296eef48f15af6feb433

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 5V1X30YNBA0XR2PN
cf-polished: qual=85, origFmt=jpeg, origSize=42789
content-disposition: inline; filename="1924176.webp"
content-length: 22294
x-amz-id-2: Og10pgRZVgWV9sEB3pj++Ow3JTmxUF2ls5jhM4AccdhNKOp/avvs9/FilPbpDQCDx4To/Xt+sfU=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 May 2022 02:03:52 GMT
server: cloudflare
etag: "9c3d11eca131f7bb893b95b9060198ea"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b99ad41c30-FRA

GET
H2 200 1924176_1547728065.jpg
groups.tapatalk-cdn.com/background/ 7 KB
7 KB 67ms
67ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/background/1924176_1547728065.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ec532b7773526dc0f405599749d06dc7497c3e332f5ae9a0bb7ff120e29472

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 19:15:33 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=16600
etag: "bc6beca024a94f0deac19470c140b8f5"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="1924176_1547728065.webp"
accept-ranges: bytes
cf-ray: 853355b99c2e65c6-FRA
content-length: 7338

GET
H2 200 303814_1681913461.jpeg
groups.tapatalk-cdn.com/avatar/455/ 14 KB
14 KB 66ms
65ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/303814_1681913461.jpeg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa20b74d9dd74cde6e49252f0c14c33d5ee89ecab4f965b2416507a4d1fe85b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 19 Apr 2023 14:11:02 GMT
server: cloudflare
cf-polished: degrade=85, origSize=18067, status=webp_bigger
etag: "793e54a5a16c47b451a8fc4e2ee91464"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b99c3165c6-FRA
content-length: 13855

GET
H2 200 icon_attachment.png
groups.tapatalk-cdn.com/static/image/icons/png/topic_list/ 436 B
581 B 39ms
39ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/icons/png/topic_list/icon_attachment.png
Requested by: Host: vetsbenefits.net
URL: https://vetsbenefits.net/styles/Tapatalk/theme/stylesheet-custom.css?v=2024011901
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b790bef1392092cb654a928d902bce3b24014d72cff3ca0fa37067c56a629a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:09 GMT
server: cloudflare
age: 1367
cf-polished: origFmt=png, origSize=1777
etag: "c2aa08cd2a300c3ae78e42910ec9cb9f"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="icon_attachment.webp"
accept-ranges: bytes
cf-ray: 853355b99c3365c6-FRA
content-length: 436

GET
H2 200 icon_announce.png
groups.tapatalk-cdn.com/static/image/icons/png/topic_list/ 356 B
520 B 95ms
95ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/icons/png/topic_list/icon_announce.png
Requested by: Host: vetsbenefits.net
URL: https://vetsbenefits.net/styles/Tapatalk/theme/stylesheet-custom.css?v=2024011901
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d64e8e59ad3eeb69fab42c1a825f3700abd660d8a3e2b43b81a3c703548658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:09 GMT
server: cloudflare
cf-polished: origFmt=png, origSize=1557
etag: "b27202993d17d4aa8f2412ebd6fbb675"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="icon_announce.webp"
accept-ranges: bytes
cf-ray: 853355b99c3465c6-FRA
content-length: 356

GET
H2 200 10782564_1707511525.jpeg
groups.tapatalk-cdn.com/avatar/455/ 93 KB
94 KB 217ms
216ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10782564_1707511525.jpeg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5290c7c67ec36020531f6c12bc6a2edd94f6377cd15cda67bac6231619e42b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Fri, 09 Feb 2024 20:45:25 GMT
server: cloudflare
etag: "92f3430609ea0733c00e8a33786fac12"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b99c3965c6-FRA
content-length: 95738

GET
H2 200 893872_1510235855.jpg
groups.tapatalk-cdn.com/avatar/455/ 4 KB
4 KB 71ms
70ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/893872_1510235855.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f653c6952a923257d190ebe43e6a9f453c8ccecc98ba232670a679bf24648e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 18:41:15 GMT
server: cloudflare
cf-polished: origFmt=gif, origSize=4586
etag: "57aad6c3f76d25ab97d9e55bd7edc7d2"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="893872_1510235855.webp"
accept-ranges: bytes
cf-ray: 853355b99c3b65c6-FRA
content-length: 3594

GET
H2 200 10783572_1707070948.jpeg
groups.tapatalk-cdn.com/avatar/455/ 18 KB
18 KB 191ms
191ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10783572_1707070948.jpeg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8dd6969d01c33dc0004717b947a22d42a71eaeb572674e243c9ecba5aacbe13

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 18:22:28 GMT
server: cloudflare
etag: "ff9686609d95bb9eb2fcc70397d39510"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b99c3d65c6-FRA
content-length: 18476

GET
H2 200 10783299_1704142571.jpg
groups.tapatalk-cdn.com/avatar/455/ 198 KB
198 KB 131ms
129ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10783299_1704142571.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54a5248f2b55d40964d4a5fad3aaf469e78721b8acec6068490853816f8451f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Jan 2024 20:56:11 GMT
server: cloudflare
etag: "6d2e7bec3847e1f2749f53213f3f48a6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b99c3e65c6-FRA
content-length: 202432

GET
H2 200 10783577_1707109815.jpeg
groups.tapatalk-cdn.com/avatar/455/ 47 KB
47 KB 159ms
157ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10783577_1707109815.jpeg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453669fedfd6ed3769e138bb748ff77d26161bef949bd4a62b7e22d499abd51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Feb 2024 05:10:15 GMT
server: cloudflare
etag: "b09bab8e625763d5b3a8d1e7754c791b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b99c4065c6-FRA
content-length: 48103

GET
H2 200 6961625_1510236306.jpg
groups.tapatalk-cdn.com/avatar/455/ 3 KB
3 KB 74ms
72ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/6961625_1510236306.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1678559bb4ef3cf45c774a5f5aa217aef88f1f726a71a2c7a15e51a1e939a02f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 18:41:11 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=18447
etag: "248962a0ba98757ea1810d6fba45886b"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="6961625_1510236306.webp"
accept-ranges: bytes
cf-ray: 853355b9ac4965c6-FRA
content-length: 3288

GET
H2 200 10767735_1570830569.jpg
groups.tapatalk-cdn.com/avatar/455/ 62 KB
63 KB 142ms
140ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10767735_1570830569.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 629a50a8d0b782856456d9b3707cadc992c260db2d65c50e4095d2a1d0d1a6cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:41:07 GMT
server: cloudflare
etag: "ae825c0e22ff30168182d6d41f9f0a74"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac4a65c6-FRA
content-length: 63976

GET
H2 200 895585_1666967297.jpg
groups.tapatalk-cdn.com/avatar/455/ 33 KB
33 KB 82ms
80ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/895585_1666967297.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a38eba6cfe207c71ddd68b4d72e550cd001ed744a20065221dab8f79611a6712

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 18:41:14 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=65368
etag: "e3e12db38fc120a9c7e07f12e608b50b"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="895585_1666967297.webp"
accept-ranges: bytes
cf-ray: 853355b9ac4c65c6-FRA
content-length: 33360

GET
H2 200 6963222_1703032909.jpg
groups.tapatalk-cdn.com/avatar/455/ 79 KB
79 KB 615ms
614ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/6963222_1703032909.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23ea33ab64deeb27893754491a537c13e08d1c342787a98b1a6fb9c0a216a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Dec 2023 00:41:49 GMT
server: cloudflare
etag: "fca6a34cd0e64564d1a7ed15b517c01d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac5165c6-FRA
content-length: 80985

GET
H2 200 4278873_1669033427.jpeg
groups.tapatalk-cdn.com/avatar/455/ 40 KB
40 KB 1631ms
1630ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/4278873_1669033427.jpeg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a156db6eca663977b20273c1a713ac02cb66a28030d3e14fe2af5c7468b38c00

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:43 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:41:17 GMT
server: cloudflare
etag: "7e8699974066109b4d6c976eb7ef676d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac5365c6-FRA
content-length: 40628

GET
H2 200 10074093_1510236550.jpg
groups.tapatalk-cdn.com/avatar/455/ 5 KB
5 KB 149ms
148ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10074093_1510236550.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6c3bec22e35973406dae74c2c8b07efc08f3921bea874266b21cf9d6391d5cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:40:54 GMT
server: cloudflare
etag: "3f4c7a963256fe056eb98ad1f0ea97e2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac5765c6-FRA
content-length: 5443

GET
H2 200 10770141_1578158081.png
groups.tapatalk-cdn.com/avatar/455/ 14 KB
14 KB 91ms
91ms Image
image/png 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10770141_1578158081.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7602604490782556395415f2a0ef268b25bfb6515064e784b5d4ef5c1630ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:41:05 GMT
server: cloudflare
etag: "445bcf4319e1e85b684c0f929f8f1cba"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac5a65c6-FRA
content-length: 13893

GET
H2 200 7637962_1698379527.jpg
groups.tapatalk-cdn.com/avatar/455/ 45 KB
45 KB 143ms
143ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/7637962_1698379527.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf5b0a55b30950622270b85b6a21947f24f898574057497c34e53824c799b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 04:05:28 GMT
server: cloudflare
etag: "4c3b0098a3d597eb33f4179a93c1a917"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac5b65c6-FRA
content-length: 45867

GET
H2 200 7194743_1707434957.jpeg
groups.tapatalk-cdn.com/avatar/455/ 125 KB
125 KB 123ms
123ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/7194743_1707434957.jpeg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0f264d89a0f3b64ad0434e9de2e6f4a9a61fa77e10532d95280e5b13ba5d176

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Feb 2024 23:29:17 GMT
server: cloudflare
etag: "bf8177d94fc0e06f142450d1e2c7d758"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac6265c6-FRA
content-length: 127761

GET
H2 200 9592518_1656645438.jpeg
groups.tapatalk-cdn.com/avatar/455/ 139 KB
139 KB 108ms
107ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/9592518_1656645438.jpeg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d4c3b12277febaa64a392af5a6da3ebc349cb954421f7e9c6c53e677ba840be

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:41:19 GMT
server: cloudflare
etag: "6016ff969cff3ecae59cf14bd7337674"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac6365c6-FRA
content-length: 142003

GET
H2 200 6354285_1536336700.jpg
groups.tapatalk-cdn.com/avatar/455/ 18 KB
18 KB 138ms
137ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/6354285_1536336700.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 552bb4998ea41f2b1b747f9ebc0bec878b0dd65a6b4a52af699c82b465bfcbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:41:09 GMT
server: cloudflare
etag: "4b1972ec3867cc2ea834b607fb92ee8c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac6565c6-FRA
content-length: 18335

GET
H2 200 6919599_1565250781.jpg
groups.tapatalk-cdn.com/avatar/455/ 51 KB
51 KB 137ms
136ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/6919599_1565250781.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66047d5be5cef5ed83adde6e6069556559ad0af4ba388f19f4e459f0a40e613f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:41:10 GMT
server: cloudflare
etag: "6fac88f6b49fa50733c39a46cd7ad9a6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac6965c6-FRA
content-length: 51856

GET
H2 200 894747_1530811101.gif
groups.tapatalk-cdn.com/avatar/455/ 53 KB
53 KB 138ms
135ms Image
image/gif 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/894747_1530811101.gif
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b89a3101630566bdea61c9713ee28d5a529ad69b4a527f40a57f2389f74e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:41:13 GMT
server: cloudflare
etag: "b53ca65e21eca41d947202ce7def4bb5"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac6b65c6-FRA
content-length: 54493

GET
H2 200 10760573_1670441568.jpg
groups.tapatalk-cdn.com/avatar/455/ 66 KB
66 KB 138ms
135ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10760573_1670441568.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 410d6487360d61eac03d12ebc15e7bd021f129c1b2d7a8c492038efe921ceb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:40:59 GMT
server: cloudflare
etag: "3aad5983eb42da76477c332eedc6b8f0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac6c65c6-FRA
content-length: 67261

GET
H2 200 10778263_1655551986.jpeg
groups.tapatalk-cdn.com/avatar/455/ 59 KB
59 KB 155ms
153ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10778263_1655551986.jpeg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dd528035ddebf19c14e941fdc06f927170db3430bd606c992914f3ceffa8d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:41:09 GMT
server: cloudflare
etag: "8e613d0ab4ff570ac9b65d4b4c00b3a4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac6f65c6-FRA
content-length: 60182

GET
H2 200 10767926_1564639109.jpg
groups.tapatalk-cdn.com/avatar/455/ 8 KB
8 KB 140ms
139ms Image
image/jpeg 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/avatar/455/10767926_1564639109.jpg
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dd65ca6cafe1705a57d793559d2ec4c998987e9ccbacfc66f3e762cdb60368f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 18:41:09 GMT
server: cloudflare
etag: "e7d496a967e9514b5f8b1d84b6dadc72"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853355b9ac7065c6-FRA
content-length: 8597

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 33ms
22ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://vetsbenefits.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 825810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uep3G7qIwp1Cwf2MaoD4LQlNT%2BrCir4Om0%2BeUzCzXpQtxUwrXzs7ljGfhUJYVojoakFmnt8WBl2%2Bwj04S%2BSU6brEWe0f%2Bnv8Es2KBOMOruFz5EhOoW4q5Jia4Ls5%2B95scGMI9acfoC7fSXvBPx%2FYSwjc"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853355b9bdb571b8-FRA
expires: Thu, 30 Jan 2025 09:30:41 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 63ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: vetsbenefits.net
URL: https://vetsbenefits.net/styles/Tapatalk/template/ttg.min.js?v=2024011901
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:41 GMT
Content-Encoding: gzip
Age: 687
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/67AA)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38b6ec879c5963b1396ec8cdf858b9ba9c32520c0eee6fe6ffee78d133d08445

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 1 KB
1 KB 67ms
12ms XHR
text/plain 2600:9000:2670:1400:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: http://cdn.avantisvideo.com/avm/js/video-loader.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:1400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adf9e2c181a2f540621876f5953ed00300e880cbfdf7042a58f881945c915cbb

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 09 Feb 2024 11:19:10 GMT
content-encoding: gzip
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 79892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 28 Jan 2024 09:08:10 GMT
server: AmazonS3
etag: W/"6221250b41e00a38e676a4f3531b4d61"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
x-amz-cf-id: 6P7ofjkkyStX8YModQx8jmXGRuMQUp2Ji148aR-v90x0RCrt35jy3w==

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 615ms
180ms Ping
text/plain 54.70.70.46

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.70.46 Boardman, United States, ASN (),
Reverse DNS: ec2-54-70-70-46.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT

GET
H2 200 / Show response
floor.pbxai.com/ 0
126 B 64ms
29ms XHR
text/plain 52.57.76.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://floor.pbxai.com/?pubxId=734de3ba-6ab2-4834-afcf-01dd1534f3ec&page=http://vetsbenefits.net/&maxBid=null&bidDep=null&aucId=null
Requested by: Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/fd214620-ffba-486b-b852-91de693c4a85/v3/dyn/pws.js?type=support
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.76.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-76-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 10 Feb 2024 09:30:41 GMT
cache-control: public, max-age=60
content-length: 0
vary: origin
apigw-requestid: S6dKUj8lliAEPug=

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 4A77 46 KB
17 KB 39ms
8ms Document
text/html 2600:9000:2644:e800:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: http://cdn.avantisvideo.com/avm/js/video-loader.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:e800:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11099
content-encoding: gzip
content-type: text/html
date: Sat, 10 Feb 2024 06:25:43 GMT
etag: W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified: Wed, 06 Apr 2022 12:25:53 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
x-amz-cf-id: dXRhIR0vGhcNsQT1IQMdBaP4ZeLHN9mDHq-diVwPMNOzDe1R0ShoKg==
x-amz-cf-pop: FRA60-P6
x-amz-version-id: dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache: Hit from cloudfront

