www.benefitspro.com Open in urlscan Pro
2606:4700::6812:174b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://benefitspro.com/
Effective URL:
https://www.benefitspro.com/?slreturn=20210202150955
Submission: On March 02 via manual (March 2nd 2021, 8:10:17 pm UTC) from US

Summary HTTP 335 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 56 IPs in 8 countries across 57 domains to perform 335 HTTP transactions. The main IP is 2606:4700::6812:174b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.benefitspro.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 23rd 2020. Valid for: a year.

This is the only time www.benefitspro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 47	2606:4700::68... 2606:4700::6812:174b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	192.226.82.212 192.226.82.212	16524 (METTEL) (METTEL)
1 1	2606:4700::68... 2606:4700::6812:164b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.199.109.153 185.199.109.153	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bac0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.212.194.196 52.212.194.196	16509 (AMAZON-02) (AMAZON-02)
9	23.37.56.41 23.37.56.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
1	65.9.58.13 65.9.58.13	16509 (AMAZON-02) (AMAZON-02)
1 3	52.17.73.77 52.17.73.77	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:6400:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
7 12	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	3.124.226.36 3.124.226.36	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
4	34.251.167.52 34.251.167.52	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
18	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	34.207.42.216 34.207.42.216	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:20d... 2600:9000:20d7:f800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
9	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23 34	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.192.142.95 34.192.142.95	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	52.208.225.81 52.208.225.81	16509 (AMAZON-02) (AMAZON-02)
2	35.181.18.61 35.181.18.61	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.153.194 34.250.153.194	16509 (AMAZON-02) (AMAZON-02)
1 6	88.214.207.207 88.214.207.207	46636 (NATCOWEB) (NATCOWEB)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
20	54.246.70.54 54.246.70.54	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:285::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.18.23.230 104.18.23.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
5	2620:1ec:46::19 2620:1ec:46::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	88.214.193.99 88.214.193.99	46636 (NATCOWEB) (NATCOWEB)
5	52.215.241.211 52.215.241.211	16509 (AMAZON-02) (AMAZON-02)
5	208.100.17.178 208.100.17.178	32748 (STEADFAST) (STEADFAST)
5	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
10 10	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	3.220.90.167 3.220.90.167	14618 (AMAZON-AES) (AMAZON-AES)
1 78	52.51.160.138 52.51.160.138	16509 (AMAZON-02) (AMAZON-02)
16 16	35.158.172.137 35.158.172.137	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
5 6	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
10 10	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5 5	34.192.210.97 34.192.210.97	14618 (AMAZON-AES) (AMAZON-AES)
5 5	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
5 5	34.235.235.184 34.235.235.184	14618 (AMAZON-AES) (AMAZON-AES)
5	150.136.25.38 150.136.25.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
10 10	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
5 5	92.123.150.214 92.123.150.214	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
5 5	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
6 6	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
9 10	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
15	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
10 10	18.203.78.129 18.203.78.129	16509 (AMAZON-02) (AMAZON-02)
5	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
5 5	202.241.208.56 202.241.208.56	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
5 5	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
10 10	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 1	157.90.157.235 157.90.157.235	24940 (HETZNER-AS) (HETZNER-AS)
2 2	18.193.144.52 18.193.144.52	16509 (AMAZON-02) (AMAZON-02)
5	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
335	56

47 2606:4700::6812:174b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.226.82.212 (Ridge, United States) 1 redirects

ASN16524 (METTEL, US)

store.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:164b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

store.benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.109.153 (San Francisco, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com

owlcarousel2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bac0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

users.api.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.194.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-194-196.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.37.56.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-56-41.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

owlcarousel2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.13 (United States)

ASN16509 (AMAZON-02, US)

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.73.77 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-73-77.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:6400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.23.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.226.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-226-36.eu-central-1.compute.amazonaws.com

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.251.167.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.207.42.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-42-216.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:f800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 185.33.221.53 (Amsterdam, Netherlands) 23 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.192.142.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-142-95.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.225.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-225-81.eu-west-1.compute.amazonaws.com

alm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

b.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.153.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.214.207.207 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.246.70.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:285::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.23.230 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:46::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.193.99 (United Kingdom)

ASN46636 (NATCOWEB, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.215.241.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.100.17.178 (United States)

ASN32748 (STEADFAST, US)

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.52.2.19 (United States) 10 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.90.167 (United States)

ASN14618 (AMAZON-AES, US)

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 52.51.160.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 35.158.172.137 (Frankfurt am Main, Germany) 16 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.202.112.95 (United States) 5 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.159.8 (Kansas City, United States) 10 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.192.210.97 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:110:c305::8000 (United Kingdom) 5 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.235.235.184 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 70.42.32.159 (United States) 10 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 92.123.150.214 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.150 (United Kingdom) 5 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.148.27.139 (New York, United States) 5 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.133.208 (United Kingdom) 6 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.114.49 (Frankfurt am Main, Germany) 9 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.203.78.129 (Dublin, Ireland) 10 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 202.241.208.56 (Japan) 5 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.128 (United States) 5 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.184.8.30 (Amsterdam, Netherlands) 10 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.157.235 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.144.52 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	gumgum.com 1 redirects g2.gumgum.com rtb.gumgum.com	25 KB
48	benefitspro.com 3 redirects benefitspro.com www.benefitspro.com store.benefitspro.com images.benefitspro.com	745 KB
39	adnxs.com 23 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	35 KB
31	doubleclick.net 7 redirects cm.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	104 KB
25	servenobid.com ads.servenobid.com public.servenobid.com	16 KB
20	pubmatic.com ads.pubmatic.com image6.pubmatic.com	158 KB
16	bidswitch.net 16 redirects x.bidswitch.net	7 KB
11	everesttech.net 10 redirects cm.everesttech.net sync-tm.everesttech.net	3 KB
11	moatads.com z.moatads.com mb.moatads.com px.moatads.com geo.moatads.com	174 KB
10	creativecdn.com 10 redirects creativecdn.com ams.creativecdn.com	3 KB
10	adsrvr.org 10 redirects match.adsrvr.org	4 KB
10	zemanta.com 10 redirects b1sync.zemanta.com	6 KB
10	openx.net 10 redirects us-u.openx.net	2 KB
10	lijit.com 10 redirects ap.lijit.com	5 KB
10	typekit.net use.typekit.net p.typekit.net	226 KB
9	tiqcdn.com tags.tiqcdn.com	93 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	16 KB
7	colossusssp.com 1 redirects colossusssp.com sync.colossusssp.com	3 KB
6	mathtag.com 6 redirects sync.mathtag.com	4 KB
6	outbrain.com 5 redirects sync.outbrain.com	3 KB
6	ampproject.org cdn.ampproject.org	107 KB
5	rfihub.com 5 redirects p.rfihub.com	3 KB
5	socdm.com 5 redirects tg.socdm.com	3 KB
5	emxdgt.com cs.emxdgt.com
5	contextweb.com 5 redirects bh.contextweb.com	2 KB
5	1rx.io 5 redirects sync.1rx.io	1 KB
5	bluekai.com 5 redirects stags.bluekai.com	5 KB
5	technoratimedia.com sync.technoratimedia.com	2 KB
5	ipredictive.com 5 redirects sync.ipredictive.com	2 KB
5	yahoo.com 5 redirects pr-bh.ybp.yahoo.com	3 KB
5	stackadapt.com 5 redirects sync.srv.stackadapt.com	3 KB
5	onetag-sys.com onetag-sys.com	4 KB
5	33across.com pixel.33across.com
5	adtelligent.com ghb.adtelligent.com ghb1.adtelligent.com ghb2.adtelligent.com	1 KB
5	gstatic.com fonts.gstatic.com	49 KB
5	ml314.com ml314.com in.ml314.com	27 KB
4	demdex.net 1 redirects dpm.demdex.net alm.demdex.net	6 KB
4	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	53 KB
4	github.io owlcarousel2.github.io	4 KB
4	law.com 1 redirects store.law.com b.law.com	6 KB
3	dianomi.com www.dianomi.com	4 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
3	cloudflare.com cdnjs.cloudflare.com	47 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	admedo.com 2 redirects pool.admedo.com	780 B
2	googletagservices.com www.googletagservices.com	61 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	google.com 1 redirects adservice.google.com www.google.com	339 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
1	splicky.com 1 redirects bidswitch-eu.splicky.com	221 B
1	mookie1.com odr.mookie1.com	324 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	quantcount.com rules.quantcount.com	1 KB
1	tealiumiq.com datacloud.tealiumiq.com	971 B
1	chartbeat.com static.chartbeat.com	14 KB
1	jeeng.com users.api.jeeng.com	290 KB
0	alm.com Failed geoip.alm.com Failed
335	57

