nationwidebenefitscenter.com Open in urlscan Pro
2606:4700:3034::ac43:d224  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response nationwidebenefitscenter.com/	8 KB 4 KB	333ms 255ms	Document text/html	2606:4700:3034::ac43:d224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nationwidebenefitscenter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd5a8d5adf339365d581d849e385eef5c65af6b69c537e7d29563bdc04ac2b18 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * access-control-expose-headers Content-Length alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 838ba7dc1d333dd7-MIA content-encoding br content-type text/html; charset=UTF-8 date Wed, 20 Dec 2023 23:27:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4S%2BA%2BvxNonjUqPMTKmhs2RcyDVugXaKMJmUMBFGuGM3Q7eS%2F53lBmCM2oZAt3r6URH1%2FbioX7IfYsZyJQjPAMnMfvO9%2BEQVbahZhN9SFLsO3xfAE8twDindD0k%2FoXR1F1UB0rbXtoLFj9%2FqfyTMVhtVPOY9vXs9O28AL"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff
GET H2	200	styles.css nationwidebenefitscenter.com/U65_ACA_V2-123/style/	3 KB 1 KB	38ms 35ms	Stylesheet text/css	2606:4700:3034::ac43:d224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nationwidebenefitscenter.com/U65_ACA_V2-123/style/styles.css Requested by Host: nationwidebenefitscenter.com URL: https://nationwidebenefitscenter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4375e0623b1297a2fac84b2954ad831794df1550963a6c7c7f3164efbf3ef64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 23:27:23 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 540576 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 09 Mar 2023 18:12:52 GMT server cloudflare etag W/"640a21a4-d16" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usvw%2FSQRbebSz4aLe0ayw75HC7iyroP5h9FZN%2BHFdRJ7PreJXn%2Fm7yy6UeEXC46Q7Eilb8dQnwagXF3BZVQugN7WqxAs5%2FTXutE1VyTNQoQRdEWuP497MiBm1DhO1nB46eRwFiVPKy104%2BB2BwotbUnZCYY2%2FAQ8i0R%2F"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=315360000 cf-ray 838ba7ddf8453dd7-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	157ms 52ms	Script text/javascript	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: nationwidebenefitscenter.com URL: https://nationwidebenefitscenter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 17 Dec 2023 14:15:13 GMT content-encoding gzip x-content-type-options nosniff age 292330 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 16 Dec 2024 14:15:13 GMT
GET H2	200	loader.js Show response nationwidebenefitscenter.com/U65_ACA_V2-123/js/	2 KB 881 B	36ms 34ms	Script application/javascript	2606:4700:3034::ac43:d224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nationwidebenefitscenter.com/U65_ACA_V2-123/js/loader.js Requested by Host: nationwidebenefitscenter.com URL: https://nationwidebenefitscenter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34bd5a69a653e511e6ab5fdd2f3bea1c29b349386c82a2962c24fb167bbce78c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 23:27:23 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3281 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 09 Mar 2023 18:12:52 GMT server cloudflare etag W/"640a21a4-905" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNcZ9%2B29g%2F3AfbZW%2F6fTygppBPQgjF%2BD0UvnmkZ%2BgPb%2F55GIXHk%2F7glSr05Yvt%2FPAwk8SKjREXEDWxy5V1QrdvxF7DP19AvfiuWC2G17DGFaroqFTavErLWHzR5s9dt8ERT67Lu99VUYB0MOsqsfQLd9uNmene3ZjSOe"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=86400 cf-ray 838ba7ddf8483dd7-MIA expires Fri, 15 Dec 2023 17:17:47 GMT
GET H2	200	countdown.js Show response nationwidebenefitscenter.com/U65_ACA_V2-123/js/	592 B 584 B	66ms 65ms	Script application/javascript	2606:4700:3034::ac43:d224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nationwidebenefitscenter.com/U65_ACA_V2-123/js/countdown.js Requested by Host: nationwidebenefitscenter.com URL: https://nationwidebenefitscenter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21827572c5558581542a442d6270fa4b4fa8ab8d99e223555d184c856341f46f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 23:27:23 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3281 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 09 Mar 2023 18:12:52 GMT server cloudflare etag W/"640a21a4-250" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7iodlaogEkJOfimDEe1uMdRncAkk%2BZLThH8c6SatyNYVJb2twoooDaN11RymweRToV%2BpS%2FV4iYAnSMNu9rtM6T6FnK3OPMhsKQ%2BvRvjs0%2Be88hlyl3zk8U9G3CmikqgQr5HpenQ07PRrdmE5JXIQeipRTxWMuxZL%2BEa"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=86400 cf-ray 838ba7ddf8493dd7-MIA expires Fri, 15 Dec 2023 17:17:47 GMT