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 16ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 211146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j52aH0m9bGvIcVQJmulcSpIn0o06hXpCm%2BJjXAxoleNIWcdAAg1fIWEyMOVmUlrwZmnSvrJUKIJu3vFSf80%2Bd8vOu8QVsQ7L6lsAzYV9JigeARceTRiIfXXebPE1EqvbLnXevDQGPX5ykmOo2%2Bd448AI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853355baea44910c-FRA
expires: Thu, 30 Jan 2025 09:30:41 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
35 KB 49ms
7ms Script
text/javascript 18.245.31.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: br
via: 1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 04:45:46 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 17096
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Fc8yBbvdm0dAZcRb3XvwJ2bcKumuO5BVXuh-EeNu-BW6sRWE2uyk7Q==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1H02GELQQB&gtm=45je4270v9116045774za200&_p=1707557441517&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=2104360285.1707557442&ul=en-us&sr=1600x1200&pscdl=noapi&_s=1&sid=1707557441&sct=1&seg=0&dl=http%3A%2F%2Fvetsbenefits.net%2F&dt=Veterans%20Benefits%20Network%20-%20Vets%20Helping%20Vets%20Since%202002&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.tt_fid=1924176&ep.ttg_fid=455&ep.group_name=vets&ep.page_type=index&ep.user_type=guest&ep.is_ads=1&ep.ads_reason=ads_shown&tfd=1751
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1H02GELQQB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://vetsbenefits.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUD8vDc8jCN5HD0izDI-1DF3GypARESmIpI-Hymf0l9h1CtCsp7jOoFwtKkpU1gKweoNFKOQRKYYb1T6dgsTMuBpv8BQwRPGRxzMNaJRHSrXHkuDVBBAy8pmOUL0H0jkTRZMGl1tQ== Show response
fundingchoicesmessages.google.com/f/ 380 KB
59 KB 96ms
95ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUD8vDc8jCN5HD0izDI-1DF3GypARESmIpI-Hymf0l9h1CtCsp7jOoFwtKkpU1gKweoNFKOQRKYYb1T6dgsTMuBpv8BQwRPGRxzMNaJRHSrXHkuDVBBAy8pmOUL0H0jkTRZMGl1tQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NTU3NDQxLDc4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL3ZldHNiZW5lZml0cy5uZXQvIixudWxsLFtbOCwiTTBaZ2RhbU9OTnMiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxdLTz2qXDoSDjoP5G-9Wfg5kG_5A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9a5585900697a8c98f99de424dd521868884affb74bfeb271363a869369d8fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VqpkxP5C5wH4CRXN1Qv57w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-VqpkxP5C5wH4CRXN1Qv57w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KIhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIR6Ogy1z17EJdKy4uoAZACAPScA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8f9815c0-9661-45ca-805e-aeded2bf5e50 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
838 B 41ms
8ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/8f9815c0-9661-45ca-805e-aeded2bf5e50
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: ca46c3ee68aa92cb19fdca66573741ae548f48772b8f8118976821c8966922ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 08:57:26 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1995
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: llzkm2p-MwSBJTg8MiLTYoJutJdnqFxN2k7v9eXaD1hYSE1ATQCJEw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 11ms
10ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fvetsbenefits.net&pubid=8f9815c0-9661-45ca-805e-aeded2bf5e50
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c807396c3ba74b2d16228bfd601e8f4a10dcab9f856ca66e83fb86351ada3904

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:15:24 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 11717
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2899
x-amz-cf-id: aGhUUNJ0CUOeIEfAI08rlD98oc7xbz5HfbZIAMm4KUmEcRlwF4fD3A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
9ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 06:15:25 GMT
x-amz-cf-pop: FRA56-P6
age: 11717
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: L9IGVaPTxToXFjKIaV4TwiLcN4mBurOLNBqiO8pN7lIsUA-JzcZR0w==

GET
H2 200 apple_store.png
groups.tapatalk-cdn.com/static/image/ 4 KB
4 KB 30ms
29ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/apple_store.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e72e49d10a4264e0ee792b5988e71b9a91f99facc773de8446f98367202db902

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:11 GMT
server: cloudflare
age: 5979
cf-polished: origFmt=png, origSize=6885
etag: "88f23dd64aaea0bf2a64db3657825c1e"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="apple_store.webp"
accept-ranges: bytes
cf-ray: 853355bb5f4e65c6-FRA
content-length: 3622

GET
H2 200 google_store.png
groups.tapatalk-cdn.com/static/image/ 7 KB
7 KB 22ms
21ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/google_store.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503a22f130549fd02f5ed749fc99637b2a883508e6b2e4f1c8a92ce98052d216

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:04 GMT
server: cloudflare
age: 2036
cf-polished: origFmt=png, origSize=9895
etag: "88dba1d4db42e19d8c0ce3503971a1eb"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="google_store.webp"
accept-ranges: bytes
cf-ray: 853355bb5f4f65c6-FRA
content-length: 6716

GET
H2 200 Privacy-Shield-Certified-logo.png
groups.tapatalk-cdn.com/static/email/ 9 KB
9 KB 26ms
25ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/email/Privacy-Shield-Certified-logo.png
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bffb0c5a5061855673dc25a081b6deda250994380e3bfbe6ccf595bbabffe98

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:10 GMT
server: cloudflare
age: 4839
cf-polished: origFmt=png, origSize=10715
etag: "839b7122ed3f273f942f4cd1eba3e6f7"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="Privacy-Shield-Certified-logo.webp"
accept-ranges: bytes
cf-ray: 853355bb5f5065c6-FRA
content-length: 9486

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
357 B 177ms
111ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fvetsbenefits.net%2F&pid=i330yTUGYXa5s&cb=0&ws=1600x1200&v=24.205.1508&t=2201&slots=%5B%7B%22sd%22%3A%22div-Tapatalk_Header%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F728035918%2FTapatalk_Header%22%7D%2C%7B%22sd%22%3A%22div-Tapatalk_Secondary%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F728035918%2FTapatalk_Secondary%22%7D%2C%7B%22sd%22%3A%22div-Tapatalk_Secondary_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F728035918%2FTapatalk_Secondary_2%22%7D%5D&pubid=8f9815c0-9661-45ca-805e-aeded2bf5e50&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:41 GMT
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: DhOmCcGBCHZY0boPUYkGkUtyVKhnHnj25p4KWRMfO5bwBGq_tSVrLw==

GET

/
www.facebook.net/login/
Redirect Chain

http://connect.facebook.net/en_UK/all.js?_=1707557441525
https://connect.facebook.net/en_UK/all.js?_=1707557441525
https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_UK%2Fall.js%3F_%3D1707557441525

0
0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

http://btloader.com/tag?o=5764509824188416&upapi=true
https://btloader.com/tag?o=5764509824188416&upapi=true

57 KB
19 KB

59ms
41ms

Script
application/javascript

2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5764509824188416&upapi=true
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68cbf25d83e60254d445ff82bc500712961a9fe0b6a2ffba8de21c7b576a394f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sat, 10 Feb 2024 08:53:32 GMT
server: cloudflare
age: 2057
etag: "1e067692dc6ef369f92b5ae2328b4351"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 853355bcca3437f8-FRA
content-length: 19344

Redirect headers

Date: Sat, 10 Feb 2024 09:30:41 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://btloader.com/tag?o=5764509824188416&upapi=true
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 853355bc18ee1c15-FRA
Expires: Sat, 10 Feb 2024 10:30:41 GMT

GET
H/1.1

200
OK

main.js Show response
vetsbenefits.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 6872
Redirect Chain

http://vetsbenefits.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
http://vetsbenefits.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

16ms
16ms

Script
application/javascript

2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://vetsbenefits.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

HTTP/1.1

Server

2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

175d272943efaf1b24861f40428b1666608d3beff0c227dc9c479deb1a71b788

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TP6xl2mRP03W8MVqI0GqnHhBSvxp9qfAxUiOg92lleAas88ObUr%2FS98LNXkDU%2FWl8f6xth%2BDIyo%2FJFui%2ByxIYQl%2BimzBxnioYnhnbX8dCOFWlWCpbuffjstuPfB5Xn6nNc8Sjw6qPolpUOc0rmQn"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, public
Connection: keep-alive
CF-RAY: 853355bc7a859193-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba%2BJjAow6dVgFeeLDwkkb4VDrSvl2CZXaBDsFvIJ8LtIMY9wrO6Cgb%2BXWHB1rg8y9FI8F6VJp%2BBqrvZMNurfyI3k7G7U0pcdg0rXqzBanMVoYW28m0vHB6fCfzaZ6vSu9qYSGIe00gDWLVFIjc6f"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
Connection: keep-alive
CF-RAY: 853355bbe9a49193-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame DE51 319 KB
104 KB 30ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fvetsbenefits.net
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5242140
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Sat, 10 Feb 2024 09:30:41 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 50ms
11ms Script
application/javascript 2.23.78.67

General

Check archive.org

Show headers Download Go to

Full URL: http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: HTTP/1.1
Server: 2.23.78.67 Düsseldorf, Germany, ASN (),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 19:40:17 GMT
Server: Apache
ETag: "d734-5f2f3919e751f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17407
Expires: Sat, 10 Feb 2024 09:45:42 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 38ms
7ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:30:07 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 75635
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: bIaKGu9b9Y6y_10YWKKWWd6doD28OyDHdl5PBf-fZiMvHv6ex_1I5Q==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 52ms
23ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fvetsbenefits.net%2F&ref=&_it=amazon&partner_id=513
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 6200
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 853355bc7acc9c00-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2

200

id5-api.js Show response
cdn.id5-sync.com/api/1.0/
Redirect Chain

http://cdn.id5-sync.com/api/1.0/id5-api.js
https://cdn.id5-sync.com/api/1.0/id5-api.js

88 KB
26 KB

65ms
32ms

Script
text/javascript

2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cd07edee68cd765a7cdde6fefbd032242acc261496048c610c9d2b401ef105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:41:43 GMT
server: cloudflare
x-amz-request-id: 10S3JXSWSH2GFS26
age: 2161
etag: W/"5f1afea320c5039c2b1fe5fdbc5608a7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 853355bcef3b65dd-FRA
x-amz-id-2: Nbm0zl+WHCQcVoBWcbq8vnZ5llBHOsrgbAWRWuUWRPdFQdWA7PJ+CEQUoOD8uQ7ho+g/WbHbR+s=

Redirect headers

Location: https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 4A77 184 B
937 B 150ms
149ms XHR
application/json 2600:9000:225e:f000:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e7edf186b41a26fb217df3333d1df52565f3e376f872b34f86cc8175b181b118

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA60-P4
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 184
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
x-download-options: noopen
access-control-allow-credentials: true
x-amz-cf-id: 4br8iyoy-9iGOhi2QO76kgJFFa3z56_NLNH-nR8nnqDT2rrjiIUgNw==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 202ms
157ms Preflight 2600:9000:225e:f000:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cdn1.avantisvideo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-max-age: 86400
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sat, 10 Feb 2024 09:30:42 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-id: PfQpXD803dNWutAeshMzmUVOe2MPKZRGiSTrEkLeGxR0xJOIJ7Xj2w==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
628 B 79ms
7ms Fetch
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 02:15:04 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront), 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 26138
x-amzn-requestid: cd0afeb9-9c8a-464f-8942-9ea4c7e25a98
x-amzn-trace-id: Root=1-65c6dc28-004c99a865d7ae2477eb781c;Parent=2df160df877d2ff9;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: S5dWcHRtjoEEO5w=
content-length: 30
x-amz-cf-id: Y0BWZ-cwfPgBAdJNtEQBK5GGI6de_X0XK-E0qfZzLpJXLFNN_FjZow==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 css
fonts.googleapis.com/ 107 KB
6 KB 47ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyE3UapaKQU2CxqIS_ZLb834q8VDw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

971fe9c7a0d3d03475b76cbb6ad43b41a4fc297c9facf41f6f04d5274c2e2804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 09:30:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Feb 2024 09:30:42 GMT

GET
H2 200 hNF15JGZRT5P1DSK6vhPEdH7QUX0zAPhgLMH-Or3pqfM0k6sfsK7eEKuwk-9SNueLHpjWXvJbMPRQzBrlhvrSOEzCNHmp1oO-0fzzVeMMXSdP1NgDF6M=h60
lh3.googleusercontent.com/ 2 KB
2 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/hNF15JGZRT5P1DSK6vhPEdH7QUX0zAPhgLMH-Or3pqfM0k6sfsK7eEKuwk-9SNueLHpjWXvJbMPRQzBrlhvrSOEzCNHmp1oO-0fzzVeMMXSdP1NgDF6M=h60

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b8517a0a547327a5280f034d8e040c8f388b28ab2e7e7e5e18bee658a900d297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 05:57:32 GMT
x-content-type-options: nosniff
age: 12790
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2236
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 11 Feb 2024 05:57:32 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame DE51 869 B
658 B 159ms
118ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8f804888ce8baf05d4ed7e42775ddf7202be7270

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fvetsbenefits.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-response-time: 110
date: Sat, 10 Feb 2024 09:30:41 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sat, 10 Feb 2024 09:30:42 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 22cb972ac72099f0
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: a7808b6f5fa0445bbc2bf9f47de8f80b0abff0da0ffb6a8e4a91f0d57923e7db
content-length: 337

GET
H2 200 css
fonts.googleapis.com/ Frame 2B59 35 KB
2 KB 71ms
67ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Roboto+Mono|Google+Sans:%20400,500,600,700|Material+Icons|Google+Sans+Display

Requested by

Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9afbcaf3bf337c98542f2462c97aa7c50445a432a22ba0ec4789406bad822f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 09:30:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Feb 2024 09:30:42 GMT

GET
H2 200 bootstrap.min.css
www.tapatalk.com/styles/ Frame 2B59 104 KB
18 KB 49ms
46ms Stylesheet
text/css 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/styles/bootstrap.min.css
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42cd56bf28a9295dafc4e4dbec301aedc8971fbce42450f5a3301a04748f778d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jan 2021 03:54:16 GMT
server: cloudflare
age: 4435
etag: W/"600f9268-19e1e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355bd6faa3616-FRA

GET
H2 200 index.css
www.tapatalk.com/styles/ Frame 2B59 61 KB
13 KB 50ms
47ms Stylesheet
text/css 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/styles/index.css?time=20200408
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237b2840c5d7cdaeefa53c134ac5d26ee8954b56f0148e9cbb33f0c0f0667dcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Jan 2021 03:54:16 GMT
server: cloudflare
age: 4435
cf-polished: origSize=78777
etag: W/"600f9268-133b9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355bd6faf3616-FRA

GET
H2 200 index-media.css
www.tapatalk.com/styles/ Frame 2B59 19 KB
5 KB 43ms
40ms Stylesheet
text/css 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/styles/index-media.css?time=20190129
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9ace171031a798c432154cbb6b991498673b42a007793108c3590a0aa486f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Jan 2021 03:54:16 GMT
server: cloudflare
age: 4435
cf-polished: origSize=27519
etag: W/"600f9268-6b7f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355bd6fb23616-FRA

GET
H2 200 jquery.Jcrop.min.css
www.tapatalk.com/styles/ Frame 2B59 4 KB
1 KB 77ms
75ms Stylesheet
text/css 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/styles/jquery.Jcrop.min.css
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 428162eb99e68e03354cfb01a779bda6f7c7ef23252acd6526ced40a78d2ee2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jan 2021 03:54:16 GMT
server: cloudflare
age: 4435
etag: W/"600f9268-f8a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355bd6fb53616-FRA