	Domain	Requested by
78	rtb.gumgum.com	1 redirects g2.gumgum.com
23	images.benefitspro.com	www.benefitspro.com
23	www.benefitspro.com	1 redirects www.benefitspro.com cdnjs.cloudflare.com
20	ads.servenobid.com	www.benefitspro.com public.servenobid.com g2.gumgum.com
19	ib.adnxs.com	13 redirects www.benefitspro.com
18	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com www.benefitspro.com
16	x.bidswitch.net	16 redirects
15	ads.pubmatic.com	g2.gumgum.com ads.pubmatic.com
15	secure.adnxs.com	10 redirects
12	cm.g.doubleclick.net	7 redirects g2.gumgum.com
10	match.adsrvr.org	10 redirects
10	sync-tm.everesttech.net	9 redirects g2.gumgum.com
10	b1sync.zemanta.com	10 redirects
10	us-u.openx.net	10 redirects
10	ap.lijit.com	10 redirects
9	use.typekit.net	www.benefitspro.com
9	tags.tiqcdn.com	www.benefitspro.com tags.tiqcdn.com
7	px.moatads.com	www.benefitspro.com tpc.googlesyndication.com
6	sync.mathtag.com	6 redirects
6	sync.outbrain.com	5 redirects g2.gumgum.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	colossusssp.com	1 redirects www.benefitspro.com
5	image6.pubmatic.com	ads.pubmatic.com
5	ams.creativecdn.com	5 redirects
5	creativecdn.com	5 redirects
5	p.rfihub.com	5 redirects
5	tg.socdm.com	5 redirects
5	cs.emxdgt.com	g2.gumgum.com
5	bh.contextweb.com	5 redirects
5	sync.1rx.io	5 redirects
5	stags.bluekai.com	5 redirects
5	sync.technoratimedia.com	g2.gumgum.com
5	sync.ipredictive.com	5 redirects
5	pr-bh.ybp.yahoo.com	5 redirects
5	sync.srv.stackadapt.com	5 redirects
5	onetag-sys.com	public.servenobid.com
5	pixel.33across.com	public.servenobid.com
5	g2.gumgum.com	public.servenobid.com
5	public.servenobid.com	www.benefitspro.com
5	acdn.adnxs.com	www.benefitspro.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.benefitspro.com
5	fonts.gstatic.com	fonts.googleapis.com
4	ml314.com	tags.tiqcdn.com ml314.com z.moatads.com
4	owlcarousel2.github.io	www.benefitspro.com
3	www.dianomi.com	tpc.googlesyndication.com
3	a.dpmsrv.com	www.benefitspro.com s.dpmsrv.com
3	dpm.demdex.net	1 redirects www.benefitspro.com
3	cdnjs.cloudflare.com	www.benefitspro.com
2	a.sportradarserving.com	2 redirects
2	pool.admedo.com	2 redirects
2	pagead2.googlesyndication.com
2	www.googletagservices.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	ghb1.adtelligent.com	www.benefitspro.com
2	ghb.adtelligent.com	www.benefitspro.com
2	b.law.com	tags.tiqcdn.com www.benefitspro.com
2	fonts.googleapis.com	ajax.googleapis.com securepubads.g.doubleclick.net
2	ping.chartbeat.net	www.benefitspro.com
2	z.moatads.com	www.benefitspro.com tpc.googlesyndication.com
2	store.law.com	1 redirects www.benefitspro.com
1	bidswitch-eu.splicky.com	1 redirects
1	odr.mookie1.com	g2.gumgum.com
1	in.ml314.com	ml314.com
1	sync.colossusssp.com
1	googleads.g.doubleclick.net	www.benefitspro.com
1	www.google.com	1 redirects
1	idsync.rlcdn.com	www.benefitspro.com
1	geo.moatads.com	z.moatads.com
1	p.typekit.net	www.benefitspro.com
1	ghb2.adtelligent.com	www.benefitspro.com
1	pixel.quantserve.com	www.benefitspro.com
1	cm.everesttech.net	1 redirects
1	alm.demdex.net	tags.tiqcdn.com
1	rules.quantcount.com	secure.quantserve.com
1	adservice.google.com	tags.tiqcdn.com
1	secure.quantserve.com	tags.tiqcdn.com
1	datacloud.tealiumiq.com	www.benefitspro.com
1	static.chartbeat.com	tags.tiqcdn.com
1	s.dpmsrv.com	www.benefitspro.com
1	mb.moatads.com	z.moatads.com
1	users.api.jeeng.com	www.benefitspro.com
1	ajax.googleapis.com	www.benefitspro.com
1	store.benefitspro.com	1 redirects
1	benefitspro.com	1 redirects
0	geoip.alm.com Failed	cdnjs.cloudflare.com
335	84

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
store.law.com
www.judydiamond.com
freeerisa.benefitspro.com
www.bprobrokerexpo.com
www.alm.com
www.event.benefitspro.com
benefitspro.tradepub.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-23` - `2021-07-23`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
cert-00012-cdnedge-bluemix.akamaized.net R3	`2021-01-18` - `2021-04-18`	3 months	crt.sh
store.law.com Go Daddy Secure Certificate Authority - G2	`2020-07-07` - `2022-09-05`	2 years	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.dpmsrv.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.tealiumiq.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
b.law.com DigiCert SHA2 High Assurance Server CA	`2020-07-05` - `2021-10-08`	a year	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2020-10-06` - `2021-11-07`	a year	crt.sh
ghb.adtelligent.com R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
*.servenobid.com Amazon	`2021-02-12` - `2022-03-13`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
ghb1.adtelligent.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
ghb2.adtelligent.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
public.servenobid.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-08-25`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-11` - `2021-04-20`	2 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 80 frames:

Primary Page: https://www.benefitspro.com/?slreturn=20210202150955
Frame ID: ED8CA6F487CC8A0CB2E418870AD799D0
Requests: 145 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: 4B1524242D8200BCA361B3BC8474F86B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Frame ID: 0C0F55C7882C4AD0125EA81F466E2581
Requests: 15 HTTP requests in this frame