GET H2	200	/ Show response worker-polished-shadow-8999.jordan-64e.workers.dev/	6 KB 2 KB	139ms 52ms	Script text/javascript	2606:4700:3031::ac43:a1c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://worker-polished-shadow-8999.jordan-64e.workers.dev/?api_key=c1bc8978475345ca28577df846adc9b9&pub_id=&pid=2&vid=1 Requested by Host: nationwidebenefitscenter.com URL: https://nationwidebenefitscenter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a1c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf387fb052ebe82ff153877953a80f69ac483e3b816910568a23a46d7a5de6c8 Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 23:27:23 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfwCtxlpdkL13Uxs1FvWjEEjlJXejPoH2PNsEfZiaWwWukLZOSYayndmXbflo9U0NH0x44PTx%2BZGlsWSoJqnGm%2BCwyvAy0T4qKePnO5rfH1bfRiSSbU7yEqmQwp1%2FoBws2qA4dzrOBTHnzJH3g6uSfkjjnHBTtDXyIam5%2F7klHeb0sVLWDWr32%2BEjxinREM57g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cf-ray 838ba7de8d16da7b-MIA alt-svc h3=":443"; ma=86400
GET H2	200	logo.webp nationwidebenefitscenter.com/U65_ACA_V2-123/img/	3 KB 4 KB	34ms 33ms	Image image/webp	2606:4700:3034::ac43:d224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nationwidebenefitscenter.com/U65_ACA_V2-123/img/logo.webp Requested by Host: nationwidebenefitscenter.com URL: https://nationwidebenefitscenter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0001aaeb9d257978c8985c0295c76f031200f806848b6b5f5704e78fd9eb8535 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 23:27:23 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 540576 alt-svc h3=":443"; ma=86400 content-length 3444 last-modified Thu, 09 Mar 2023 18:12:52 GMT server cloudflare etag "640a21a4-d74" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOry8ZHTynEdzuN%2FwWZAPFAgtR7Skgd9GhC7mw%2B2%2FJiuGv6RykXa0VTD3%2FuIpwYu470ep5yt0eH3xXksZPKAOzweKWPBCoGgC%2BYGZF5Axr81dj%2BJTBDbCEJ%2FBkLZzalY70EtwP2PeMFz8aJ3TZGY%2ByjKiNNDUSmTccks"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=315360000 accept-ranges bytes cf-ray 838ba7ddf84a3dd7-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	hero_desktop.webp nationwidebenefitscenter.com/U65_ACA_V2-123/img/	298 KB 299 KB	36ms 36ms	Image image/webp	2606:4700:3034::ac43:d224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nationwidebenefitscenter.com/U65_ACA_V2-123/img/hero_desktop.webp Requested by Host: nationwidebenefitscenter.com URL: https://nationwidebenefitscenter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d87176579934d73c0b924a8db4df1c2d30837d7f047f10be99f932252d962acd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 23:27:23 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 538375 alt-svc h3=":443"; ma=86400 content-length 305370 last-modified Thu, 09 Mar 2023 18:12:52 GMT server cloudflare etag "640a21a4-4a8da" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PltdUnmRg982BOL%2F9cXinOxbRpIJGJ4PgeHR0rOq%2FyEBE2c5o89%2F83qEjxQ%2Fy8yOYk83c%2BPdPbKWIycC23%2BvHEwvdfQmrqMZxjj5I0%2FSrAu4v3fOJgctIyuDNWaLiQ%2BMO3pX2lsWNdwwGH89eOW7DzHdTWmclgVrRX9I"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=315360000 accept-ranges bytes cf-ray 838ba7ddf84b3dd7-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	215 KB 78 KB	173ms 67ms	Script application/javascript	2607:f8b0:4004:c09::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-THMT2LZ Requested by Host: worker-polished-shadow-8999.jordan-64e.workers.dev URL: https://worker-polished-shadow-8999.jordan-64e.workers.dev/?api_key=c1bc8978475345ca28577df846adc9b9&pub_id=&pid=2&vid=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ca6c4705f4e96ca0b69fb52a81000162ba00c401f5cb67123ebaef0dcce76c01 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 23:27:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 79212 x-xss-protection 0 last-modified Wed, 20 Dec 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 20 Dec 2023 23:27:24 GMT
GET H2	200	CA1fa72feb02604d3db7a47115224a744b Show response b-js.ringba.com/	15 KB 15 KB	218ms 63ms	Script text/html	2600:9000:2073:8c00:4:1957:6500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b-js.ringba.com/CA1fa72feb02604d3db7a47115224a744b Requested by Host: nationwidebenefitscenter.com URL: https://nationwidebenefitscenter.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2073:8c00:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 00edcbf679405b9ff50e2bd528559f7620d419f210022e9f145490d5cfc8df3c Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 23:24:31 GMT via 1.1 4a21175361a1e842a337986b5f7399aa.cloudfront.net (CloudFront) x-aspnet-version 4.0.30319 x-amz-cf-pop IAD50-C2 age 173 x-powered-by ASP.NET x-cache Hit from cloudfront content-length 15144 x-runtime 0.0000 server Microsoft-IIS/10.0 access-control-max-age 300 content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public x-amz-cf-id STPx1XdkZ921ORXe95YwrUQa0oDmYvQNTYQc8-1SYUEmh52nz1jtwQ== expires Wed, 20 Dec 2023 23:29:31 GMT