GET
H2 200 font-awesome.min.css
www.tapatalk.com/styles/ Frame 2B59 28 KB
7 KB 51ms
49ms Stylesheet
text/css 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/styles/font-awesome.min.css
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jan 2021 03:54:16 GMT
server: cloudflare
age: 6161
etag: W/"600f9268-7187"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355bd6fb63616-FRA

GET
H2 200 icomoon.css
www.tapatalk.com/css/ Frame 2B59 2 KB
580 B 46ms
44ms Stylesheet
text/css 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/css/icomoon.css?time=20180425
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1ad76c4eebb2f644d9516723a2d0caaebb3a7177e7ccb43f8becb29a0a284a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Jan 2021 03:54:15 GMT
server: cloudflare
age: 4435
cf-polished: origSize=2154
etag: W/"600f9267-86a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355bd6fb73616-FRA

GET
H2 200 slideout.css
www.tapatalk.com/css/ Frame 2B59 4 KB
1 KB 64ms
62ms Stylesheet
text/css 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/css/slideout.css?time=20180425
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f6278eecd024207a8c08d1096e80ff78b76e71648f1532fb6d4fa2bbf75a533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Jan 2021 03:54:15 GMT
server: cloudflare
age: 4435
cf-polished: origSize=5153
etag: W/"600f9267-1421"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355bd6fb83616-FRA

GET
H2 200 common.css
www.tapatalk.com/css/ Frame 2B59 5 KB
2 KB 50ms
48ms Stylesheet
text/css 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/css/common.css?t=20190705
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55729433d83048572e61a4cabb2d2f642662932fa2f1a96ef50d2770b65c5b94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Jan 2021 03:54:15 GMT
server: cloudflare
age: 4435
cf-polished: origSize=6377
etag: W/"600f9267-18e9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355bd6fbb3616-FRA

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 2B59 56 KB
22 KB 64ms
29ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Feb 2024 09:30:42 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "744e1fa93653e48f"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 09:30:42 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 2B59 18 KB
8 KB 52ms
17ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34cde982ba3e4dc07422431edb59a249fa3157b297aea11c0647474a27b6161b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Feb 2024 09:30:42 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7117
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "46707f02a004c0ee"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 09:30:42 GMT

GET
H2 200 facebook-ttg.png
www.tapatalk.com/imgs/ Frame 2B59 454 B
639 B 42ms
41ms Image
image/webp 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tapatalk.com/imgs/facebook-ttg.png
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 490578849774f0a419c2f69380f376f7dc73b0747301a6e962c883127e97db62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
cf-cache-status: HIT
age: 5850
cf-polished: origFmt=png, origSize=1652
content-disposition: inline; filename="facebook-ttg.webp"
content-length: 454
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Jan 2021 03:54:15 GMT
server: cloudflare
etag: "600f9267-674"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 853355bd6fbc3616-FRA

GET
H2 200 g.png
www.tapatalk.com/imgs/ Frame 2B59 3 KB
3 KB 43ms
42ms Image
image/webp 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tapatalk.com/imgs/g.png
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fa303361a87b3b121e6ea9a6727a555e774a8d95c2fcc59d0d3db088ac2d054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
cf-cache-status: HIT
age: 3964
cf-polished: origFmt=png, origSize=6875
content-disposition: inline; filename="g.webp"
content-length: 2838
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Jan 2021 03:54:15 GMT
server: cloudflare
etag: "600f9267-1adb"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 853355bd6fbf3616-FRA

GET
H2 200 login-email.png
www.tapatalk.com/imgs/ Frame 2B59 268 B
397 B 50ms
49ms Image
image/webp 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tapatalk.com/imgs/login-email.png
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06657fe1819760e21baa3ae9b2384f5d070c2825089a70f02e3b269e7412e73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
cf-cache-status: HIT
age: 3963
cf-polished: origFmt=png, origSize=1260
content-disposition: inline; filename="login-email.webp"
content-length: 268
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Jan 2021 03:54:15 GMT
server: cloudflare
etag: "600f9267-4ec"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 853355be48d73616-FRA

GET
H2 200 jquery.min.js Show response
www.tapatalk.com/js/ Frame 2B59 82 KB
30 KB 46ms
46ms Script
application/javascript 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/js/jquery.min.js
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jan 2021 03:54:15 GMT
server: cloudflare
age: 4415
etag: W/"600f9267-14960"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355be48da3616-FRA

GET
H2 200 global.js Show response
www.tapatalk.com/js/ Frame 2B59 2 KB
757 B 31ms
30ms Script
application/javascript 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/js/global.js
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d49bd93a5cc7f800e279059e520e74cf64452185cf75be4c5de8d5e5bc4569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Jan 2021 03:54:15 GMT
server: cloudflare
age: 3963
cf-polished: origSize=2959
etag: W/"600f9267-b8f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355be994e3616-FRA

GET
H2 200 jquery.validate.min.js Show response
www.tapatalk.com/js/ Frame 2B59 23 KB
7 KB 44ms
42ms Script
application/javascript 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/js/jquery.validate.min.js
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 889b284a120707908420d610783bd61084eb5e8a1e26a778981675a1b3c550e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/connect/register?client_id=1489117111&state=REG:8612f13d0e2b6eaea726248f8548d610&response_type=code&redirect_uri=https://vetsbenefits.net/auth.php&scope=basic&fname=Veterans+Benefits+Network&fid=1924176&sty=ttg&forumid=455&register_channel=ttg_banner&is_nav=normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jan 2021 03:54:15 GMT
server: cloudflare
age: 4435
etag: W/"600f9267-5a3c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 853355bf1a023616-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 2B59 1 KB
1 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8328841cd636c0a1f0da9ec78a2986b066a19cb18e10a1ff9d2f0d3ea19a6aa4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 10 Feb 2024 09:30:42 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 20ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vetsbenefits.net/
Origin: http://vetsbenefits.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 07:25:55 GMT
X-Content-Type-Options: nosniff
Age: 180287
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 48236
X-XSS-Protection: 0
Last-Modified: Thu, 14 Dec 2023 02:08:40 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 07 Feb 2025 07:25:55 GMT

GET
H/1.1 200
OK flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 19ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vetsbenefits.net/
Origin: http://vetsbenefits.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 00:07:53 GMT
X-Content-Type-Options: nosniff
Age: 206569
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 128352
X-XSS-Protection: 0
Last-Modified: Tue, 07 Mar 2023 19:51:56 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 07 Feb 2025 00:07:53 GMT

POST
H3 204 AGSKWxXUZCZ0RDUVrZ1M9CxupOwElHd1VXqoihw59DwnaKVT5Yz143kArLKw5BfiL29qVWgSkDKwWI7ZGgprbKahRRUBqtJrj9bdtgLDuO-ZpMk49tmkDVrnL7yvqHlYTkytiCcmiqRcuA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 62ms
21ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUZCZ0RDUVrZ1M9CxupOwElHd1VXqoihw59DwnaKVT5Yz143kArLKw5BfiL29qVWgSkDKwWI7ZGgprbKahRRUBqtJrj9bdtgLDuO-ZpMk49tmkDVrnL7yvqHlYTkytiCcmiqRcuA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9RDxMtKm4bVkv9hzQOTHRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9RDxMtKm4bVkv9hzQOTHRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXMcapm7jk1gQ9PODADmghfJ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://vetsbenefits.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 853355b058989193 Show response
vetsbenefits.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6872 0
887 B 39ms
39ms XHR
text/plain 2606:4700:3030::6815:2267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vetsbenefits.net/cdn-cgi/challenge-platform/h/b/jsd/r/853355b058989193
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:2267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 10 Feb 2024 09:30:42 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3q9zwECX3THBEscQQgSj16UGqCECn6W1xfThzdZE06knIkoIAItBpJi8UKnrAIfEqvOYgNeM0lEpv8X8ZpkDgn%2FvktWncoOP80c1F8Z4Z8iFbsxxEnItN2sL1KzTlSzkTHogZNTwiYDYzy4Rpuww"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 853355be4d489193-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 113ms
33ms XHR
application/json 54.76.95.112

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.95.112 Dublin, Ireland, ASN (),
Reverse DNS: ec2-54-76-95-112.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 458bc63401e55f4eefeb97ab1df5bba9fd00958f4111947da15f0d96284af63c

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://vetsbenefits.net
cache-control: no-cache
x-server: 10.45.2.43
access-control-allow-credentials: true
content-length: 60
expires: 0

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 166ms
108ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=513&sync=0&domain=vetsbenefits.net&url=http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://vetsbenefits.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 853355beb86d5d67-FRA
content-length: 0
content-type: application/json
date: Sat, 10 Feb 2024 09:30:42 GMT
debug: OPTIONS block
expires: Sun, 09 Feb 2025 09:30:42 GMT
server: cloudflare

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 101 B
291 B 125ms
123ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=513&sync=0&domain=vetsbenefits.net&url=http://vetsbenefits.net/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fvetsbenefits.net%2F&ref=&_it=amazon&partner_id=513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 896c45fa14185db6f135072b9e7f70e86528fe9ada763d2b12e3f38f387c63f9

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 853355bf69755d67-FRA

GET
H2 200 state Show response
api.btloader.com/mw/ 40 B
167 B 158ms
115ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: http://btloader.com/tag?o=5764509824188416&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 862da7a63ed8c7a0ff4fdfe2df7678c4739d6f49dc38eee1067b245553dc9119

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Feb 2024 09:30:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40
vary: Origin
content-type: application/json

GET
H2 200 px.gif
ad-delivery.net/ 43 B
921 B 59ms
20ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 805778
x-guploader-uploadid: ABPtcPpIYU9GYWA9d34v55U3xtuPZwpzH-8zlNuoZeC48JgUSin9ojWXWINElBv9r-OXw11U0tgCQpYCow
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8S84xjedCw2ZGKie8nwOWOTIgugctHlJ3xBXPgVZkE1M7kbmBggZ4%2BvQxam1L9L4kKwnNM%2FVy4WApT2u%2BRJVbqupior3rGdyUweXsu91IMwVKBdpXkP81S%2F6Zom%2BT0a7xhq26gmh68F5oamZA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 853355bf1ab565dd-FRA
expires: Thu, 01 Feb 2024 02:06:06 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 42ms
7ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 12:58:06 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
345 B 61ms
23ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.10728731430385241
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 805778
x-guploader-uploadid: ABPtcPpIYU9GYWA9d34v55U3xtuPZwpzH-8zlNuoZeC48JgUSin9ojWXWINElBv9r-OXw11U0tgCQpYCow
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z38VmfDq4h%2BISnR3wqN9H%2BtoLNbnbAokrq8HYTVBd8kxIb5D7Yve2c%2Flq60dfI2t9CNrp%2B1IlwhnhelG%2FnonoOEt7f2BVJDzbeW96FMjKxrHEdqKRyZb5px8A%2BE%2B4H3o9O%2BobhpucY7dT%2BjXIg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 853355bf1ab365dd-FRA
expires: Thu, 01 Feb 2024 02:06:06 GMT

GET atrk.js
d31qbv1cthcecs.cloudfront.net/ Frame 2B59 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2B59 52 KB
21 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Feb 2024 07:30:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 10 Feb 2024 09:30:43 GMT

GET
H2 200 video-loader2.2.js Show response
cdn.avantisvideo.com/js/ 1009 KB
297 KB 9ms
8ms Script
application/javascript 2600:9000:2644:e800:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Requested by: Host: cdn.avantisvideo.com
URL: http://cdn.avantisvideo.com/avm/js/video-loader.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:e800:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b835077cc18f6a97d769e5a960597eb5111e274f545bfa07af32486661bb3c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 91TxMddhNA_HNRGt2FbePfLZOZL6QzhH
content-encoding: gzip
via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 08:56:19 GMT
last-modified: Thu, 08 Feb 2024 08:56:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 2064
x-amz-server-side-encryption: AES256
etag: W/"a8acfe33df0e3544b9b4d7e4a2cea66f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: M7w6o6zWQyAblPJVTrPucIv5oj4GH9uz-Gv_vfw6Yjxu5pHa0Fp6fA==

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/ Frame 2B59 119 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85f21be5db07a2ea03381f9ba5f984d5fd971f4ceb3174957e8cb6f28949aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40961
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 19:33:32 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 2B59 493 KB
197 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tapatalk.com/
Origin: https://www.tapatalk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 19:17:01 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2B59 3 KB
3 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.tapatalk.com
URL: https://www.tapatalk.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fd1b773a90d5be409760a23122a9948ab9b0b52d517872abbbfce674483e672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Feb 2024 09:30:42 GMT
content-md5: 9Xfk99I6/oEfPbAKRg16Aw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: m4b3hUnToSeTwtFGU7U7lGRt9x0+9Jm9wJKyrwfDU2IX55s+NOvseDIplsUj+atFaxD4TYmi2BNN9MgualDqKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: edc0d7bf0b86b6e6285644dc5aa9fc2f
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "145647e0ee3a5c69cbd27ff3138ce72a"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 10 Feb 2024 09:33:41 GMT

GET
H2

200

main.js Show response
www.tapatalk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 39AB
Redirect Chain

https://www.tapatalk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.tapatalk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
3 KB

19ms
19ms

Script
application/javascript

2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tapatalk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Requested by

Protocol

Server

2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3004e196f3421f98ff0d9822754b47a4ec0cab0d680c85bc3a7b7671c299d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 853355bfdb373616-FRA

Redirect headers

access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
date: Sat, 10 Feb 2024 09:30:42 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 853355bf7a923616-FRA
vary: accept-encoding

GET
H2 200 rocket%402x.png
groups.tapatalk-cdn.com/static/image/ 55 KB
55 KB 70ms
70ms Image
image/webp 2606:4700:10::6814:2d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.tapatalk-cdn.com/static/image/rocket%402x.png
Requested by: Host: vetsbenefits.net
URL: https://vetsbenefits.net/styles/Tapatalk/theme/stylesheet-custom.css?v=2024011901
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fcd8f9bc9dec1f00c92aa6850073de0f0c10160c13614f883f41383a7ccea24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 23:35:09 GMT
server: cloudflare
cf-polished: origFmt=png, origSize=159124
etag: "926ad59ca76440158c0832abdf849f04"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="rocket%402x.webp"
accept-ranges: bytes
cf-ray: 853355bf8e9b65c6-FRA
content-length: 56196

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2B59 33 KB
34 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Mono|Google+Sans:%20400,500,600,700|Material+Icons|Google+Sans+Display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tapatalk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:23:16 GMT
x-content-type-options: nosniff
age: 40046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 22:23:16 GMT

POST
H2 204 player
events.browsiprod.com/events/video/ 0
101 B 553ms
174ms Ping
text/plain 35.162.236.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/video/player
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.236.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-236-57.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:42 GMT
access-control-allow-credentials: true

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ 184 B
932 B 149ms
149ms XHR
application/json 2600:9000:225e:f000:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e7edf186b41a26fb217df3333d1df52565f3e376f872b34f86cc8175b181b118

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA60-P4
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 184
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://vetsbenefits.net
x-download-options: noopen
access-control-allow-credentials: true
x-amz-cf-id: Wmsgih-E1vm6Rt5I3KAaURN8T-Nl-1t_JLebh8Z-QvgGkzR-sGCFAg==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 150ms
149ms Preflight 2600:9000:225e:f000:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://vetsbenefits.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: http://vetsbenefits.net
access-control-max-age: 86400
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sat, 10 Feb 2024 09:30:42 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-id: ByIw1sursJ_5JaAax0DBNopnvO0Uqe52HmPT2TqenivHIihOVVdGDA==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 179ms
178ms Ping
text/plain 54.70.70.46