Frame: https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Frame ID: 7B9DF6A8C3F189748BCC1ACC9F8ED6C5
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042011201932000/amp4ads-v0.mjs
Frame ID: D24BEF1AA1A4525D05838DB3EB504A3D
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8DE62BDF5D557092EADF760618BD87C0
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 5A995F0C3F52B35BECF89B03735EFBFB
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: AB295479E7DF8F2C684411FFB01C4C36
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 5768C5009E16C18228975712042848FC
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 1ED12F7BE7B2A1F9EA8559CB4F63E19D
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: B95E0875F3A41CB5BDD2382117A0548C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9F891B353D072615F6D81271A247F224
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 6E864173B9054D4B3259673A72EABA27
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 30F1F6336EFBDB4E1A31A41329191C2E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F37B42A9418D7226FF00652815B974BD
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Frame ID: 04ADAEBF316EA854D0E6AD812F1CEFBA
Requests: 13 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D439%26uid%3D33XUSERID33X
Frame ID: DF129BAFD4E451F70A79EFF2A14ED572
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D1258%26uid%3D
Frame ID: 2B565121A70FF1DCB14C3B6DD1E8AF5F
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Frame ID: 784D9874D064BC28F333FCFD11F70951
Requests: 13 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D2603%26uid%3D33XUSERID33X
Frame ID: 0CE13810F9FF29F27A670A5448B64632
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D10568%26uid%3D
Frame ID: 0B8ECB2828AB8E1825D43A8E2958C913
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Frame ID: A81AA2F4EF57C36D4E59A8F4252D934E
Requests: 13 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D7014%26uid%3D33XUSERID33X
Frame ID: 0ABB50B1EC75AED6C81B620595470D83
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D4543%26uid%3D
Frame ID: 639D6CE504DA5DACAB194BDFE2CC327B
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Frame ID: 7EDD8809ED4708C6408BAA7B8064FFA0
Requests: 13 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D7930%26uid%3D33XUSERID33X
Frame ID: C3A0330897C15CE667A37FEFC8C69A69
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D4820%26uid%3D
Frame ID: EC215B1020AD5326AA9D25EFDBF66582
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Frame ID: 2CD54066646A9BB9F388B9D4B9A84803
Requests: 13 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D3996%26uid%3D33XUSERID33X
Frame ID: 3E737C2A20494E56F9D1C0EE528CAACF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D1775%26uid%3D
Frame ID: 14A527BB776149DABB91808F74EB9333
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=2220603e-9b9c-4a00-b504-72363b22b6e4&gdpr=0&gdpr_consent=
Frame ID: 1509E55BC23EC72764D60E7C48A66695
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKd3wCzr
Frame ID: 0113887D2412C0426A534DDC496814BD
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MzZkNjg2NS1kNzlhLTRhZTgtYjg0ZC1mYmFkZGFkMjNiMTA=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: F24CF5BB165EEBEB134005516648997E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 4F0649422280D9366ABD15867122D922
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
Frame ID: 30168D929E1E4F92487631B628946414
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 79650572E3F9DA36A3BCB42032F6DEF4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ygcAAAAA
Frame ID: 4F8A66849695F0614A86DA12F5185BB3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002120
Frame ID: 92FF685E579E5946B148BCB7D3266057
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Frame ID: 3155108FC745D16689A63E2BBD7119FA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=d212603e-9b9c-4500-86e5-4a4c12c458d8&gdpr=0&gdpr_consent=
Frame ID: F5303B5657C8465E2B7301331DB06C67
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAHUIZjoG&gdpr=0&gdpr_consent=&_test=YD6bmgAAAHUIZjoG
Frame ID: E7E98037FF4972FC8AD4A8B31C299502
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YzRlNzg0NC1iY2JhLTRiYTMtODVkYy01NDk0NmUwMDNlNWM=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: C0AF93A9145F4A23F2535BF3A29C5171
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: EAFBEBD1CEEFCC885261EBFAC5752410
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
Frame ID: FBCAD8346C6ECE2FACEF2689B0F70483
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 16ADA56665B0B1D4738B1A128F3B0016
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ynkAAAAA
Frame ID: 8A261FC75DC84B6AB1089B3184683B0F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=875739024679720295
Frame ID: E374971AC690B8103B587967E19800F9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Frame ID: 95F1F7AA407A72723122D0B83984E13E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=648c603e-9b9c-4e00-baab-227a86cab72c&gdpr=0&gdpr_consent=
Frame ID: C6ECC336C37F1FC4CF74AAF0A0FB7088
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAECnJCrK&gdpr=0&gdpr_consent=&_test=YD6bmgAAAECnJCrK
Frame ID: CDE82779EF90A858C679AD317E892D1B
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg0MWFiMy1lZTJiLTQ1MTMtOTRlZC0wODcyNzg5MTgxMjQ=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 9E4DAC964B46F1EC308FCA06A882988A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 1F88E3D07C3DB6256D3968FB9310BB1D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=c705da3c-c3c6-430c-94ad-73532e63621b&t=1617307803
Frame ID: 62C16D6A1AED43000E5B33A07A92E339
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 77EE4F1BFC1312E169D14A03859A7E6A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yt4AAAAA
Frame ID: 495E53ADA487A13A4A1FB4496523CE3F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002176
Frame ID: 6CB1EC80D790164AB6884A593632BDA7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Frame ID: 0DF98A112A22B935D7491A631186D927
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=3382603e-9b9c-4700-92bb-b3bc1ef460cb&gdpr=0&gdpr_consent=
Frame ID: 5A96D11F3D6A15AAD86D080E649A93DE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAH84U1LS&gdpr=0&gdpr_consent=&_test=YD6bmgAAAH84U1LS
Frame ID: 2EA74815DA3FEAA41EEF1A150789EA91
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYTRmYjRiNi0wY2U4LTQ5M2UtODdmOC01ODI2ZGZiMjUyYzI=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 63E80022724218763125B0AB84AB8075
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2FEDA1D62D0DAC04E160F7D43B6A5A6C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
Frame ID: ECFAAB89ED4DBCAB5DCE52F60A56B0AA
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 76833F9F710B45C1E228A63BE031D0A1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yzEAAAAA
Frame ID: B13B687282028CC2059B61C5206623AC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002208
Frame ID: EBAD8A7FDB6761E51B90261EE26224FA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Frame ID: 557998A81F8017217EDC3445E596E515
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1698603e-9b9c-4b00-9a4f-01b7abcc9ad9&gdpr=0&gdpr_consent=
Frame ID: 1A08CE2E445DAEA4C0B62B2952383904
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAKN3wyzr&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKN3wyzr
Frame ID: 26967146F1D0BDEE6776D1AAB40E36EF
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ODFhNWVkYS1kOTBmLTQ0YzEtOTZkOC1kODg3MjY4ZmY1M2M=&gdpr=0&gdpr_consent=
Frame ID: 10D7D79E4F46A2615C10ECB6A77568DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 6546D6EC395BA7E1CAA205C4CFC5A4EA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
Frame ID: A1FAE6B3D1A3D988B533D380E858B770
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: C4088C36713572E32FAF1C3AAEF421F0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1y4gAAAAA
Frame ID: 864E0EE431E3B9DB9633104AD0F227A9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=875739024679720366
Frame ID: 8646F633F4433534D07193EF94443916
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Frame ID: 20598B6256D2F51E3855CF243968FF4A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4743A485317B927A01ACA007F34D6160
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B8365CD9F7FC50DF38B84F4D71B6D191
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BC50057F9A5A74315FB0AB9409D03319
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 127FD2236E124926AAAAC7D341141422
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1981B6A29431E494E8328D7BA3730888
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://benefitspro.com/ HTTP 301
https://www.benefitspro.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.benefitspro.com&source=h... HTTP 302
http://store.benefitspro.com/Registration/Login.aspx?mode=token&token=378693C4-DDBB-4F3C-9636-7A58649EF45... HTTP 302
https://www.benefitspro.com/?slreturn=20210202150955 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