POST H/1.1	200 OK	gnbulk Show response display.ringba.com/v2/nis/	398 B 797 B	211ms 54ms	XHR application/json	54.221.211.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://display.ringba.com/v2/nis/gnbulk Requested by Host: b-js.ringba.com URL: https://b-js.ringba.com/CA1fa72feb02604d3db7a47115224a744b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.221.211.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-221-211-120.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 39ac62bc6f893af3988957de0fdc6a7345266fa36f6207af7226b6aa61a04152 Request headers Referer https://nationwidebenefitscenter.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-type text/plain Response headers Pragma no-cache Date Wed, 20 Dec 2023 23:27:23 GMT X-Runtime 0.0020 Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Access-Control-Max-Age 300 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://nationwidebenefitscenter.com Cache-Control no-cache Connection keep-alive Content-Length 398 Expires -1
GET H2	200	js Show response www.googletagmanager.com/gtag/	208 KB 74 KB	68ms 67ms	Script application/javascript	2607:f8b0:4004:c09::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10975167195&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-THMT2LZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bf7e3937979fcf2315696301bd0bfc3a7c1a15a90ac61896bee0c8e9cac72b41 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 23:27:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75966 x-xss-protection 0 last-modified Wed, 20 Dec 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 20 Dec 2023 23:27:24 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10975167195/	2 KB 2 KB	176ms 68ms	Script text/javascript	2607:f8b0:4004:c1f::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10975167195/?random=1703114844466&cv=11&fst=1703114844466&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v898865440z89100159986&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnationwidebenefitscenter.com%2F%3Fkkclid%3D1160726005&hn=www.googleadservices.com&frm=0&tiba=Get%20a%20Holiday%20Help%20Package%20to%20Receive%20Free%20Health%20Care%20Plus%20Gas%2C%20Groceries%2C%20Rent%2C%20and%20More.&auid=1700981830.1703114844&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10975167195&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2d8ce052b0b52c961468d08e0ef306e2c06d1f7ea743c33b9cf5f8c54148802c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 20 Dec 2023 23:27:24 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1346 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/10975167195/	42 B 455 B	168ms 62ms	Image image/gif	2607:f8b0:4004:c08::6a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10975167195/?random=1703114844466&cv=11&fst=1703113200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v898865440z89100159986&u_w=1600&u_h=1200&url=https%3A%2F%2Fnationwidebenefitscenter.com%2F%3Fkkclid%3D1160726005&frm=0&tiba=Get%20a%20Holiday%20Help%20Package%20to%20Receive%20Free%20Health%20Care%20Plus%20Gas%2C%20Groceries%2C%20Rent%2C%20and%20More.&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_OLC0uLhUr1mfTifb4sc_beuty9Zalg&random=2531816947&rmt_tld=0&ipr=y Requested by Host: nationwidebenefitscenter.com URL: https://nationwidebenefitscenter.com/?kkclid=1160726005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::6a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://nationwidebenefitscenter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 20 Dec 2023 23:27:24 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| waitingInfo number| interval string| timer2 object| appWorkerUtils object| appWorkerSettings object| dataLayer function| kk_ringba object| _rgba_tags object| ringba_known_numbers object| _rgba object| ringba object| google_tag_manager object| google_tag_data object| GooglebQhCsO

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nationwidebenefitscenter.com/	1970-01-20 19:14:50	Name: _gcl_au Value: 1.1.1700981830.1703114844
			.doubleclick.net/	1970-01-20 17:05:15	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b-js.ringba.com
display.ringba.com
googleads.g.doubleclick.net
nationwidebenefitscenter.com
worker-polished-shadow-8999.jordan-64e.workers.dev
www.google.com
www.googletagmanager.com
2600:9000:2073:8c00:4:1957:6500:93a1
2606:4700:3031::ac43:a1c9
2606:4700:3034::ac43:d224
2607:f8b0:4004:c08::6a
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::61
2607:f8b0:4004:c1f::9a
54.221.211.120
0001aaeb9d257978c8985c0295c76f031200f806848b6b5f5704e78fd9eb8535
00edcbf679405b9ff50e2bd528559f7620d419f210022e9f145490d5cfc8df3c
21827572c5558581542a442d6270fa4b4fa8ab8d99e223555d184c856341f46f
2d8ce052b0b52c961468d08e0ef306e2c06d1f7ea743c33b9cf5f8c54148802c
34bd5a69a653e511e6ab5fdd2f3bea1c29b349386c82a2962c24fb167bbce78c
39ac62bc6f893af3988957de0fdc6a7345266fa36f6207af7226b6aa61a04152
bf7e3937979fcf2315696301bd0bfc3a7c1a15a90ac61896bee0c8e9cac72b41
c4375e0623b1297a2fac84b2954ad831794df1550963a6c7c7f3164efbf3ef64
ca6c4705f4e96ca0b69fb52a81000162ba00c401f5cb67123ebaef0dcce76c01
cf387fb052ebe82ff153877953a80f69ac483e3b816910568a23a46d7a5de6c8
d87176579934d73c0b924a8db4df1c2d30837d7f047f10be99f932252d962acd
dd5a8d5adf339365d581d849e385eef5c65af6b69c537e7d29563bdc04ac2b18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e