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.70.46 Boardman, United States, ASN (),
Reverse DNS: ec2-54-70-70-46.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame B6BA 286 B
2 KB 69ms
34ms Document
text/html 2a00:1450:400c:c04::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85023b8a6481888421e028629c34bec4fe742ac1aa12cfa534a6875be2369a75

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SkDVJp8omfGnSONjp9VKfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tapatalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SkDVJp8omfGnSONjp9VKfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 09:30:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/IdpIFrameHttp/web-reports?context=eJzjctHikmII0pBiePflJZPA15dMEkCsBcQ7fDxY3oRPZ-WLmM4aVzedtQCI-dZNZzVcP53VKX0GawgQ-9TPYI0DYiEejkMtc9exCSz49mgxEwAPHx9h"
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2B59 298 KB
85 KB 31ms
15ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=848c42b90f6b22f3e7a126f0c3853c77

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56fa9f8b3d2195a2b08bf29bf009aa33afdd191b3da93ab37c0911ce01dbae10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tapatalk.com/
Origin: https://www.tapatalk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Feb 2024 09:30:42 GMT
content-md5: wjAqsiMbjT7+XppyE1VheQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87206
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: KpTzpl1/erQSWRyGZxOF9KvkW59XCVZVxP5ZYak/KGzfwJtR0ZGuK+/xcw2k7yIJVeXKSZVXrt9YTcjxs73aGQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 14aa7277e88eb35c0a3e9f139959e5c3
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "0b5c0299fbd694a1d63c8a269989214b"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 09 Feb 2025 08:19:09 GMT

POST
H2 200 853355ba3aac3616 Show response
www.tapatalk.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 39AB 0
273 B 40ms
40ms XHR
text/plain 2606:4700:10::6814:d358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/cdn-cgi/challenge-platform/h/b/jsd/r/853355ba3aac3616
Requested by: Host: www.tapatalk.com
URL: https://www.tapatalk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: br
server: cloudflare
cf-ray: 853355c09c2e3616-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 513 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 239ms
196ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/513?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fvetsbenefits.net%2F&ref=&_it=amazon&partner_id=513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a0e67b230c7dc214e53017e330863f1bf6fc339fc3385e153e8cc7401dbceac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 10 Feb 2024 09:23:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 853355c0dfa46aba-FRA

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2Vmh3cGwEus.es5.O/am=wA/d=1/rs=AOaEmlEFuEapUxSZyRrmUXxK9rCeNt-uLg/ Frame B6BA 108 KB
37 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2Vmh3cGwEus.es5.O/am=wA/d=1/rs=AOaEmlEFuEapUxSZyRrmUXxK9rCeNt-uLg/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b9c26c731b91ae07c16ae6d416a385ecb966183e01b74c8bc18e2c26db5dc39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37780
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 05:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 22:50:41 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame B6BA 2 KB
913 B 26ms
26ms Other
text/html 2a00:1450:400c:c04::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2cad4e53bd99de7f1a82245378b73351d90e893fe0cffac421f31ce243d681e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 2B59 0
0 57ms
26ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=http%3A%2F%2Fvetsbenefits.net&client_id=469687153111700&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.tapatalk.com%2Fconnect%2Fregister%3Fclient_id%3D1489117111%26state%3DREG%3A8612f13d0e2b6eaea726248f8548d610%26response_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fvetsbenefits.net%2Fauth.php%26scope%3Dbasic%26fname%3DVeterans%2BBenefits%2BNetwork%26fid%3D1924176%26sty%3Dttg%26forumid%3D455%26register_channel%3Dttg_banner%26is_nav%3Dnormal&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=848c42b90f6b22f3e7a126f0c3853c77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tapatalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=();report-to="permissions_policy"
strict-transport-security: max-age=15552000; preload
date: Sat, 10 Feb 2024 09:30:42 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: no-cache
x-fb-debug: so1Qz2P5sUA8pTtJtlYyyXaHjXhkhpWsnu4+6Ja05qAwIzr6Jp1O/4V7fjABexuQMzxdb1m1Xt3FzH8I8RNlyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tapatalk.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame B6BA 49 B
495 B 17ms
17ms XHR
application/json 2a00:1450:400c:c04::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.tapatalk.com&client_id=608452217441-brmruuk1eu7gn65qtdbrt145umf88klu.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2Vmh3cGwEus.es5.O/am=wA/d=1/rs=AOaEmlEFuEapUxSZyRrmUXxK9rCeNt-uLg/m=base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-jIrZFrBsU5_6gtRLDGg6CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-jIrZFrBsU5_6gtRLDGg6CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
x-content-type-options: nosniff
date: Sat, 10 Feb 2024 09:13:37 GMT
content-encoding: gzip
age: 1025
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65
x-xss-protection: 0
reporting-endpoints: default="/_/IdpIFrameHttp/web-reports?context=eJzjctHikmLw15BiePflJZPA15dMEkCsBcQ7fDxY3oRPZ-WLmM4aVzedtQCI-dZNZzVcP53VKX0GawgQ-9TPYI0DYiEejoN_5qxjE_jxd9VaJgAUESAF"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 10 Feb 2024 10:13:37 GMT

OPTIONS
H2 204 1
avm.avantisvideo.com/api/v1/vl/24351293-eb5a-4067-9beb-546c7592c13e/ Frame 0
0 146ms
146ms Preflight 2600:9000:225e:f000:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/vl/24351293-eb5a-4067-9beb-546c7592c13e/1?no_cache=false&target=true&device=desktop&countryAllowed=false&cb=1707557442825&subId=%22%22&browser=chrome&utm=%22%22&os=windows&url=http%3A%2F%2Fvetsbenefits.net%2F&eu=true&country=DE&hour=10&day=6&amp=false&domain=vetsbenefits.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://vetsbenefits.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: http://vetsbenefits.net
access-control-max-age: 86400
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sat, 10 Feb 2024 09:30:42 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-id: PNzzT1hhtBvj2bIOhgoJVGGpPJpuA3wXd4mv26hXVkUvufjv5YOm2A==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 1 Show response
avm.avantisvideo.com/api/v1/vl/24351293-eb5a-4067-9beb-546c7592c13e/ 10 KB
4 KB 170ms
169ms XHR
text/plain 2600:9000:225e:f000:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0968856d998fad33768767d30e245252227fae2558c481a871038be4ce1e4b2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Feb 2024 09:30:43 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://vetsbenefits.net
x-download-options: noopen
access-control-allow-credentials: true
x-amz-cf-id: N8BXF242O3h4eMP-bUts7VHe7xiDIjni0WD4iByO52DdjGSU8NWKXw==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 379 KB
131 KB 122ms
71ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea5e83246f6639bb89d6ac5e7b5d5597d5d05eee7b5dcb7996fbffaf6297f3e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133145
x-xss-protection: 0
expires: Sat, 10 Feb 2024 09:30:43 GMT

GET
H2 200 prebid.js Show response
cdn.avantisvideo.com/js/ 727 KB
227 KB 8ms
8ms Script
application/javascript 2600:9000:2644:e800:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/prebid.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:e800:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c195f7f86114ba28d547a30f24316b33102a42d54ac5e1161aacfadf9ff8462

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: ydv2L5k_MHY86g3mgS59yK4OYje.Adzt
content-encoding: gzip
via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 03:08:21 GMT
last-modified: Tue, 28 Nov 2023 14:55:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 22942
x-amz-server-side-encryption: AES256
etag: W/"6cb5627b51a626b14a82d96e24075fb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: wRAmSuEaCOYrpYNFg1fzz8gQ4QveGvSCcSLMUhsJLThiJDZSfL2jHw==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 37ms
19ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240210

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af17167928b0d3c206167db65670644078c2d0776192c696cc1a2f2b09a6d78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Feb 2024 09:30:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19789
x-jsd-version: 1.0.1961
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21977-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"637-LRSKNzLNiglCD5B43ZHFW2OIRyA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZbHZ1B0WXUjqxg4y0pfCC%2BVQkRonoyrPzFCT89QDK5zL7zAuB3FWAOD7qQWV7p9ux%2FqWeVngHNzoAa3ravQ1tQnQb1sg9vQ0uEwiPbHv2KPacx0NgRhuTvOHqydvviIICXw1SzPlr4OV0FOv50%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 853355c41cde90da-FRA

GET
H2 200 IIQUniversalID-5.4.js Show response
cdn.avantisvideo.com/js/ 55 KB
13 KB 8ms
7ms Script
application/javascript 2600:9000:2644:e800:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/IIQUniversalID-5.4.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:e800:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db7b65df8750bb51c57b5ed15f1eb6cbc826d805943ffac2a10f494c7a2b702b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 19jbd449.l4plpiZGEH_KqaDOfWnHBCH
content-encoding: gzip
via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 03:16:30 GMT
last-modified: Sun, 18 Jun 2023 11:27:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 22465
x-amz-server-side-encryption: AES256
etag: W/"a483bdb2fa74476427b16deeaf3613ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pmqUszVC_taEG4LjmGQVRK59NVEUHPe-XMIWN4vyjEtac_mRxGBTtw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 468D 286 KB
71 KB 8ms
8ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:01:50 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 20:22:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1734
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: lsHTnPasDcvhT3DTqFmH_-ux9qBdRodbafvQoQ7l94WVTEtIV4w6Bg==

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
864 B 47ms
8ms Script
text/javascript 2a02:26f0:480:7b5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:7b5::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:43 GMT
X-GUploader-UploadID: ABPtcPpEy-E4OkKqjH5BnPBAD3PMGSqj_7j5e7ZhMKiAnGc5tsQZf5ARFO5IC8zmMeX3f-C0cdZdUdsh
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
Vary: Origin
x-goog-generation: 1589462556858294
Content-Type: text/javascript
Access-Control-Allow-Origin: *
x-goog-hash: crc32c=cz4mSA==, md5=VveFJB0O2f5RqBcLndUCcg==
Access-Control-Expose-Headers: Content-Type, range
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: false
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Expires: Sat, 10 Feb 2024 10:00:43 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 468D 6 KB
3 KB 8ms
8ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 06:15:25 GMT
x-amz-cf-pop: FRA56-P6
age: 11719
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: pCNS_Cvpo8QpJUOsZMSYIGgr4tYIlj0XBYFwkS4vLiHE2b73fK7ekg==

GET
H2 200 8f9815c0-9661-45ca-805e-aeded2bf5e50 Show response
config.aps.amazon-adsystem.com/configs/ Frame 468D 564 B
828 B 7ms
7ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/8f9815c0-9661-45ca-805e-aeded2bf5e50
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: ca46c3ee68aa92cb19fdca66573741ae548f48772b8f8118976821c8966922ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 08:57:26 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1997
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: nO2fvH9v3Ar9aYGKX-E1-9eKOPCc5E7UKnxVw9n5DmSXtP2LCHiS0Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 468D 3 KB
3 KB 104ms
104ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fvetsbenefits.net&pubid=8f9815c0-9661-45ca-805e-aeded2bf5e50
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c807396c3ba74b2d16228bfd601e8f4a10dcab9f856ca66e83fb86351ada3904

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:43 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2899
x-amz-cf-id: vuXMl6MMqeoLK4wNpc_aYhB5B5_GSJ2aW5GjxUUNuWafJCyuyVD2rw==

GET
H/1.1 200
OK aniview.js Show response
player.aniview.com/script/6.1/ 39 KB
14 KB 68ms
8ms Script
text/javascript 2a02:26f0:480:33::212:40d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=24351293-eb5a-4067-9beb-546c7592c13e&tagId=1&subId=&callback=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: fbc5b3082e4da8d949f7de87551e388c7808d853a8f4f4a6cd5d84a9842fb7c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:43 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABPtcPrCOJDyn7MS68-BOMJxEnrvsuRqpHmhMPSnzfGqZE0Gkvcd8sRNnali1LWZyjjlCKrQ9VDObxDT9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 13580
Last-Modified: Wed, 07 Feb 2024 08:35:31 GMT
Server: UploadServer
ETag: "5fefe32be884df798252040eda122967"
Vary: Accept-Encoding
x-goog-generation: 1707294931572641
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-goog-hash: crc32c=vW0VRQ==, md5=X+/jK+iE33mCUgQO2hIpZw==
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, no-transform, max-age=900
x-goog-stored-content-length: 13580
Accept-Ranges: bytes
Expires: Sat, 10 Feb 2024 09:45:43 GMT

GET
H/1.1 200
OK kiosked-loader.js Show response
scripts.kiosked.com/loader/ Frame 468D 581 KB
179 KB 7ms
7ms Script
application/javascript 18.245.46.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: HTTP/1.1
Server: 18.245.46.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-36.fra56.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 2c05bfd857e468a34ce7085020a1658c69f14ece8fed4bdec53039ef593c20ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:23:27 GMT
Content-Encoding: gzip
Via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
Server: nginx/1.14.2
X-Amz-Cf-Pop: FRA56-P9
Age: 436
ETag: W/"2c05bfd857e468a34ce7085020a1658c69f14ece8fed4bdec53039ef593c20ed"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
P3P: CP="KIOSKED"
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=1200
Connection: keep-alive
Timing-Allow-Origin: *
X-Amz-Cf-Id: jwaxaYW8XpQXpLMwCgTPh8AHyIRlvbUb8sQjzhbRv195XHaMQ8NSDQ==

GET
H/1.1 200
OK pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 468D 54 KB
17 KB 14ms
13ms Script
application/javascript 2.23.78.67

General

Check archive.org

Show headers Download Go to

Full URL: http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: HTTP/1.1
Server: 2.23.78.67 Düsseldorf, Germany, ASN (),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 19:40:17 GMT
Server: Apache
ETag: "d734-5f2f3919e751f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17407
Expires: Sat, 10 Feb 2024 09:45:43 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 468D 39 KB
12 KB 9ms
8ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:30:07 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 75637
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 2-c0dhQ5_tLaF2dO86d6B0VJA0bqdzwKMt2s4OXywImuZlDSET5y1g==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame 468D 55 KB
10 KB 21ms
21ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=http%3A%2F%2Fvetsbenefits.net%2F&_it=amazon&partner_id=513
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:43 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 6201
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 853355c5dac19c00-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2

200

id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 468D
Redirect Chain

http://cdn.id5-sync.com/api/1.0/id5-api.js
https://cdn.id5-sync.com/api/1.0/id5-api.js

88 KB
26 KB

28ms
28ms

Script
text/javascript

2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cd07edee68cd765a7cdde6fefbd032242acc261496048c610c9d2b401ef105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:41:43 GMT
server: cloudflare
x-amz-request-id: 10S3JXSWSH2GFS26
age: 2162
etag: W/"5f1afea320c5039c2b1fe5fdbc5608a7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 853355c5de2165dd-FRA
x-amz-id-2: Nbm0zl+WHCQcVoBWcbq8vnZ5llBHOsrgbAWRWuUWRPdFQdWA7PJ+CEQUoOD8uQ7ho+g/WbHbR+s=

Redirect headers

Location: https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 468D 60 B
332 B 33ms
33ms XHR
application/json 54.76.95.112

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.95.112 Dublin, Ireland, ASN (),
Reverse DNS: ec2-54-76-95-112.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2cc67d3d9e4c817eafee6c6bd08e07d1bedbffce9c390c8b3228ec5ae42b5329