335
Requests

100 %
HTTPS

30 %
IPv6

57
Domains

84
Subdomains

56
IPs

8
Countries

2262 kB
Transfer

6228 kB
Size

23
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BenefitsPro

Search URL Search Domain Scan URL

URL: https://twitter.com/Benefits_Pro

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/benefitspro/

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/Login.aspx?promoCode=BPRO:LIMITED&refDomain=store.benefitspro.com&source=https%3A%2F%2Fwww.benefitspro.com%2F
Title: Sign In

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=BPRO:LIMITED&refDomain=store.benefitspro.com&source=https%3A%2F%2Fwww.benefitspro.com%2F
Title: Register

Search URL Search Domain Scan URL

URL: http://www.judydiamond.com/bpro/health/?utm_source=BPro&utm_medium=nav&utm_campaign=BProReaders
Title: Leads

Search URL Search Domain Scan URL

URL: http://www.judydiamond.com/bpro/retirement/?utm_source=BPro&utm_medium=nav&utm_campaign=BProReaders
Title: Leads

Search URL Search Domain Scan URL

URL: http://freeerisa.benefitspro.com/
Title: FreeERISA

Search URL Search Domain Scan URL

URL: http://www.bprobrokerexpo.com/ehome/index.php?eventid=247060&
Title: BenefitsPRO Broker Expo

Search URL Search Domain Scan URL

URL: https://www.alm.com/terms-of-use-summit/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.alm.com/privacy-summit/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.alm.com/

Search URL Search Domain Scan URL

URL: https://freeerisa.benefitspro.com/
Title: FreeERISA

Search URL Search Domain Scan URL

URL: https://www.event.benefitspro.com/bprobrokerexpo
Title: BROKER EXPO

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma70/prgm.cgi
Title: A Compliance Checklist: Understanding Executive Medical Reimbursement

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_fors02/prgm.cgi
Title: The Remote Broker's Guide to Navigating the New Normal

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_defa855/prgm.cgi
Title: Prevention Cost Savings: What is the ROI for Diabetes Prevention?

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_defa838/prgm.cgi
Title: 2021 Workplace Mental Health Trends Forecast

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_heau05/prgm.cgi
Title: Boost Benefits ROI: Five Strategies to Make a Difference for Your Clients' Bottom Line

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_hing16/prgm.cgi
Title: 5 Musculoskeletal Trends & 5 Benefit Strategies for 2021

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_hing15/prgm.cgi
Title: 5 Musculoskeletal Trends & 5 Benefit Strategies for Your Company in 2021

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_newi02/prgm.cgi
Title: Find Your Place in the Small Business Market

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_heau02/prgm.cgi
Title: 5 Ways to Help Employees Feel More in Control of Their Healthcare Decisions

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_defa768/prgm.cgi
Title: Predictions for the Future of Benefits: Reshaping Healthcare in a Post-COVID World

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma69/prgm.cgi
Title: Emerging Trends in Employee Benefits

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_heau01/prgm.cgi
Title: Six Strategies to Reduce Benefits Costs in 2021

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_defa730/prgm.cgi
Title: A Wellbeing Roadmap: Putting Employees at the Heart of the Benefits Plan

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_defa731/prgm.cgi
Title: A Wellbeing Roadmap: Putting Clients' Employees at the Heart of the Benefits Plan

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_cirr14/prgm.cgi
Title: 5 Employee Health and Wellness Trends to Watch in 2021

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_cirr13/prgm.cgi
Title: 5 Health and Wellness Trends to Watch for Employer Clients in 2021

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_cirr12/prgm.cgi
Title: Breaking Down Legacy Barriers: 5 Lessons Healthcare Can Learn from FinTech

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_defa676/prgm.cgi
Title: Are You Ready to Enter a New Era of Health Benefits Planning?

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_cirr11/prgm.cgi
Title: Break Down Legacy Barriers for Employees: 5 Lessons Healthcare Can Learn from FinTech

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma68/prgm.cgi
Title: Benefit Comparison: One Clear Winner

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_hing11/prgm.cgi
Title: Help Clients Address Chronic Pain & Opioid Misuse Among Employees

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_hing10/prgm.cgi
Title: How to Address Chronic Pain & Opioid Misuse Among Employees

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma65/prgm.cgi
Title: 4 Ways to Stay Strategic Using Quick Benefit Plug-Ins

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma63/prgm.cgi
Title: In the Game of Life: Innovative Benefits

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_parf02/prgm.cgi
Title: How to Sell Stronger Stop-Loss

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma62/prgm.cgi
Title: By the Numbers: The Unintended Consequences of HDHPs

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma57/prgm.cgi
Title: World of Options: Creating Benefit Flexibility in Uncertainty

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_parf01/prgm.cgi
Title: Group Captives: Changing the Face of Healthcare Delivery

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma56/prgm.cgi
Title: Breaking Out of the Benefits Cycle: A How-To Guide for Brokers

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma55/prgm.cgi
Title: Carve-Out Coverage: A Closer Look at Excepted Benefits

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma54/prgm.cgi
Title: The Benefits Flexibility Clients Need for Tomorrow's Unknowns

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma53/prgm.cgi
Title: Quick Reference Guide to Supplemental Health Insurance

Search URL Search Domain Scan URL

URL: https://benefitspro.tradepub.com/free/w_arma52/prgm.cgi
Title: Client Tool: Closing Coverage Gaps with Jack & Jill

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=BPRO:LIMITED&source=https://www.benefitspro.com/

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/login.aspx?promoCode=BPRO:LIMITED&source=https://www.benefitspro.com/
Title: Sign In Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://benefitspro.com/ HTTP 301
https://www.benefitspro.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.benefitspro.com&source=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955 HTTP 302
http://store.benefitspro.com/Registration/Login.aspx?mode=token&token=378693C4-DDBB-4F3C-9636-7A58649EF456&source=https%3a%2f%2fwww.benefitspro.com%2f%3fslreturn%3d20210202150955&debug=lawDomainIPWithRefRedirect HTTP 302
https://www.benefitspro.com/?slreturn=20210202150955 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1614715797157 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1614715797157

Request Chain 44

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0177f48fbe97005e0f9378f8fe8800078003407000b08&tealium_account=alm&tealium_profile=main HTTP 302
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0177f48fbe97005e0f9378f8fe8800078003407000b08&tealium_account=alm&tealium_profile=main&google_tc= HTTP 302
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0177f48fbe97005e0f9378f8fe8800078003407000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEMD-xkxPNQARilthZPGWkrc&google_cver=1

Request Chain 57

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D506763%26tzOffset%3D-60%26url%3Dhttps%253A%252F%252Fwww.benefitspro.com%252F%253Fslreturn%253D20210202150955&_=1614715797528 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D506763%2526tzOffset%253D-60%2526url%253Dhttps%25253A%25252F%25252Fwww.benefitspro.com%25252F%25253Fslreturn%25253D20210202150955%26_%3D1614715797528 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=1234581160655061252&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=506763&tzOffset=-60&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&_=1614715797528

Request Chain 68

https://cm.everesttech.net/cm/dd?d_uuid=47868995846565577133644298701196842549 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YD6blQAAADcaWCkN

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1234581160655061252&pixelIndex=0&_=1614715797529 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1234581160655061252&pixelIndex=0&_=1614715797529&google_gid=CAESEHjN5Qo2gw3SWDHtAKfDdOY&google_cver=1

Request Chain 165

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 178

https://colossusssp.com/?c=o&m=cookie HTTP 302
https://sync.colossusssp.com/hms.gif?puid=59fb43608a7cacd67b48cc196a11a0aecbbf387d

Request Chain 182

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D10140%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D10140%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&cbimg=10140&uid=8979720418151428282

Request Chain 183

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D10339%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D10339%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&cbimg=10339&uid=562487109540c6f730e8ee39

Request Chain 187

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D5073%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D5073%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&cbimg=5073&uid=1897058634585796951

Request Chain 188

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D7619%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D7619%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&cbimg=7619&uid=a4eb2263ed72013b1a77618b

Request Chain 192

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D6920%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D6920%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&cbimg=6920&uid=1936715904665070801

Request Chain 193

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D5236%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D5236%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&cbimg=5236&uid=ce694b57b82b5c37f2d8b868

Request Chain 197

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D9788%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D9788%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&cbimg=9788&uid=4569666279889786098

Request Chain 198

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D10646%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D10646%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&cbimg=10646&uid=ce694b57b82b5c37f2d8b868

Request Chain 202

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D10459%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D10459%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&cbimg=10459&uid=918937116993929019

Request Chain 203

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D7194%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D7194%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&cbimg=7194&uid=d3ea474a843aafd9b9d3e59f

Request Chain 204

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 205

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 206

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 207

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 208

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 211

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=5311399952946282678

Request Chain 212

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_836d6865-d79a-4ae8-b84d-fbaddad23b10&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_836d6865-d79a-4ae8-b84d-fbaddad23b10&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6267f274-9385-439b-abac-7fb519c7ace1 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6267f274-9385-439b-abac-7fb519c7ace1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=524a5bf6-973b-4705-b06f-4c760f1c1eab&user_group=1&ssp=gumgum2&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=6267f274-9385-439b-abac-7fb519c7ace1

Request Chain 213

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28yDfI4Lh3mXlVmKK0ACjA8Byy2r9Wy8nOPig47YC9tayKo4fdgOdYTEvesLoSiTvQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28yDfI4Lh3mXlVmKK0ACjA8Byy2r9Wy8nOPig47YC9tayKo4fdgOdYTEvesLoSiTvQ%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_681a5eda-d90f-44c1-96d8-d887268ff53c&obuid=ENC(yDfI4Lh3mXlVmKK0ACjA8Byy2r9Wy8nOPig47YC9tayKo4fdgOdYTEvesLoSiTvQ)

Request Chain 214

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=c04fa12d-99e7-4289-84cd-8abbf41c6cfe

Request Chain 215

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-213b9f40-0180-40ed-4480-652b67945986$ip$194.99.105.99

Request Chain 216

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-ZmZ6cTJ1lxDDAn6tP38Pzjy6dTw_IQAVwrCK

Request Chain 217

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=45c2b81f-7b93-11eb-accc-c7b3cde757ee

Request Chain 219

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_836d6865-d79a-4ae8-b84d-fbaddad23b10&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=yByqVkG0F-6sC_24ZwV2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26KCPFYVM22HGBDC2NTTINPTENC2O5LDEJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26KCPFYVM22HGBDC2NTTINPTENC2O5LDEJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=yByqVkG0F-6sC_24ZwV2&us_privacy=1---

Request Chain 220

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

Request Chain 221

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=SeZeGL01vYvj&ev=1&pid=558355

Request Chain 223

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=2220603e-9b9c-4a00-b504-72363b22b6e4&gdpr=0&gdpr_consent=

Request Chain 224

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKd3wCzr

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MzZkNjg2NS1kNzlhLTRhZTgtYjg0ZC1mYmFkZGFkMjNiMTA=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MzZkNjg2NS1kNzlhLTRhZTgtYjg0ZC1mYmFkZGFkMjNiMTA=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 227

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803

Request Chain 229

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ygcAAAAA

Request Chain 230

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002120

Request Chain 231

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

Request Chain 232

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=890145087628412189

Request Chain 233

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9c4e7844-bcba-4ba3-85dc-54946e003e5c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_9c4e7844-bcba-4ba3-85dc-54946e003e5c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6267f274-9385-439b-abac-7fb519c7ace1&ssp=gumgum2&gdpr=0&gdpr_consent=

Request Chain 234

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28WbD2MUYtIUi1-gthVsJlMpzezNr0P0EmTLQxGrExEVMOUmvHV__TVJgBAv98ABlF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28WbD2MUYtIUi1-gthVsJlMpzezNr0P0EmTLQxGrExEVMOUmvHV__TVJgBAv98ABlF%29

Request Chain 235

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=e74ee255-e0f8-4ec0-a396-8a9eecf80d88

Request Chain 236

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-decf1c51-9071-4969-432a-c20d71437de2$ip$194.99.105.99

Request Chain 237

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-ZZqsrgB1lxDj7NvrXRSK8NrFf9ramKbK1_Ou

Request Chain 238

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=45d889d3-7b93-11eb-867b-c7ba2f4f3b0c

Request Chain 240

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9c4e7844-bcba-4ba3-85dc-54946e003e5c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=9r3EJWMulBTbDtE3Sh8q&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OLSGNCUUV2NOVWEEVDCIR2EKM2TNA4HCJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OLSGNCUUV2NOVWEEVDCIR2EKM2TNA4HCJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=9r3EJWMulBTbDtE3Sh8q&us_privacy=1---

Request Chain 241

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

Request Chain 242

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=cpHKuED5XAFs&ev=1&pid=558355

Request Chain 244

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=d212603e-9b9c-4500-86e5-4a4c12c458d8&gdpr=0&gdpr_consent=

Request Chain 245

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAHUIZjoG HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAHUIZjoG&gdpr=0&gdpr_consent=&_test=YD6bmgAAAHUIZjoG

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YzRlNzg0NC1iY2JhLTRiYTMtODVkYy01NDk0NmUwMDNlNWM=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YzRlNzg0NC1iY2JhLTRiYTMtODVkYy01NDk0NmUwMDNlNWM=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 248

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803

Request Chain 250

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ynkAAAAA

Request Chain 251

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=875739024679720295

Request Chain 252

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

Request Chain 253

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=7551657636941673485

Request Chain 254

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e8841ab3-ee2b-4513-94ed-087278918124&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e8841ab3-ee2b-4513-94ed-087278918124&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6267f274-9385-439b-abac-7fb519c7ace1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=17fd9702-200a-40a9-811b-e42b16e75a70

Request Chain 255

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28NnIBy1S-WwyTaxJi3PU3KveON4tBoV0Aell5-T1xKtnNox0-omlipB5EspV77atQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28NnIBy1S-WwyTaxJi3PU3KveON4tBoV0Aell5-T1xKtnNox0-omlipB5EspV77atQ%29

Request Chain 256

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=e74ee255-e0f8-4ec0-a396-8a9eecf80d88

Request Chain 257

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-f80d614e-133b-45ba-707c-0b0ffe6683d8$ip$194.99.105.99

Request Chain 258

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-jgnZg6Z1lxD5WqaadfsYii6ho_CbYVf4oY0d

Request Chain 259

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=45ee83b9-7b93-11eb-a856-cdc84786539e

Request Chain 261

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e8841ab3-ee2b-4513-94ed-087278918124&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=Zyl2cY12AG2U5oUtyVZs&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WTZNQZGGWJRGJAUOMSVGVXVK5DZKZNHGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WTZNQZGGWJRGJAUOMSVGVXVK5DZKZNHGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Zyl2cY12AG2U5oUtyVZs&us_privacy=1---

Request Chain 262

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

Request Chain 263

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=oZyjb4S1uAyM&ev=1&pid=558355

Request Chain 265

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=648c603e-9b9c-4e00-baab-227a86cab72c&gdpr=0&gdpr_consent=