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://vetsbenefits.net
cache-control: no-cache
x-server: 10.45.3.110
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 200
OK bridge3.619.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AAA4 756 KB
242 KB 22ms
13ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.619.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450574a0b2790cb089d690ab58940cb4816906a05ced1b4df116073dec25acbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 120924
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Length: 247627
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 08 Feb 2024 23:55:19 GMT
Expires: Fri, 07 Feb 2025 23:55:19 GMT
Last-Modified: Thu, 08 Feb 2024 23:41:37 GMT
Report-To: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server: sffe
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 84ms
40ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 09:30:43 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C065 40 KB
14 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 08:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 10 Feb 2024 09:36:51 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 468D 23 B
356 B 40ms
39ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fvetsbenefits.net%2F&pid=B6CZrjVfUvD8I&cb=0&ws=1600x1200&v=24.205.1508&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A152%2C%22id%22%3A%22AvantisOutstreamSlot1%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=8f9815c0-9661-45ca-805e-aeded2bf5e50&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:42 GMT
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TmRFMYGGI3Y-KhPxOEUxjxl1aBDShL0O4KkrjayBe9YDdzzB7rUbpg==

GET
H3 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame A5FB 472 KB
135 KB 39ms
10ms Script
text/javascript 2a02:26f0:480:33::212:40d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 34e4f22d3ae91037ddc9bbb69ac558d38f3f6adf66db7244f85b02e7a7982179

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 09:45:43 GMT
date: Sat, 10 Feb 2024 09:30:43 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPqY--ld_NcPHJ0SgIWRPIKmy1pUGDOi-p-WEcU7SmShJddDc3oYycFG_IwUfdQKZZjAA9y5_qPD9g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 138649
last-modified: Wed, 07 Feb 2024 08:35:31 GMT
server: UploadServer
etag: "83f6469267e1d9ed6da9219bb8a10c32"
vary: Accept-Encoding
x-goog-generation: 1707294931643142
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=HPDY6g==, md5=g/ZGkmfh2e1tqSGbuKEMMg==
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=900
x-goog-stored-content-length: 138649
accept-ranges: bytes
quic-version: 0x00000001

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 573 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 528 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 224 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 398 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 39 KB
5 KB 619ms
345ms XHR
application/json 173.0.146.6

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=http%3A%2F%2Fvetsbenefits.net%2F&AV_SECURED=0&AV_LANGUAGE=en&AV_PUBLISHERID=59918a0e073ef4782e4e347f&AV_CHANNELID=64413a5f04c9c895d10d1237&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=vetsbenefits.net&AV_DADPOS=3&AV_GPID=/59918a0e073ef4782e4e347f/64413a5f04c9c895d10d1237/vetsbenefits.net&d36=6.2.171&responsive=1&sver=4&avtoken=443830&omv=1.0.1&clsid=e6825aa9-7800-4bf3-a1ce-27a23ae1da2d&rando=2&scnt=1&AV_WIDTH=600&AV_HEIGHT=337&AV_DNT=0&cb=1707557443833&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.0.146.6 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: d1361d9804e13a37572be228cf9da322a1f45ed166e121da914acf094d5f0720

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: http://vetsbenefits.net
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Mon, 29 Jan 2024 19:44:04 GMT

GET
H2 200 track
track1.aniview.com/ 0
143 B 320ms
95ms Image
text/plain 96.46.186.186

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=vetsbenefits.net&sn=&ic=0&tgt=0&app=&wi=600&he=337&test=&d36=6.2.171&apppkg=&fv=3&proto=http&clsid=e6825aa9-7800-4bf3-a1ce-27a23ae1da2d&rando=2&scnt=1&pid=59918a0e073ef4782e4e347f&cid=64413a5f04c9c895d10d1237&stagid=&stplid=&e=inventory&vi=93&cb=1707557443832
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame AAA4 124 B
125 B 36ms
20ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2200814623679343&iu=%2F7103%2C22662187259%2C728035918%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&cust_params=avpp%3D2%26avtest%3D24351293-eb5a-4067-9beb-546c7592c13e_1&vpa=auto&sdkv=h.3.619.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=2012757220&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.619.0&sid=18816777-CE27-4A95-B935-1C97A6814EA3&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027&url=http%3A%2F%2Fvetsbenefits.net%2F&top=http%3A%2F%2Fvetsbenefits.net%2F&loc=http%3A%2F%2Fvetsbenefits.net%2F&dlt=1707557440508&idt=3268&dt=1707557444171&scor=3098049258659104&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.619.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AAA4 0
234 B 518ms
166ms Ping
image/gif 2607:f8b0:4007:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lsfvm3z9&c=59718907796&slotId=29859453898&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:818::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame E832 0
0 30ms
7ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 pixel
ap.lijit.com/ Frame 3FDF 0
0 160ms
33ms Document
text/plain 108.128.175.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D18%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.175.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-175-244.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
date: Sat, 10 Feb 2024 09:30:44 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 714C
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=9cd0ce424c613c0f129aaae67ce57&_fw_gdpr=1&_fw_gdpr_consent=

0
278 B

135ms
100ms

Document
text/plain

96.46.186.182
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=9cd0ce424c613c0f129aaae67ce57&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 10 Feb 2024 09:30:44 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sat, 10 Feb 2024 09:30:44 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=9cd0ce424c613c0f129aaae67ce57&_fw_gdpr=1&_fw_gdpr_consent=
Pragma: no-cache
Server: nginx
x-sticky-vk: 1707557444656020-368

GET
H/1.1 200 auto-user-sync Show response
ads.stickyadstv.com/ Frame 65C1 43 B
577 B 237ms
20ms Document
image/gif 2607:ae80:192:1::172
FREEWHEEL

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:192:1::172 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Date: Sat, 10 Feb 2024 09:30:44 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
x-sticky-vk: 1707557444601088-396

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D24F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
555 B

55ms
10ms

Document
text/html

88.221.125.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 10 Feb 2024 09:30:44 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 10 Feb 2024 09:30:44 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 25A2
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D105%26pid%3D59c9148...
https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1

0
224 B

306ms
98ms

Document
text/plain

96.46.186.182
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 10 Feb 2024 09:30:44 GMT

Redirect headers

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Sat, 10 Feb 2024 09:30:44 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
server: envoy
x-envoy-upstream-service-time: 0

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 8412
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26bid...
https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=200&key=OPTOUT

0
44 B

314ms
102ms

Document
text/plain

96.46.186.182
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=200&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 10 Feb 2024 09:30:44 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 10 Feb 2024 09:30:44 GMT
etag: OPTOUT
expires: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=200&key=OPTOUT
pragma: no-cache

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame D4F0 43 B
295 B 57ms
19ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D23%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Sat, 10 Feb 2024 09:30:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9D49 16 KB
6 KB 50ms
8ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=134948
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 10 Feb 2024 09:30:44 GMT
expires: Sun, 11 Feb 2024 22:59:52 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58815/ Frame 8B08 0
0 135ms
55ms Document
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=&gpp=&gpp_sid=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Sat, 10 Feb 2024 09:30:44 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.94
strict-transport-security: max-age=31536000

GET
H2 204 /
ssp.disqus.com/redirectuser/ Frame 979D 0
0 356ms
105ms Document
text/plain 52.202.97.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D52%26key%3DBUYERUID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.97.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-97-47.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
date: Sat, 10 Feb 2024 09:30:44 GMT
expires: 0
pragma: no-cache

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 9B28
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1707557444172-172028141088-000154-000-008494%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=55&key=7302052777624869392

0
261 B

304ms
96ms

Document
text/plain

96.46.186.182
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=55&key=7302052777624869392
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 10 Feb 2024 09:30:44 GMT

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 618c65b4-f197-423b-a59e-2d43bb071a61
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 10 Feb 2024 09:30:44 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1707557444172-172028141088-000154-000-008494&biddername=55&key=7302052777624869392
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 200 user_sync Show response
rtb.gamoshi.io/ Frame 3E75 42 B
473 B 423ms
112ms Document
image/gif 52.14.232.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gamoshi.io/user_sync?bidder=&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D71%26pid%3D59c9148628a0612da3689288%26key%3D%5Bgusr%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.232.75 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-14-232-75.us-east-2.compute.amazonaws.com
Software: g-gsh/1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 59
content-type: image/gif
date: Sat, 10 Feb 2024 09:30:44 GMT
server: g-gsh/1
vary: origin
x-gcontroller-pod: gcontroller-stable-595f7899cf-rhzkn

GET
H3 200 avpb8.21.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A5FB 289 KB
89 KB 8ms
7ms Script
text/javascript 2a02:26f0:480:33::212:40d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c82b6b3d9ca6bc2bc993a9c13227605e48ebd8995cf48836b321f1302030d5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 09:45:44 GMT
date: Sat, 10 Feb 2024 09:30:44 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPqvDbebJmg3l9O-vsLqHeacQp2kNqTIaIhCMaA468UFvnEQbl9Jp-0fWIXxkf7lIWBkmKs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 91460
last-modified: Wed, 07 Feb 2024 08:35:32 GMT
server: UploadServer
etag: "1d9c1ec53f90227bd546bacf049f89a4"
vary: Accept-Encoding
x-goog-generation: 1707294931972285
x-goog-hash: crc32c=KttOlA==, md5=HZwexT+QInvVRrrPBJ+JpA==
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=900
x-goog-stored-content-length: 91460
accept-ranges: bytes
quic-version: 0x00000001

GET
H3 200 avpb8.21.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A5FB 68 KB
23 KB 12ms
12ms Script
text/javascript 2a02:26f0:480:33::212:40d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 88b5d3d3501a35e93441969a766d4cdf3d9f5d87d4534e13d1d7d64793cc6006

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 09:45:44 GMT
date: Sat, 10 Feb 2024 09:30:44 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPo8pO0NlnhNxk6wUf59_1OdQY0Ekx-KHClbPyqdifhfuG03q4Sw9v6xNStul1R7GinWKhMxzT62Og
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 23198
last-modified: Wed, 07 Feb 2024 08:35:31 GMT
server: UploadServer
etag: "6770a582a0d01af4b7bce177da343da5"
vary: Accept-Encoding
x-goog-generation: 1707294931789201
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=4WjgzA==, md5=Z3ClgqDQGvS3vOF32jQ9pQ==
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=900
x-goog-stored-content-length: 23198
accept-ranges: bytes
quic-version: 0x00000001

GET
H3 200 avpb8.21.0a2.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A5FB 66 KB
21 KB 15ms
14ms Script
text/javascript 2a02:26f0:480:33::212:40d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a2.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59918a0e073ef4782e4e347f
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ce4dab5b138ccbbb9742103a1dd9dc52cf3b13789027e4ea0e1821cd27c69a5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 09:45:44 GMT
date: Sat, 10 Feb 2024 09:30:44 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPqPSQNjNA4wnMd3pm-6jzC9-aoQ7eFUBalmJK-z-XMpxzO7hBFOaR8Uq5I6Qf6pi-wddPs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 21388
last-modified: Wed, 07 Feb 2024 08:35:32 GMT
server: UploadServer
etag: "bb2391577985f7283e190c814adf176f"
vary: Accept-Encoding
x-goog-generation: 1707294931896471
x-goog-hash: crc32c=Sia/vw==, md5=uyORV3mF9yg+GQyBSt8Xbw==
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, no-transform, max-age=900
x-goog-stored-content-length: 21388
accept-ranges: bytes
quic-version: 0x00000001

GET
H2

200

apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 0997
Redirect Chain

http://c.amazon-adsystem.com/aax2/apstag.js
https://c.amazon-adsystem.com/aax2/apstag.js

286 KB
71 KB

8ms
7ms

Script
application/javascript

108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:01:50 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 20:22:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1735
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: RW-t0U0GxP-aW8tM89c09RKeoevp_79zsTfyVcimWWCFhTxPShVkEA==

Redirect headers

Date: Sat, 10 Feb 2024 09:30:44 GMT
Via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P6
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://c.amazon-adsystem.com/aax2/apstag.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: 5YDexr1TFVZHMXeQjsimok1vqeNXsjDxGh9ZWkjXq1eII4r_vTSgWw==

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 63ms
13ms Preflight
text/plain 46.228.174.115

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://vetsbenefits.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://vetsbenefits.net
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sat, 10 Feb 2024 09:30:44 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A5FB 0
56 B 86ms
29ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A5FB 0
56 B 71ms
15ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A5FB 0
112 B 69ms
15ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ Frame A5FB 11 B
205 B 56ms
18ms Fetch
application/json 46.228.174.115

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: http://vetsbenefits.net
pragma: no-cache
date: Sat, 10 Feb 2024 09:30:44 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11
content-type: application/json

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0997 6 KB
3 KB 8ms
7ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 06:15:25 GMT
x-amz-cf-pop: FRA56-P6
age: 11720
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: qiFIua3sGzieBXVygFt2AHvIjDVZpkhWbjoaOjkyfnvANf1UYXcNEg==

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9D49 0
42 B 61ms
13ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67667290&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1707557444172-172028141088-000154-000-008494%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
content-length: 0

GET
H2 200 9eaf46de-e1bd-41c9-8a11-f5862f62cd8e Show response
config.aps.amazon-adsystem.com/configs/ Frame 0997 564 B
826 B 7ms
7ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: c081a0a5ec5881bc8670c36684995936665b1841f71b4d7ac0a4d856e67d405c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:23:53 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 411
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: jwAmoeXasxTVP-iQ6O1e7qJasAD3l0Q88cXTLCIXG_Pm6Et7WP5H_A==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 0997 4 KB
5 KB 102ms
102ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fvetsbenefits.net&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 4461
x-amz-cf-id: ItL5fJPQKNiH9iZUGwK4EUafQOkH95UUyeUDfTEB6MPJ7qBZwyvrZg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 0997 23 B
354 B 340ms
339ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fvetsbenefits.net%2F&pid=yMEPMc8V4lCEs&cb=0&ws=1600x1200&v=24.205.1508&t=8000&slots=%5B%7B%22id%22%3A%22videoE%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!spotim.market%2C59918a0e073ef4782e4e347f%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:43 GMT
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: teVOW2-idj00VY10iJMUxKce7fJ4-bjhdelgTVHz1ClsYvX2OAUuEw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 0997 23 B
356 B 112ms
111ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fvetsbenefits.net%2F&pid=yMEPMc8V4lCEs&cb=1&ws=1600x1200&v=24.205.1508&t=8000&slots=%5B%7B%22id%22%3A%22videoC%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!spotim.market%2C59918a0e073ef4782e4e347f%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: p7WMV4TARE9QD5YjOQ52l5LFMkhy4ZKSVNcXlaY4xiDfU7wwtjsqNg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 0997 23 B
354 B 110ms
110ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fvetsbenefits.net%2F&pid=yMEPMc8V4lCEs&cb=2&ws=1600x1200&v=24.205.1508&t=8000&slots=%5B%7B%22id%22%3A%22videoD%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!spotim.market%2C59918a0e073ef4782e4e347f%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 33aAFMP4apvdnuFpFffXmbtjW4dc3fPv39W35hHepIeG5-AFNOAf8Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 0997 23 B
355 B 108ms
108ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fvetsbenefits.net%2F&pid=yMEPMc8V4lCEs&cb=3&ws=1600x1200&v=24.205.1508&t=8000&slots=%5B%7B%22id%22%3A%22videoG%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!spotim.market%2C59918a0e073ef4782e4e347f%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yxZKYl1I7wZBh4jsriuiUOuEDCmmevqw9PHLMk_ilbNV1eeH8x6uvA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 0997 23 B
356 B 111ms
110ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fvetsbenefits.net%2F&pid=yMEPMc8V4lCEs&cb=4&ws=1600x1200&v=24.205.1508&t=8000&slots=%5B%7B%22id%22%3A%22videoE%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!spotim.market%2C59918a0e073ef4782e4e347f%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nHkFP8KjnkcmOxIINtYElyrF7Wsp13XPVYiFmFcoGRCK5Ym7wWHdgw==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D24F 39 KB
11 KB 10ms
10ms Script
text/html 88.221.125.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b126cbb2c02bb7d043cb76b000330960ee431c5d887b85445ae6d9c71b4ed24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 10 Feb 2024 07:47:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80193
Connection: keep-alive
Content-Length: 10922
Expires: Sun, 11 Feb 2024 07:47:17 GMT