Request Chain 266

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAECnJCrK HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAECnJCrK&gdpr=0&gdpr_consent=&_test=YD6bmgAAAECnJCrK

Request Chain 267

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg0MWFiMy1lZTJiLTQ1MTMtOTRlZC0wODcyNzg5MTgxMjQ=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg0MWFiMy1lZTJiLTQ1MTMtOTRlZC0wODcyNzg5MTgxMjQ=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 269

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=c705da3c-c3c6-430c-94ad-73532e63621b&t=1617307803

Request Chain 271

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yt4AAAAA

Request Chain 272

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002176

Request Chain 273

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

Request Chain 274

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=7551657636941673485

Request Chain 275

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ba4fb4b6-0ce8-493e-87f8-5826dfb252c2&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_ba4fb4b6-0ce8-493e-87f8-5826dfb252c2&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d96e6536-1041-46b6-ae32-4141b1adda6e&ssp=gumgum2 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=6267f274-9385-439b-abac-7fb519c7ace1

Request Chain 276

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28QinKaOPcx_m5irHhnXh8OTf7_IxR9K-DAXq3XwApuubonUUsjDrgRhi8kfTXfspY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28QinKaOPcx_m5irHhnXh8OTf7_IxR9K-DAXq3XwApuubonUUsjDrgRhi8kfTXfspY%29

Request Chain 277

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=12963e41-084d-4175-a7b6-461b47d64cc7

Request Chain 278

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-dba092ea-8ef6-42f8-7368-ff3a452740fd$ip$194.99.105.99

Request Chain 279

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-aK1GaQl1lxBNOP.G4__Pa.uJUaeMA4z7wtdy

Request Chain 280

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=460454fe-7b93-11eb-a275-758938127a66

Request Chain 282

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ba4fb4b6-0ce8-493e-87f8-5826dfb252c2&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=MFX4sojOhfsnH6_NCioC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TKGLA2HG33KJ5UGM43OJA3F6TSDNFXUGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TKGLA2HG33KJ5UGM43OJA3F6TSDNFXUGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=MFX4sojOhfsnH6_NCioC&us_privacy=1---

Request Chain 283

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

Request Chain 284

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=w0o8poOsTgJp&ev=1&pid=558355

Request Chain 286

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=3382603e-9b9c-4700-92bb-b3bc1ef460cb&gdpr=0&gdpr_consent=

Request Chain 287

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAH84U1LS HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAH84U1LS&gdpr=0&gdpr_consent=&_test=YD6bmgAAAH84U1LS

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYTRmYjRiNi0wY2U4LTQ5M2UtODdmOC01ODI2ZGZiMjUyYzI=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYTRmYjRiNi0wY2U4LTQ5M2UtODdmOC01ODI2ZGZiMjUyYzI=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 290

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803

Request Chain 292

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yzEAAAAA

Request Chain 293

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002208

Request Chain 294

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

Request Chain 295

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=5311399952946282678

Request Chain 296

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_681a5eda-d90f-44c1-96d8-d887268ff53c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_681a5eda-d90f-44c1-96d8-d887268ff53c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D6267f274-9385-439b-abac-7fb519c7ace1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=924b603e-9b9c-4b00-b340-13e84a3ac1d8&expires=30&ssp=gumgum2&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=924b603e-9b9c-4b00-b340-13e84a3ac1d8&expires=30&ssp=gumgum2&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=949d32f8-ba16-474b-8d25-58040a83c5d8

Request Chain 297

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28b-JYsnquMCSyfxYNczAH16GSMsO7Vq1wl_rz2f4gUewpRnQWYdp2oRE7MNA1RDOS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28b-JYsnquMCSyfxYNczAH16GSMsO7Vq1wl_rz2f4gUewpRnQWYdp2oRE7MNA1RDOS%29

Request Chain 298

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=11048dad-4ca1-46d4-8a8e-8fa19c68d6f7

Request Chain 299

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-d5a46e0e-3e9b-40c1-5915-cad0534c6297$ip$194.99.105.99

Request Chain 300

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-fstdCnJ1lxC6hIemnWi9yftk7uBeKK5o.BdT

Request Chain 301

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=461a4e12-7b93-11eb-9484-0b7c31e4d27e

Request Chain 303

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_681a5eda-d90f-44c1-96d8-d887268ff53c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=Dh4C5X7iqwesc5kQq99i&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RDIGRBTKWBXNFYXOZLTMM2WWULRHE4WSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RDIGRBTKWBXNFYXOZLTMM2WWULRHE4WSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Dh4C5X7iqwesc5kQq99i&us_privacy=1---

Request Chain 304

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

Request Chain 305

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=wXHeE2gcSZqb&ev=1&pid=558355

Request Chain 307

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=1698603e-9b9c-4b00-9a4f-01b7abcc9ad9&gdpr=0&gdpr_consent=

Request Chain 308

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKN3wyzr HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAKN3wyzr&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKN3wyzr

Request Chain 311

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803

Request Chain 313

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1y4gAAAAA

Request Chain 314

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=875739024679720366

Request Chain 315

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

Request Chain 324

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=18252462,18600656 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D18252462%2C18600656

335 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.benefitspro.com/
Redirect Chain

http://benefitspro.com/
https://www.benefitspro.com/
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.benefitspro.com&source=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955
http://store.benefitspro.com/Registration/Login.aspx?mode=token&token=378693C4-DDBB-4F3C-9636-7A58649EF456&source=https%3a%2f%2fwww.benefitspro.com%2f%3fslreturn%3d20210202150955&debug=lawDomainIPW...
https://www.benefitspro.com/?slreturn=20210202150955

114 KB
18 KB

247ms
247ms

Document
text/html

2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91003ecf1942f98e41f2b840b7ba793af2c0f92786b76f27481709516233a9a2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.benefitspro.com
:scheme: https
:path: /?slreturn=20210202150955
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d618ebd7b5a946988796aaa872b1557261614715795; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660; ipAddress=5lw5ac9dCIoroGM5uQ%3d%3d; UCID=163be74d-a6d4-42ef-9e6f-8ee9add04372
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-type: text/html;charset=utf-8
cf-ray: 629d43fee8922b4d-FRA
content-language: en-US
set-cookie: ssoCompliant=; Max-Age=31536000; Expires=Wed, 02-Mar-2022 20:09:56 GMT; Path=/ NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660;expires=Tue, 02-Mar-2021 20:19:59 GMT;path=/;secure;httponly
vary: Accept-Encoding
cf-cache-status: DYNAMIC
backend: templates_newlaw_director
cf-request-id: 089628d35200002b4dbe237000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 27
server: cloudflare
content-encoding: br

Redirect headers

Date: Tue, 02 Mar 2021 20:09:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Location: https://www.benefitspro.com/?slreturn=20210202150955
X-AspNet-Version: 4.0.30319
Set-Cookie: regSID=61a7ed74-524e-46ff-b949-49e5d2fbae5d; expires=Tue, 02-Mar-2021 21:10:39 GMT; path=/; HttpOnly ipAddress=5lw5ac9dCIoroGM5uQ%3d%3d; domain=.benefitspro.com; expires=Wed, 03-Mar-2021 08:10:39 GMT; path=/ UCID=163be74d-a6d4-42ef-9e6f-8ee9add04372; domain=.benefitspro.com; expires=Thu, 02-Mar-2051 20:10:39 GMT; path=/
X-Powered-By: Server #1
Referrer-Policy: origin-when-cross-origin
CF-Cache-Status: DYNAMIC
cf-request-id: 089628d28f00004e3dd7af9000000001
Server: cloudflare
CF-RAY: 629d43fdb8134e3d-FRA