GET
H2

200

tag Show response
btloader.com/ Frame 0997
Redirect Chain

https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=vetsbenefits.net&ver=1.2
https://btloader.com/tag?aax_id=AAX413QP4&domain=vetsbenefits.net&ver=1.2&upapi=true
https://btloader.com/tag?o=5080945107927040&domain=vetsbenefits.net&upapi=true

53 KB
18 KB

136ms
135ms

Script
application/javascript

2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5080945107927040&domain=vetsbenefits.net&upapi=true
Protocol: H2
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ac3765cb1b5cbd296d997420dc537335b330c94dc7eb734f79bcc513be0037

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:45 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: EXPIRED
last-modified: Sat, 10 Feb 2024 09:30:38 GMT
server: cloudflare
etag: "f9836f61bc69ac4860d7edb58c2e1a0e"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 853355ceeeaf37f8-FRA
content-length: 18146

Redirect headers

date: Sat, 10 Feb 2024 09:30:44 GMT
via: 1.1 google
cf-cache-status: EXPIRED
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8
location: /tag?o=5080945107927040&domain=vetsbenefits.net&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 853355cdaccf37f8-FRA

GET
H/1.1 200
OK pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 0997 54 KB
17 KB 11ms
11ms Script
application/javascript 2.23.78.67

General

Check archive.org

Show headers Download Go to

Full URL: http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: HTTP/1.1
Server: 2.23.78.67 Düsseldorf, Germany, ASN (),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 09:30:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 19:40:17 GMT
Server: Apache
ETag: "d734-5f2f3919e751f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17407
Expires: Sat, 10 Feb 2024 09:45:44 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 0997 39 KB
12 KB 8ms
7ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:30:07 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 75638
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: HcDPSOy5ZnI5Y6ko0iQbsRgt5OtgkIH0toszrmmUIgGNK7D4w2ULNw==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame 0997 55 KB
10 KB 21ms
20ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fvetsbenefits.net%2F&ref=http%3A%2F%2Fvetsbenefits.net%2F&_it=amazon&partner_id=471
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 6202
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 853355cd39899c00-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2

200

id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 0997
Redirect Chain

http://cdn.id5-sync.com/api/1.0/id5-api.js
https://cdn.id5-sync.com/api/1.0/id5-api.js

88 KB
26 KB

20ms
20ms

Script
text/javascript

2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cd07edee68cd765a7cdde6fefbd032242acc261496048c610c9d2b401ef105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:41:43 GMT
server: cloudflare
x-amz-request-id: 10S3JXSWSH2GFS26
age: 2163
etag: W/"5f1afea320c5039c2b1fe5fdbc5608a7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 853355cd3ab065dd-FRA
x-amz-id-2: Nbm0zl+WHCQcVoBWcbq8vnZ5llBHOsrgbAWRWuUWRPdFQdWA7PJ+CEQUoOD8uQ7ho+g/WbHbR+s=

Redirect headers

Location: https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 0997 14 KB
5 KB 55ms
32ms Script
application/javascript 2.23.78.67

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN (),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Sat, 10 Feb 2024 09:45:44 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 0997 60 B
332 B 40ms
40ms XHR
application/json 54.76.95.112

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.95.112 Dublin, Ireland, ASN (),
Reverse DNS: ec2-54-76-95-112.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 43392250c0ee8476dcc8e7889149cec32f703ff11d633d91eb5a4e9feb8714f5

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:44 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://vetsbenefits.net
cache-control: no-cache
x-server: 10.45.10.27
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 0997 49 KB
17 KB 11ms
11ms Script
application/javascript 2.23.78.67

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN (),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Sat, 10 Feb 2024 09:45:44 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 0997 190 B
462 B 98ms
16ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: http://vetsbenefits.net
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Sat, 10 Feb 2024 10:00:44 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 0997 229 KB
66 KB 11ms
11ms Script
application/javascript 2.23.78.67

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN (),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:44 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Sat, 10 Feb 2024 09:45:44 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 150ms
8ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: http://vetsbenefits.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: http://vetsbenefits.net
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 10 Feb 2024 09:30:45 GMT
server: ATS/9.1.10.94

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 92ms
29ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=52979715389&lsavail=1

Requested by

Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:44 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 356 B
880 B 437ms
160ms XHR
application/json 2602:803:c003:200::91
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17558&site_id=451456&zone_id=2632246&size_id=2&gdpr=0&rp_schain=1.0,1!kiosked.com,12319,1,,,&eid_pubcid.org=97a55293-21ea-42d5-8114-49cf7f911646%5E1&rf=http%3A%2F%2Fvetsbenefits.net%2F&tg_i.domain=vetsbenefits.net&tg_i.page=http%3A%2F%2Fvetsbenefits.net%2F&tg_i.pbadslot=12319_a11b8147048c95636c6aeed040e83237&tk_flint=pbjs_lite_v7.54.5&x_source.tid=10472f6a-cdec-471e-9c47-6a6911cd919c&l_pb_bid_id=4da3c8811ec0f1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=10472f6a-cdec-471e-9c47-6a6911cd919c&rp_maxbids=1&p_gpid=12319_a11b8147048c95636c6aeed040e83237&slots=1&rand=0.6778859884948039
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 873d15b1f88092680857e031ef2d6feb64a53839916687d4b46cee610fe07aca

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:45 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://vetsbenefits.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 356
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
1019 B 10ms
9ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:44 GMT
an-x-request-uuid: 6a9e8e18-0310-49b7-85f2-6ad16823c461
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: http://vetsbenefits.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 12ms
12ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
341 B 32ms
15ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash: 47f6eb21786098859440bf2397bec037053489ffa6f4ae628643a8c94fef7c5b

Request headers

Referer: http://vetsbenefits.net/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Feb 2024 09:30:45 GMT
content-encoding: gzip
server: ATS/9.1.10.94
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 318ms
18ms XHR
application/json 89.149.192.240
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.240 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:44 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
339 B 83ms
34ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: b0d7d6ef60e543fc451440b1fa523326fc77189e57245aca546a04ce726d5a6e

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Feb 2024 09:30:45 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 csi
csi.gstatic.com/ Frame AAA4 0
54 B 162ms
161ms Ping
image/gif 2607:f8b0:4007:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lsfvm4c5&c=59718907796&slotId=29859453898&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:818::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

404

websiteconfig Show response
api.btloader.com/ Frame 0997
Redirect Chain

https://api.btloader.com/websiteconfig?o=5080945107927040&w=vetsbenefits.net
https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=vetsbenefits.net

1 B
16 B

115ms
115ms

Fetch
text/plain

130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=vetsbenefits.net

Protocol

Server

130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

194.23.211.130.bc.googleusercontent.com

Software

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:45 GMT
via: 1.1 google
x-content-type-options: nosniff
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1

Redirect headers

date: Sat, 10 Feb 2024 09:30:45 GMT
via: 1.1 google
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: /websiteconfig?bt_env=prod&o=5080945107927040&w=vetsbenefits.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET
H2 200 px.gif
ad-delivery.net/ Frame 0997 43 B
371 B 18ms
17ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=vetsbenefits.net&ver=1.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 805781
x-guploader-uploadid: ABPtcPpIYU9GYWA9d34v55U3xtuPZwpzH-8zlNuoZeC48JgUSin9ojWXWINElBv9r-OXw11U0tgCQpYCow
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPNcnfRi1tH16jfN9Fg%2FOMpZHyxzXTFTzfYKUp0qCbZs9uFwcthpj%2BDmnf91ASXm5eYtJb%2B0hEX6cTNAWu7o%2FZGczilr8e%2Brs7h0%2Bc4wgxAHme7Ux2m9WQX6VwUM4Uoj1W98IqLRfxTrUjWDKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 853355cfceed65dd-FRA
expires: Thu, 01 Feb 2024 02:06:06 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ Frame 0997 1 KB
170 B 8ms
7ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=vetsbenefits.net&ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 12:58:06 GMT

GET
H2 200 state Show response
api.btloader.com/mw/ Frame 0997 40 B
90 B 117ms
116ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=vetsbenefits.net&ver=1.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 862da7a63ed8c7a0ff4fdfe2df7678c4739d6f49dc38eee1067b245553dc9119

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Feb 2024 09:30:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40
vary: Origin
content-type: application/json

GET
H2 200 px.gif
ad-delivery.net/ Frame 0997 43 B
342 B 17ms
17ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8756564709819579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 805781
x-guploader-uploadid: ABPtcPpIYU9GYWA9d34v55U3xtuPZwpzH-8zlNuoZeC48JgUSin9ojWXWINElBv9r-OXw11U0tgCQpYCow
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4g2CuT6H3lI%2BnB0BMq4M%2FAfLi1Sal4LNjGrMDQhVBhK99W6QP7zsx80UveJMigNuphex7IMUng%2B9YSimR2Y0VtA7T4Nmgk1wYY3UDT5%2BXqmRJ00%2Bmwm%2FWfBsXQOus1OrwVDRS748BPVAZOXHw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 853355cfceee65dd-FRA
expires: Thu, 01 Feb 2024 02:06:06 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame D24F 7 B
380 B 49ms
9ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame A5FB 135 B
416 B 43ms
7ms Fetch
application/json 162.19.138.118

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame A5FB 44 B
350 B 82ms
23ms Fetch
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=105

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 10 Feb 2024 09:30:45 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A368 16 KB
6 KB 10ms
10ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=134947
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 10 Feb 2024 09:30:45 GMT
expires: Sun, 11 Feb 2024 22:59:52 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame A5FB 33 B
275 B 40ms
7ms Fetch
application/json 162.19.138.118

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

7c43dbd339fa29c64002ce5d60b9b52ea3df1a9019fa9d514d1b862ffaa0ef83

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 371.json Show response
id5-sync.com/g/v2/ Frame A5FB 251 B
532 B 23ms
8ms Fetch
application/json 162.19.138.118

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/371.json

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a225883110172e8a92c3d0c985d7fad6b006c99fb1737b7ecf3240c189268b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C44A 97 KB
29 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f75b15d03c5cacc553a7f2bf91047b37f1e1bc6bb5d14a4dfd7c1bc39f2a8b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29808
x-xss-protection: 0
server: cafe
etag: 370 / 19763 / m202402060101 / config-hash: 3544666277437429358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 09:30:45 GMT

GET
H2

200

apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame C44A
Redirect Chain

http://c.amazon-adsystem.com/aax2/apstag.js
https://c.amazon-adsystem.com/aax2/apstag.js

286 KB
71 KB

9ms
8ms

Script
application/javascript

108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: vetsbenefits.net
URL: http://vetsbenefits.net/
Protocol: H2
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:01:50 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 20:22:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1736
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: bSOxVn9uwLcFbbi7KfMeqDyuIIi2ATAsrkMkfcFlTczCB6zTKVT7HA==

Redirect headers

Date: Sat, 10 Feb 2024 09:30:45 GMT
Via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P6
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://c.amazon-adsystem.com/aax2/apstag.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: a29gMyhepB3xvHMqWITv0d31Tm_ADkR1J3kS9mX7Fz-AULdWYliSkg==

GET
H2 200 0aa5f97c-34d0-438e-a448-1fd311575d67 Show response
config.aps.amazon-adsystem.com/configs/ Frame C44A 564 B
828 B 8ms
8ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0aa5f97c-34d0-438e-a448-1fd311575d67
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 28d83eac20105e029340977188611364f4c38053e85125a7fe00ad653f6d1990

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:11:05 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1180
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: eYQX9Em0WP64szFKXQ8Es6cwccRnoBsYXHMik8a6-QbGFe-brXM9Qg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame C44A 0
313 B 13ms
12ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fvetsbenefits.net&pubid=0aa5f97c-34d0-438e-a448-1fd311575d67
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:15:24 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 11721
x-cache: Hit from cloudfront
access-control-allow-origin: http://vetsbenefits.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 9BkKN2yzDWWULqHvVwk_CIooykT5gMdNVMWvF5lUFxBBXJyCkCLD9w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C44A 6 KB
3 KB 7ms
7ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 06:15:25 GMT
x-amz-cf-pop: FRA56-P6
age: 11721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: gpgYeOG-yjN5Gw1S_vWgADX0fgpsIAf8Aj4FOHz0NxkA5Hv0QwBHgg==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ Frame C44A 436 KB
136 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63638
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 16226629560626727405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 08 Feb 2025 15:50:07 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame C44A 23 B
354 B 111ms
111ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fvetsbenefits.net%2F&pid=kBF5P7WHAov43&cb=0&ws=728x90&v=24.205.1508&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-01hp95nm8mnbbtm5e14qc4pwyw-z299d2d6e21a3baa52fedc0e420c74e85-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F208190592%2C728035918%2Fda%2F12319%2FDA_tapatalk.com_inscreen_desktop_728x90%22%7D%5D&schain=1.0%2C1!kiosked.com%2C12319%2C1%2C%2C%2C&pubid=0aa5f97c-34d0-438e-a448-1fd311575d67&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:45 GMT
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ViQRg0jyMe9RVcH8hFb779FSX7oS218PMcL03zc900r9lejeqXpdlA==

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 317ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 09:30:46 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 16ms
15ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: http://vetsbenefits.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: http://vetsbenefits.net
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 10 Feb 2024 09:30:46 GMT
server: ATS/9.1.10.94

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame 468D 53 B
220 B 40ms
39ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 699a11c35fbb3999a0d9b1a30aa290d818372566c67c9dd66b49e24bad466ecd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Feb 2024 09:30:46 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 468D 0
337 B 23ms
22ms XHR
application/json 89.149.192.240
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.240 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:45 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 468D 66 B
139 B 21ms
20ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash: 1ecbb84b39f55f9bdc636cb70dff289d68c3312bc37da980f29ec44a0ff4a6fd

Request headers

Referer
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Feb 2024 09:30:46 GMT
content-encoding: gzip
server: ATS/9.1.10.94
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
content-length: 84

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 468D 0
193 B 21ms
21ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=55195037580&lsavail=1

Requested by

Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:46 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 468D 392 B
449 B 172ms
172ms XHR
application/json 2602:803:c003:200::91
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17558&site_id=451456&zone_id=2632246&size_id=2&gdpr=0&rp_schain=1.0,1!kiosked.com,12319,1,,,&eid_pubcid.org=97a55293-21ea-42d5-8114-49cf7f911646%5E1&rf=http%3A%2F%2Fvetsbenefits.net%2F&tg_i.domain=vetsbenefits.net&tg_i.page=http%3A%2F%2Fvetsbenefits.net%2F&tg_i.ref=http%3A%2F%2Fvetsbenefits.net%2F&tg_i.pbadslot=12319_a11b8147048c95636c6aeed040e83237&tk_flint=pbjs_lite_v7.54.5&x_source.tid=bf8344ac-7a4a-413f-8edb-d04689be51dd&l_pb_bid_id=102f57fadce046d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bf8344ac-7a4a-413f-8edb-d04689be51dd&rp_maxbids=1&p_gpid=12319_a11b8147048c95636c6aeed040e83237&slots=1&rand=0.6964042866849958
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f71f75edc8c1b156162ff97e368e7b9e73ccaad9590304c398d48a2465fef0f3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:46 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://vetsbenefits.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 392
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 468D 19 B
1019 B 17ms
16ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:46 GMT
an-x-request-uuid: 9821aa76-3bf3-4e41-8ded-466518aee46f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: http://vetsbenefits.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 468D 0
56 B 19ms
18ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: scripts.kiosked.com
URL: http://scripts.kiosked.com/loader/kiosked-loader.js?site=17601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://vetsbenefits.net
date: Sat, 10 Feb 2024 09:30:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 64 B
409 B 117ms
37ms XHR
application/json 34.251.227.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.227.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-227-26.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 5bc890e30c300100fc7f9bca2c1a2eac66c3b25f5cdaebe828883f9e2e8932d9

Request headers

Referer: http://vetsbenefits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Feb 2024 09:30:46 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: http://vetsbenefits.net
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 64

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 15F4 14 KB
6 KB 46ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vetsbenefits.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://vetsbenefits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 09:30:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 320919
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 54ms
23ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vetsbenefits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 09:30:46 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 89AE 96 KB
29 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vetsbenefits.net
URL: http://vetsbenefits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d5f8f2c370ee5390e7dc14ebf175326a5f8661d918d1c2ea025cd9a71c799d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29332
x-xss-protection: 0
server: cafe
etag: 974 / 19763 / m202402060101 / config-hash: 3544666277437429358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 09:30:46 GMT

GET
H2

200

apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 89AE
Redirect Chain

http://c.amazon-adsystem.com/aax2/apstag.js
https://c.amazon-adsystem.com/aax2/apstag.js

286 KB
71 KB

9ms
9ms

Script
application/javascript

108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:01:50 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 20:22:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1737
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: djKORERL5RWeY22av_u0370cCtmZ09TwizgYFADr-vasH5T3OBiA2w==

Redirect headers

Date: Sat, 10 Feb 2024 09:30:46 GMT
Via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P6
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://c.amazon-adsystem.com/aax2/apstag.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: qmAvzmVN4Weiv9B2MqaVi_rmsvLPr8LQS-aoZZy638eAbEtJWmxgPA==

GET
H2 200 0aa5f97c-34d0-438e-a448-1fd311575d67 Show response
config.aps.amazon-adsystem.com/configs/ Frame 89AE 564 B
827 B 7ms
7ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0aa5f97c-34d0-438e-a448-1fd311575d67
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 28d83eac20105e029340977188611364f4c38053e85125a7fe00ad653f6d1990

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:11:05 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1181
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: 31lRqONOSnTR2nqg5CVs2FO_1roXoD-2v2vLLD0H1ek34m33b20VNg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 89AE 0
302 B 108ms
107ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fvetsbenefits.net&pubid=0aa5f97c-34d0-438e-a448-1fd311575d67
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:46 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: http://vetsbenefits.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 9MTzUpS6pIT7K8eEczlTFc-0aEpvMUWvom4hhM7ji-CFZhqgpYRLtQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 89AE 6 KB
3 KB 7ms
7ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 06:15:25 GMT
x-amz-cf-pop: FRA56-P6
age: 11722
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: buW1qYSEhn_r-yF7vncP2JMFEHTTkZ21BewvWaVelBs-4k-_aXhRSw==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 15F4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=vetsbenefits.net&sn=ChromeSyncframe&so=0&topUrl=vetsbenefits.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=cv1V73x6ejRJWGYyczBGZCsybjlwdDEvdnY0dURYSStLRHJsekRVR24vVVBKS1FZSHN1aDVMUVphbG5mbUg5Z3BPNUNJY1plS09TbDBMQUM5WnNyRGFYTUNVaGlvSFJ2Y1J4dUdzeXhtZXprNWNiUm9Gb2pxR2JyRXVUSG...

446 B
667 B

15ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cv1V73x6ejRJWGYyczBGZCsybjlwdDEvdnY0dURYSStLRHJsekRVR24vVVBKS1FZSHN1aDVMUVphbG5mbUg5Z3BPNUNJY1plS09TbDBMQUM5WnNyRGFYTUNVaGlvSFJ2Y1J4dUdzeXhtZXprNWNiUm9Gb2pxR2JyRXVUSGJPY3Qwbkg0NEp5SlYveHZQcm56NHBaY3B6MFVkWFZQc2xZM2xrVlVvdXRJSWFRQ21rcmFmbWRTcGxTQVp4Q2dMSWxReFZJMmcvcGx1R3kxcC8rU0RFdTNnL20rbTNEODJ5dVVMUEwyc1FIUmw0Rkk4V0ExU2VpQzBqTEVuYzBnNzdDS0R5QnpzcEk4RzZPZU1xRDl6T2V6ZUlwRXZNSW1RWTR3NW9wcXE2SG1TQTdrQ3Fncz18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0a98654533212a5ee4b044d1a81dc6e613805f67f519532373e728a7a80f1578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1297842
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 09:30:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=cv1V73x6ejRJWGYyczBGZCsybjlwdDEvdnY0dURYSStLRHJsekRVR24vVVBKS1FZSHN1aDVMUVphbG5mbUg5Z3BPNUNJY1plS09TbDBMQUM5WnNyRGFYTUNVaGlvSFJ2Y1J4dUdzeXhtZXprNWNiUm9Gb2pxR2JyRXVUSGJPY3Qwbkg0NEp5SlYveHZQcm56NHBaY3B6MFVkWFZQc2xZM2xrVlVvdXRJSWFRQ21rcmFmbWRTcGxTQVp4Q2dMSWxReFZJMmcvcGx1R3kxcC8rU0RFdTNnL20rbTNEODJ5dVVMUEwyc1FIUmw0Rkk4V0ExU2VpQzBqTEVuYzBnNzdDS0R5QnpzcEk4RzZPZU1xRDl6T2V6ZUlwRXZNSW1RWTR3NW9wcXE2SG1TQTdrQ3Fncz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 294813
content-length: 0
expires: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ Frame 89AE 436 KB
136 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63639
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 16226629560626727405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 08 Feb 2025 15:50:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 89AE 1 KB
498 B 79ms
41ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vetsbenefits.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0ddf6c6af42ed2289b8c7ff97fa272ac9278a83ba2ee4ce3602b21bacc108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 473
x-xss-protection: 0
expires: Sat, 10 Feb 2024 09:30:46 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 89AE 23 B
355 B 37ms
37ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fvetsbenefits.net%2F&pid=k1iHEnwIrttxU&cb=0&ws=0x0&v=24.205.1508&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-01hp95nnyyc3x7c7mtkve3mst8-z299d2d6e21a3baa52fedc0e420c74e85-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F208190592%2C728035918%2Fda%2F12319%2FDA_tapatalk.com_inscreen_desktop_728x90%22%7D%5D&schain=1.0%2C1!kiosked.com%2C12319%2C1%2C%2C%2C&pubid=0aa5f97c-34d0-438e-a448-1fd311575d67&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 09:30:46 GMT
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://vetsbenefits.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dd8FIWbxpRXH1IQhfcvb1U3Ftt_M-PxUJlcMqBqtaVfg6LLZ7nsjHQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.net
URL: https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_UK%2Fall.js%3F_%3D1707557441525

Domain: d31qbv1cthcecs.cloudfront.net
URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js

Verdicts & Comments Add Verdict or Comment

792 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vetsbenefits.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8612f13d0e2b6eaea726248f8548d610
.vetsbenefits.net/	1970-01-20 20:28:53	Name: phpbb_vets_u Value: 0
.vetsbenefits.net/	1970-01-20 20:28:53	Name: phpbb_vets_k Value:
.vetsbenefits.net/	1970-01-20 20:28:53	Name: phpbb_vets_sid Value: 8612f13d0e2b6eaea726248f8548d610
vetsbenefits.net/	1970-01-20 18:19:21	Name: browser_timezone Value: +01:00\|\|0\|\|Europe/Berlin
.vetsbenefits.net/	1970-01-21 03:55:17	Name: _ga_1H02GELQQB Value: GS1.1.1707557441.1.0.1707557441.0.0.0
.vetsbenefits.net/	1970-01-21 03:55:17	Name: _ga Value: GA1.1.2104360285.1707557442
.google.com/	1970-01-20 22:42:48	Name: NID Value: 511=u43qxLkxHo2AsVkJQrL1XVGQQcxpShWfeLUm28mUjZTreQxM5JzGx6AIHM4oOPWoxiFDDAzMpRJD0ErPUrgnj4cWwqTOtj-VoqZhmBIsUdnQKSVEy6Kqz9TwskZoHKjvAl1EZX92A6hTgKdchQO_R5dpKp9sXBb-OEqOZAAR7P0
vetsbenefits.net/	1970-01-20 18:20:43	Name: _lr_geo_location Value: DE
.tapatalk.com/	1970-01-21 03:04:53	Name: cf_clearance Value: LzqCc3.ftzIXVHJFlYCF.bWytPgJQpKOldu.7Y_uvsE-1707557442-1-AUwlpSfNLR0FcymG+szwbR4shWWyE0bbPhwFDjst2m25Yfb3rBk4tbjLJSEm25pMFfr8awxKa4SFZ8BsuGvzr8Y=
.aniview.com/	1970-01-20 18:48:05	Name: aniC Value: 1707557444172-172028141088-000154-000-008494
.adnxs.com/	1970-01-20 20:28:53	Name: XANDR_PANID Value: CkIVQLP-jlvz73awM1YTVQc_8qToHW34s8LnBX4olSRynpQsahCfi23EQFXWqZbY4EAKN0gxvGaGGfvG-Q2VeO2DQeTRgC4a0o-CYnP13XY.
.adnxs.com/	1970-01-21 03:55:17	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:28:53	Name: uuid2 Value: 7302052777624869392
.vetsbenefits.net/	1970-01-21 03:04:53	Name: _pubcid Value: 97a55293-21ea-42d5-8114-49cf7f911646
.vetsbenefits.net/	1970-01-21 03:04:53	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
prebid.a-mo.net/	1970-01-20 18:19:17	Name: _Amc_b Value: 0
.ads.pubmatic.com/	1970-01-20 18:20:43	Name: KCCH Value: YES
.ads.stickyadstv.com/	1970-01-20 19:02:29	Name: UID Value: 9cd0ce424c613c0f129aaae67ce57
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 1953
vetsbenefits.net/	1970-01-20 19:02:29	Name: _pbjs_userid_consent_data Value: 6683316680106290
.aniview.com/	1970-01-20 18:33:41	Name: 1_C_55 Value: 7302052777624869392
sync.aniview.com/	1970-01-20 18:33:41	Name: 1_C_55 Value: 7302052777624869392
.aniview.com/	1970-01-20 18:33:41	Name: 1_C_105 Value:
sync.aniview.com/	1970-01-20 18:33:41	Name: 1_C_105 Value:
.aniview.com/	1970-01-20 18:33:41	Name: 1_C_9 Value: 9cd0ce424c613c0f129aaae67ce57
sync.aniview.com/	1970-01-20 18:33:41	Name: 1_C_9 Value: 9cd0ce424c613c0f129aaae67ce57
.vetsbenefits.net/	1970-01-20 19:02:29	Name: _sharedID Value: 97a55293-21ea-42d5-8114-49cf7f911646
.rtb.gamoshi.io/	1970-01-20 18:40:53	Name: gusr Value: gusr_1c43fb0968c44dbe919ca50f3e378666
.openx.net/	1970-01-21 03:04:53	Name: receive-cookie-deprecation Value: 1
vetsbenefits.net/	1970-01-20 18:19:21	Name: _lr_retry_request Value: true
vetsbenefits.net/	1970-01-20 19:02:29	Name: _lr_env_src_ats Value: false
.rubiconproject.com/	1970-01-21 03:04:53	Name: khaos Value: LSFVM54E-G-B5Q7
.rubiconproject.com/	1970-01-21 03:04:53	Name: audit Value: 1\|yQuirGeEF6BfVgiLMTq1Jy+IXqvPVzt4X6LBWwGzep2k2NKlEueGiJqNBFjeIa6/dHuxBU/UzzdXQW1gijxcukgcdj94p/Mz/tBs7eNQFxoijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
.criteo.com/	1970-01-21 03:40:53	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:40:53	Name: uid Value: c3b50177-f7ec-4212-9f87-1043431add12
.vetsbenefits.net/	1970-01-21 03:40:53	Name: cto_bundle Value: nkdoIl8lMkJ4U05Pd0pKUjJ5VEV1dURaM2tUNHQ5TjdKREZQZWFJNzdvV3FwWGtKOURrM0JQSktOak1nVWtTcDdzSERSaEslMkJFTnlJS09QWTNFa01HU25yQ2V1M3pJa0thWWVicWhoYTVGUXdOU09WYjZiMlF1bzU5Y2QwVEpYNTR6NkxMM1hYcjFncktDS0huQk9ZN1dWYU40a0FuJTJCcGhjUm9UNldIMDJld3lIWjFOdm8lM0Q