GET
H2 200 markets.min.css
www.benefitspro.com/assets/master-template/css/release/ 328 KB
45 KB 120ms
118ms Stylesheet
text/css 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/css/release/markets.min.css?2021-03-02-15

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d901c0df0666d0ebe00231b25eef17879e714a2cf29d2f57bde706ac040e324b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 5
backend: templates_newlaw_director
cf-request-id: 089628d45400002b4d8ab8d000000001
cteonnt-length: 335677
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"335677-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 629d44008b9f2b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 142ms
46ms Stylesheet
text/css 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: dcc4aa6194dc1e31c24f796fc53f431008c31e0c
date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: gzip
age: 470
x-cache: HIT
content-length: 1068
x-served-by: cache-hhn4071-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: B27A:A124:1E4C80:1F00C1:603E9294
x-timer: S1614715797.676831,VS0,VE0
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Tue, 02 Mar 2021 19:41:32 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 9

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
867 B 141ms
45ms Stylesheet
text/css 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 375e9b03e3b0a8cd7d4573f6fc04e840e970ebc3
date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: gzip
age: 71
x-cache: HIT
content-length: 479
x-served-by: cache-hhn4071-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: BD7A:68B6:45039:4C411:6036F82D
x-timer: S1614715797.676778,VS0,VE0
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 25 Feb 2021 01:10:26 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 3

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 17ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1357994
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
cf-request-id: 089628d45400002c3aaa957000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jI27hTxJEn2jywLMOGvBJ5mokM%2FsJUizdwcXescG0mK3Oa6qtwb%2FcKu7VzRZM5D93r0aJFKYasTMG5Ra3r1PFX0GfS5QrxBtSPIhrYmVtLKMcg8OlqdD3ji%2BlbPAh2ka8g%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 629d44008fbe2c3a-FRA
expires: Sun, 20 Feb 2022 20:09:56 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 11 KB
4 KB 20ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3114404
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3592
cf-request-id: 089628d45400002c3a61b05000000001
timing-allow-origin: *
last-modified: Thu, 25 Jun 2020 01:22:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ef3fc71-2b0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b%2FkJEp9eCgm8sAHXS34uwtgkoKma28OT3IRyL%2F8Yr23Y089adoEcrMKqhqTKNcCK4UESxvz4Rty9GL8lVeHh8fU16x8Zatrw%2BOGgRRA5AnXq6RIvGvyKdY%2F8LZ%2FtLzKlfA%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 629d44008fc02c3a-FRA
expires: Sun, 20 Feb 2022 20:09:56 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/almheader466656885399/ 200 KB
71 KB 171ms
63ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almheader466656885399/moatheader.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1ee45e8286273d02bbb90b2f361799f6f6e8a3f0d8589f5c5eb8633592e6a30a

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:24:19 GMT
server: AmazonS3
x-amz-request-id: BJ3JEM7V9P4S8M5J
etag: "f33a8da05895986965b2c6e0269e9325"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=4704
accept-ranges: bytes
content-length: 72008
x-amz-id-2: MNMYRJQL+oYYlPCOmrjNq2qrpAQV3Sz/8A+OWWBygx5gLJEt1bdoKkRPD2NfeSvcVFVcwgEZU1g=

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 09:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37561
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 09:43:55 GMT

GET
H2 200 benefitspro.prebid.js Show response
www.benefitspro.com/assets/master-template/js/prebid/ 207 KB
60 KB 75ms
32ms Script
application/javascript 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b17794a71229f1e8eea700ae1720589558e2e0df9135d2460a09eeaf5d6c39c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 7855
x-cache: HIT 1
backend: templates_newlaw_director
cf-request-id: 089628d5b900002b4d918f1000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"211586-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 629d4402c86e2b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 / Show response
users.api.jeeng.com/users/domains/0O25x655EL/sdk/ 1 MB
290 KB 125ms
37ms Script
text/javascript 2a02:26f0:6c00::210:bac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/users/domains/0O25x655EL/sdk/
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: fac0d475bc13db3c1ef9a4ec6ef6cfcfc516ffbc242a3282b91722b33899bfd9

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: gzip
etag: W/"168d3c-zP021Y2oUELThLEYnHvCg/hyIm0"
server: Google Frontend
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 2d3ef8c57460604f982cf2bd8d69b796
cache-control: max-age=1953

GET
H2 200 lazyloadXT.min.js Show response
www.benefitspro.com/assets/master-template/js/release/ 3 KB
2 KB 76ms
33ms Script
application/javascript 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 7854
x-cache: HIT 3
backend: templates_newlaw_director
cf-request-id: 089628d5b900002b4d01a20000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2937-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 629d4402c8712b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 nav-icon-mini-burger-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 58 B
248 B 74ms
31ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 704
cf-polished: origFmt=png, origSize=2855
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-mini-burger-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 58
cf-request-id: 089628d5b900002b4dab38b000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"2855-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8722b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 nav-icon-search-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 350 B
582 B 74ms
31ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/nav-icon-search-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d836affe5971294b1b43a2a39334836f2519478468c94e43545a9582e749e670

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 704
cf-polished: origFmt=png, origSize=3368
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-search-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 350
cf-request-id: 089628d5b900002b4dcd0ef000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"3368-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8732b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 social-fb-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 164 B
333 B 75ms
32ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/social-fb-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af416120f43bfee84e300f2a0c359310087a64f1b4f19b39f1f8cd65ce0c84ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 704
cf-polished: origFmt=png, origSize=1222
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="social-fb-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 164
cf-request-id: 089628d5ba00002b4d9e084000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"1222-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8742b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 social-tw-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 354 B
519 B 75ms
32ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/social-tw-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

648e79ebde6cf1350cfa7568f8f5a582d599281cb3245aeef278465cbe3ffeb3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 704
cf-polished: origFmt=png, origSize=1583
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="social-tw-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 354
cf-request-id: 089628d5ba00002b4dd18c0000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"1583-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8752b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 social-li-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 256 B
583 B 72ms
30ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/social-li-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 704
cf-polished: origFmt=png, origSize=1413
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="social-li-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 256
cf-request-id: 089628d5ba00002b4dcc8bf000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"1413-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8762b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 nav-icon-sign-in.png
www.benefitspro.com/assets/master-template/images/ 240 B
462 B 81ms
38ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/nav-icon-sign-in.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 704
cf-polished: origFmt=png, origSize=1322
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in.webp"
cf-bgj: imgq:100,h2pri
content-length: 240
cf-request-id: 089628d5ba00002b4dc79c9000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"1322-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8772b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 bpro_logo_retina.png
www.benefitspro.com/assets/master-template/images/market-images/ 3 KB
3 KB 72ms
30ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/bpro_logo_retina.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e9971e6cf33eb3ae9da6caacebedea9df7332020441f41ebff53a1194b9f317