70 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_UK%2Fall.js%3F_%3D1707557441525 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 510) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	error	URL: http://imasdk.googleapis.com/js/core/bridge3.619.0_en.html#goog_948778403 Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=105 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=vetsbenefits.net Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://vetsbenefits.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
accounts.google.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.stickyadstv.com
ap.lijit.com
api.btloader.com
api.rlcdn.com
apis.google.com
ats.rlcdn.com
avm.avantisvideo.com
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
c.aaxads.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn.avantisvideo.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.pbxai.com
cdn1.avantisvideo.com
cdnjs.cloudflare.com
config.aps.amazon-adsystem.com
connect.facebook.net
csi.gstatic.com
d31qbv1cthcecs.cloudfront.net
eus.rubiconproject.com
events.browsiprod.com
events1.avantisvideo.com
fastlane.rubiconproject.com
fdyn.pubwise.io
floor.pbxai.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
go1.aniview.com
groups.tapatalk-cdn.com
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
header.tapatalk-cdn.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
lh3.googleusercontent.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
platform.twitter.com
play.aniview.com
player.aniview.com
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
region1.google-analytics.com
rtb.gamoshi.io
rtb.openx.net
s0.2mdn.net
scripts.kiosked.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssp.disqus.com
static.avantisvideo.com
static.criteo.net
sync.1rx.io
sync.aniview.com
syndication.twitter.com
tags.crwdcntrl.net
targeting.unrulymedia.com
token.rubiconproject.com
track1.aniview.com
u.openx.net
ups.analytics.yahoo.com
vetsbenefits.net
www.facebook.com
www.facebook.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tapatalk.com
d31qbv1cthcecs.cloudfront.net
www.facebook.net
104.122.39.115
104.244.42.200
108.128.175.244
108.138.6.136
13.32.99.35
130.211.23.194
142.250.186.70
147.75.84.158
151.101.130.217
162.19.138.118
173.0.146.6
178.250.1.8
18.156.195.47
18.245.31.35
18.245.46.36
18.245.47.29
185.64.189.112
198.47.127.19
2.23.78.67
2001:4860:4802:34::36
23.32.184.192
2600:9000:211e:a600:12:7487:7980:93a1
2600:9000:225e:f000:3:748e:7940:93a1
2600:9000:2644:5000:1c:38a0:8a40:93a1
2600:9000:2644:e800:1c:38a0:8a40:93a1
2600:9000:2670:1400:8:9ed9:9c40:93a1
2602:803:c003:200::91
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:2c0a
2606:4700:10::6814:2d0a
2606:4700:10::6814:d358
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:4bd8
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:4e7
2606:4700:20::681a:246
2606:4700:3030::6815:2267
2606:4700::6810:5614
2606:4700::6811:180e
2607:ae80:192:1::172
2607:f8b0:4007:818::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:400c:c04::54
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:480:33::212:40d3
2a02:26f0:480:7b5::2c79
2a02:fa8:8806:20::2100
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.75.62.37
34.120.133.55
34.251.227.26
35.162.236.57
35.227.252.103
35.244.159.8
37.252.173.215
46.228.174.115
46.228.174.117
51.89.9.253
52.14.232.75
52.202.97.47
52.57.76.124
54.70.70.46
54.76.95.112
65.9.66.97
69.173.144.139
88.221.125.233
89.149.192.240
96.46.186.182
96.46.186.186
99.86.4.39
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
06657fe1819760e21baa3ae9b2384f5d070c2825089a70f02e3b269e7412e73e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09094c4775d55ac73048ca199cfa058ac343f9320e83bb9ed3e196131e6741f4
0968856d998fad33768767d30e245252227fae2558c481a871038be4ce1e4b2d
0a0ddf6c6af42ed2289b8c7ff97fa272ac9278a83ba2ee4ce3602b21bacc108b
0a98654533212a5ee4b044d1a81dc6e613805f67f519532373e728a7a80f1578
0adf7db5a4e951f5c6e295cb11ede6d3a46b1b3b65b0a4cda91dfea4f748c0ee
0b126cbb2c02bb7d043cb76b000330960ee431c5d887b85445ae6d9c71b4ed24
0b9c26c731b91ae07c16ae6d416a385ecb966183e01b74c8bc18e2c26db5dc39
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c9ace171031a798c432154cbb6b991498673b42a007793108c3590a0aa486f0
0dd65ca6cafe1705a57d793559d2ec4c998987e9ccbacfc66f3e762cdb60368f
0f653c6952a923257d190ebe43e6a9f453c8ccecc98ba232670a679bf24648e1
0fa303361a87b3b121e6ea9a6727a555e774a8d95c2fcc59d0d3db088ac2d054
1678559bb4ef3cf45c774a5f5aa217aef88f1f726a71a2c7a15e51a1e939a02f
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
175d272943efaf1b24861f40428b1666608d3beff0c227dc9c479deb1a71b788
17da48c548b11732f608ff6e3a176fd0db75de64ea529050c67ba06e87e78a4d
1a73e1103df25e2c3e5f749433a05b9430bcd9df3cbebac720d2a0e4a0ee50dd
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ce260c06792b23a4097e058e3abfda42b815b57a65ad4bcf33881c5bc94b0f9
1ecbb84b39f55f9bdc636cb70dff289d68c3312bc37da980f29ec44a0ff4a6fd
1fcd8f9bc9dec1f00c92aa6850073de0f0c10160c13614f883f41383a7ccea24
224b5d3adfc2542159a930ea44dc3094d7753560dfe0a8e0c3b0ed9dfd048796
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
237b2840c5d7cdaeefa53c134ac5d26ee8954b56f0148e9cbb33f0c0f0667dcc
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28d83eac20105e029340977188611364f4c38053e85125a7fe00ad653f6d1990
28ec532b7773526dc0f405599749d06dc7497c3e332f5ae9a0bb7ff120e29472
29d49bd93a5cc7f800e279059e520e74cf64452185cf75be4c5de8d5e5bc4569
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c05bfd857e468a34ce7085020a1658c69f14ece8fed4bdec53039ef593c20ed
2c7602604490782556395415f2a0ef268b25bfb6515064e784b5d4ef5c1630ef
2cc67d3d9e4c817eafee6c6bd08e07d1bedbffce9c390c8b3228ec5ae42b5329
2e3d4d2eb18517fb31fd998fe301a7bafa9b442f825271654b25c5b563e3c1e7
2e50289ec3c68f4e983c1af573cf2b50e4f55bfdecb7a90699750c3f6dbd6a6d
3004e196f3421f98ff0d9822754b47a4ec0cab0d680c85bc3a7b7671c299d9f2
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
30d0c4184d3e9698d71232ad1bf146af3797410eb41a1830da293e4138ccfa4e
34b89a3101630566bdea61c9713ee28d5a529ad69b4a527f40a57f2389f74e3f
34cde982ba3e4dc07422431edb59a249fa3157b297aea11c0647474a27b6161b
34e4f22d3ae91037ddc9bbb69ac558d38f3f6adf66db7244f85b02e7a7982179
38b6ec879c5963b1396ec8cdf858b9ba9c32520c0eee6fe6ffee78d133d08445
3c195f7f86114ba28d547a30f24316b33102a42d54ac5e1161aacfadf9ff8462
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d5f8f2c370ee5390e7dc14ebf175326a5f8661d918d1c2ea025cd9a71c799d6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410d6487360d61eac03d12ebc15e7bd021f129c1b2d7a8c492038efe921ceb3b
428162eb99e68e03354cfb01a779bda6f7c7ef23252acd6526ced40a78d2ee2a
42cd56bf28a9295dafc4e4dbec301aedc8971fbce42450f5a3301a04748f778d
43392250c0ee8476dcc8e7889149cec32f703ff11d633d91eb5a4e9feb8714f5
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
450574a0b2790cb089d690ab58940cb4816906a05ced1b4df116073dec25acbe
453669fedfd6ed3769e138bb748ff77d26161bef949bd4a62b7e22d499abd51f
458bc63401e55f4eefeb97ab1df5bba9fd00958f4111947da15f0d96284af63c
4664152e0011ccdf05e86d6d759db491cc6c0cd8cb5096134f2ce1eff53b6f5c
47d64e8e59ad3eeb69fab42c1a825f3700abd660d8a3e2b43b81a3c703548658
47f6eb21786098859440bf2397bec037053489ffa6f4ae628643a8c94fef7c5b
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
490578849774f0a419c2f69380f376f7dc73b0747301a6e962c883127e97db62
4b790bef1392092cb654a928d902bce3b24014d72cff3ca0fa37067c56a629a6
4cd07edee68cd765a7cdde6fefbd032242acc261496048c610c9d2b401ef105b
4d4c3b12277febaa64a392af5a6da3ebc349cb954421f7e9c6c53e677ba840be
503a22f130549fd02f5ed749fc99637b2a883508e6b2e4f1c8a92ce98052d216
5304f37ec679055b6af2f922bd433c1d8a62d9edb81bcb6f8044765da364d818
552bb4998ea41f2b1b747f9ebc0bec878b0dd65a6b4a52af699c82b465bfcbfe
55729433d83048572e61a4cabb2d2f642662932fa2f1a96ef50d2770b65c5b94
56cc0e19a11c509f9df52251865d5db3ed39c39c6e332e9cd44c81e7f7395dd8
56fa9f8b3d2195a2b08bf29bf009aa33afdd191b3da93ab37c0911ce01dbae10
58b097b0b221476789322f85e18b71848dc128875d6cada319cd1e7ef46a2311
5a0e67b230c7dc214e53017e330863f1bf6fc339fc3385e153e8cc7401dbceac
5bc1a478cf0ea3a9fc2bb9cb3300a4c8de3ef63a712da62a8222d9bcf298ecf0
5bc890e30c300100fc7f9bca2c1a2eac66c3b25f5cdaebe828883f9e2e8932d9
5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
62531a87eb398f1f074796f001dd4a3ab25018a38b29576c595443cd5bdb1fd8
629a50a8d0b782856456d9b3707cadc992c260db2d65c50e4095d2a1d0d1a6cd
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66047d5be5cef5ed83adde6e6069556559ad0af4ba388f19f4e459f0a40e613f
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
6641befd0b9bf206398cb57c11093edc045cbc3d9ce536101c117eae26ae0f64
66668842e6a5a69c0772c108de441eb4c1034cf78841f7d85283b57f5f2da456
68cbf25d83e60254d445ff82bc500712961a9fe0b6a2ffba8de21c7b576a394f
699a11c35fbb3999a0d9b1a30aa290d818372566c67c9dd66b49e24bad466ecd
6bffb0c5a5061855673dc25a081b6deda250994380e3bfbe6ccf595bbabffe98
6fdc2c24fe99e041add7be38fdb7b69461c773154af6899b1958e1ede34a4c72
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
73e228e9e6976b8d9ba5a4276d8658e3f80865d35196fed37ac1e4817b89d9bd
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7464368e7d1ecdfae0f1f9c24e97e6ba58e476764ede5532f59eaa2814345a30
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
78d12c2aa30b4570b79a6bc28fcb6a3f6515049529e214d9bfc5898a986793f6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c43dbd339fa29c64002ce5d60b9b52ea3df1a9019fa9d514d1b862ffaa0ef83
7dd528035ddebf19c14e941fdc06f927170db3430bd606c992914f3ceffa8d87
804af38b9c4c400175da0fe7a4e8176ee4c15386f4577d61db58078a9023e698
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8328841cd636c0a1f0da9ec78a2986b066a19cb18e10a1ff9d2f0d3ea19a6aa4
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85023b8a6481888421e028629c34bec4fe742ac1aa12cfa534a6875be2369a75
862da7a63ed8c7a0ff4fdfe2df7678c4739d6f49dc38eee1067b245553dc9119
873d15b1f88092680857e031ef2d6feb64a53839916687d4b46cee610fe07aca
8824a51fcd05114942d3b85f8e7a29cb4ebfa3e5e56ab8d93551cb48c122d1ba
889b284a120707908420d610783bd61084eb5e8a1e26a778981675a1b3c550e4
88b5d3d3501a35e93441969a766d4cdf3d9f5d87d4534e13d1d7d64793cc6006
896c45fa14185db6f135072b9e7f70e86528fe9ada763d2b12e3f38f387c63f9
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89efc39e57db6035c833e62d076a08745b4667834bd88e201681144ac5708f9f
8ad260e6c5ca4f4deb663ae9d89f5247b52d4bb96c108e435a11cef6ae9c2923
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8ca25760ed2f1d32d211b03c1884610f9c1929adaa41f1dc708ca5ce4a6558ea
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f6278eecd024207a8c08d1096e80ff78b76e71648f1532fb6d4fa2bbf75a533
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
971fe9c7a0d3d03475b76cbb6ad43b41a4fc297c9facf41f6f04d5274c2e2804
9afbcaf3bf337c98542f2462c97aa7c50445a432a22ba0ec4789406bad822f80
9b26398fc782c5ace2a7580f5989df18ad95f5e8fec6296eef48f15af6feb433
9fd1b773a90d5be409760a23122a9948ab9b0b52d517872abbbfce674483e672
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f264d89a0f3b64ad0434e9de2e6f4a9a61fa77e10532d95280e5b13ba5d176
a156db6eca663977b20273c1a713ac02cb66a28030d3e14fe2af5c7468b38c00
a225883110172e8a92c3d0c985d7fad6b006c99fb1737b7ecf3240c189268b18
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a38eba6cfe207c71ddd68b4d72e550cd001ed744a20065221dab8f79611a6712
a6fc320fec7d2c5aff040c91ed4463d42a5d9bedd6a332baf9a36c5bf60fcfee
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a8dd6969d01c33dc0004717b947a22d42a71eaeb572674e243c9ecba5aacbe13
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
adf9e2c181a2f540621876f5953ed00300e880cbfdf7042a58f881945c915cbb
af17167928b0d3c206167db65670644078c2d0776192c696cc1a2f2b09a6d78f
b0d7d6ef60e543fc451440b1fa523326fc77189e57245aca546a04ce726d5a6e
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b54a5248f2b55d40964d4a5fad3aaf469e78721b8acec6068490853816f8451f
b6c3bec22e35973406dae74c2c8b07efc08f3921bea874266b21cf9d6391d5cf
b835077cc18f6a97d769e5a960597eb5111e274f545bfa07af32486661bb3c16
b8517a0a547327a5280f034d8e040c8f388b28ab2e7e7e5e18bee658a900d297
c081a0a5ec5881bc8670c36684995936665b1841f71b4d7ac0a4d856e67d405c
c1ad76c4eebb2f644d9516723a2d0caaebb3a7177e7ccb43f8becb29a0a284a9
c2cad4e53bd99de7f1a82245378b73351d90e893fe0cffac421f31ce243d681e
c6cbd54bcd68ae1b2ec8f8544982399e404a77488c8983055df3abb38c98e474
c807396c3ba74b2d16228bfd601e8f4a10dcab9f856ca66e83fb86351ada3904
c82b6b3d9ca6bc2bc993a9c13227605e48ebd8995cf48836b321f1302030d5ce
ca46c3ee68aa92cb19fdca66573741ae548f48772b8f8118976821c8966922ce
caa20b74d9dd74cde6e49252f0c14c33d5ee89ecab4f965b2416507a4d1fe85b
cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f
cdf5b0a55b30950622270b85b6a21947f24f898574057497c34e53824c799b73
ce4dab5b138ccbbb9742103a1dd9dc52cf3b13789027e4ea0e1821cd27c69a5b
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cf120ae70e0add018bfcb935282460c0d31862eb2214f658fa16cb77ac8a7b80
cf2d9b717908c1ccaa9f15e865761754c61b29fd39d5dd6bf75920bcbc56f53c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1361d9804e13a37572be228cf9da322a1f45ed166e121da914acf094d5f0720
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d6d90bd9eeac89130a445d8b701e6051963c91c94ca083fcfcbc6ba33201962a
d85f21be5db07a2ea03381f9ba5f984d5fd971f4ceb3174957e8cb6f28949aa9
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db7b65df8750bb51c57b5ed15f1eb6cbc826d805943ffac2a10f494c7a2b702b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
e23ea33ab64deeb27893754491a537c13e08d1c342787a98b1a6fb9c0a216a1f
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72e49d10a4264e0ee792b5988e71b9a91f99facc773de8446f98367202db902
e7edf186b41a26fb217df3333d1df52565f3e376f872b34f86cc8175b181b118
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
ea5e83246f6639bb89d6ac5e7b5d5597d5d05eee7b5dcb7996fbffaf6297f3e0
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eaccf4b40a4872feaa4615a2efd90340b9be0fd64762984eba7441fa6cb14cc2
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ac3765cb1b5cbd296d997420dc537335b330c94dc7eb734f79bcc513be0037
f3fad9dfdd54970fe7da9b01b790bfc680ce300b3436b22653246cce867da24e
f5290c7c67ec36020531f6c12bc6a2edd94f6377cd15cda67bac6231619e42b6
f6ea4afa041c55c0384b6c14446512cb6fd9c4689ec4e7be919406530f868b21
f71f75edc8c1b156162ff97e368e7b9e73ccaad9590304c398d48a2465fef0f3
f75b15d03c5cacc553a7f2bf91047b37f1e1bc6bb5d14a4dfd7c1bc39f2a8b93
f9689131173d43d55d787f8e29754b0c91c7da34ab138b5bc1aa5041288f6a6c
f9a5585900697a8c98f99de424dd521868884affb74bfeb271363a869369d8fb
fbc5b3082e4da8d949f7de87551e388c7808d853a8f4f4a6cd5d84a9842fb7c6
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

vetsbenefits.net Open in urlscan Pro 2606:4700:3030::6815:2267 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

269 Requests

89 %HTTPS

51 %IPv6

55 Domains

92 Subdomains

83 IPs

8 Countries

5973 kBTransfer

16291 kBSize

37 Cookies

18 Outgoing links

Redirected requests

269 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vetsbenefits.net Open in urlscan Pro
2606:4700:3030::6815:2267 Public Scan

Screenshot
Live screenshot

Full Image

269
Requests

89 %
HTTPS

51 %
IPv6

55
Domains

92
Subdomains

83
IPs

8
Countries

5973 kB
Transfer

16291 kB
Size

37
Cookies

269 HTTP transactions
8 data transactions