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 704
cf-polished: origFmt=png, origSize=23765
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="bpro_logo_retina.webp"
cf-bgj: imgq:100,h2pri
content-length: 2836
cf-request-id: 089628d5ba00002b4d9995a000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"23765-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8782b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 COVIDVaccineShutterstock.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2020/10/ 26 KB
26 KB 62ms
14ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2020/10/COVIDVaccineShutterstock.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2efd23c27204865c189be299ff1a38b27605781f42c2ba4c3e72cdfa367bcf1f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
cf-cache-status: HIT
age: 5979
cf-polished: origSize=27452, status=webp_bigger
x-cache: HIT 1
backend: contribsreimg_prod_director
last-modified: Fri, 23 Oct 2020 15:45:11 GMT
content-length: 26796
cf-request-id: 089628d5c000002b4da6b6d000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ce0468-6b3c-5b258774d3218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8912b4d-FRA
x-vnode: 28
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 CultureTeamwork.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2018/12/ 37 KB
37 KB 68ms
19ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2018/12/CultureTeamwork.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc76814375cda6e05e9627ab4de2c02b967e83fd61da79dc318f7852379f9fc1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
cf-cache-status: HIT
age: 5978
cf-polished: origSize=38492, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Mon, 17 Dec 2018 22:03:05 GMT
content-length: 38101
cf-request-id: 089628d5c000002b4d8019e000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5925b5-965c-57d3ef207a81f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8902b4d-FRA
x-vnode: 28
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 fav-bloomberg-home-daycare-provider-childcare-issue.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/01/ 63 KB
63 KB 63ms
15ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/01/fav-bloomberg-home-daycare-provider-childcare-issue.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84de64a552a0268bb7f58bb642c20be55c60b48ec2357cc65e06510f528354a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
cf-cache-status: HIT
age: 5978
cf-polished: origSize=64801, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Fri, 29 Jan 2021 19:01:38 GMT
content-length: 64509
cf-request-id: 089628d5bf00002b4d851d4000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1042ae8-fd21-5ba0ea24736ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c88c2b4d-FRA
x-vnode: 145
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 fav-man-acccounting-business-small.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/01/ 37 KB
37 KB 68ms
20ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/01/fav-man-acccounting-business-small.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b99bf3fe07ea79c10cda712e2aa1f9158b857066f47b3e882c418043c32587a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
cf-cache-status: HIT
age: 5978
cf-polished: origSize=38780, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Fri, 22 Jan 2021 20:53:15 GMT
content-length: 38077
cf-request-id: 089628d5c000002b4df92dd000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "104241e-977c-5b9836095d2f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d4402c8932b4d-FRA
x-vnode: 21
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 common.min.js Show response
www.benefitspro.com/assets/master-template/js/release/ 53 KB
13 KB 78ms
37ms Script
application/javascript 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/release/common.min.js?2021-03-02-15

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9423431867316005a1c000237c6649870a2e388fa2e741fe6d8dbe09137f760c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 698
x-cache: HIT 1
backend: templates_newlaw_director
cf-request-id: 089628d5bb00002b4d7f8c9000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"54431-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 629d4402c8792b4d-FRA
x-vnode: 145
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H/1.1 200
OK overlayForm.js Show response
store.law.com/Registration/js/ 14 KB
4 KB 429ms
130ms Script
application/javascript 192.226.82.212
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/Registration/js/overlayForm.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.226.82.212 Ridge, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / Server #2
Resource Hash: 593ee85d3edcd1c0f3b19750ef667f7fdc88c7f2ef235fe226ea8fec35432eae

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 20:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
ClientProtocol: https
Last-Modified: Mon, 01 Mar 2021 23:01:43 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: Server #2
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=900
Accept-Ranges: bytes
Content-Length: 3592
ETag: "80a59ed8eeed71:0"

GET
H2 200 tealium.js Show response
www.benefitspro.com/assets/master-template/js/ 5 KB
1 KB 75ms
34ms Script
application/javascript 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/tealium.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

654e11486d261cd7bdbf53ae5f57f82ff29e1f26af95378698e7fffed673cf83

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 7854
x-cache: HIT 1
backend: templates_newlaw_director
cf-request-id: 089628d5bb00002b4df3a87000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4926-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 629d4402c87b2b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
15 KB 12ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1710816
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15508
cf-request-id: 089628d53f00002c3aaa96c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=naPf%2BSZihEkDc2HAwYNJOVwhPRY3EncfS0Jf0gHWfZ2vRffUqnIUioLZb4VP7UDBTT2OUxwDpBvkRBFzcL4hQKWfdHyDxh6Rp0hJEU8Ep%2B9I7Uay3QooJlOT14OLmQUR5g%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 629d4401fa4e2c3a-FRA
expires: Sun, 20 Feb 2022 20:09:56 GMT

GET
H2 200 master-core-lite.min.js Show response
www.benefitspro.com/assets/master-template/js/release/ 31 KB
12 KB 76ms
35ms Script
application/javascript 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/release/master-core-lite.min.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

547f2fe170e82e23fa050bbe83fb7e8eeb72b0dd297c882aee9af3f46f023956

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 7854
x-cache: HIT 1
backend: templates_newlaw_director
cf-request-id: 089628d5bb00002b4ddf28e000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"31294-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 629d4402c87c2b4d-FRA
x-vnode: 21
expires: Wed, 03 Mar 2021 00:09:56 GMT

GET
H2 200 ad-scroll-v2.min.js Show response
www.benefitspro.com/assets/master-template/js/release/ 2 KB
678 B 411ms
370ms Script
application/javascript 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/release/ad-scroll-v2.min.js?2021-03-02-15

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3232ce8d7fb10f3f28283e607fcfd2d84cf0eb186519b2a0644b84bd17dc2b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 27
backend: templates_newlaw_director
cf-request-id: 089628d5bb00002b4d94b77000000001
cteonnt-length: 1617
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1617-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 629d4402c87f2b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:57 GMT

GET
H2 200 river-load-more-pg.min.js Show response
www.benefitspro.com/assets/master-template/js/release/ 4 KB
1 KB 446ms
405ms Script
application/javascript 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/js/release/river-load-more-pg.min.js?2021-03-02-15

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 2
backend: templates_newlaw_director
cf-request-id: 089628d5c200002b4dd7132000000001
cteonnt-length: 4031
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4031-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 629d4402c8802b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:57 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 446 B
620 B 269ms
77ms Script
text/html 52.212.194.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1646148425&tf=Id8O-DxRgoC-xFQTS-CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C2%2C2%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-lOp7GCdMacolamJ2DVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&os=&qp=00000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&pcode=almheader466656885399&callback=MoatNadoAllJsonpRequest_6523894
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.194.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-194-196.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 7981ee0bc2720fff266e8355726984deb89c9fa801b30d1903c812f398127835

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "1c7166a7fb84296aa61c229a5112821405eb07e6"
content-length: 446
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 96ms
54ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1614715796803&de=473792433799&d=ALM_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=01dda15-clean&iw=76ee2b5&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=benefitspro.com&bd=benefitspro.com&ac=1&bq=11&f=0&na=1531146967&cs=0
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Mar 2021 20:09:56 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 121 KB
33 KB 198ms
57ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8f05ae16a0f9ef87d76bb4b1b0b5218ccd8c2b15ba60a75c354b61fcbea99207

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 17:49:45 GMT
server: AkamaiNetStorage
etag: "2e0176b03d4bed4e3645dc96672f6832:1614620985.332544"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 33320
expires: Tue, 02 Mar 2021 20:14:57 GMT

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 47ms
46ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 333f609f6ebbf0eddc459a9fae475427382064d5
date: Tue, 02 Mar 2021 20:09:56 GMT
content-encoding: gzip
age: 469
x-cache: HIT
content-length: 1068
x-served-by: cache-hhn4032-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: B27A:A124:1E4C80:1F00C1:603E9294
x-timer: S1614715797.943672,VS0,VE0
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Tue, 02 Mar 2021 19:41:32 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 8

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
729 B 49ms
49ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 88565e3f0f1829e25948478e9e3424ab8a3b7218
date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
age: 71
x-cache: HIT
content-length: 479
x-served-by: cache-hhn4032-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: BD7A:68B6:45039:4C411:6036F82D
x-timer: S1614715797.065436,VS0,VE0
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 25 Feb 2021 01:10:26 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 3

GET
H/1.1 200
OK dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Show response
s.dpmsrv.com/ 342 KB
51 KB 216ms
76ms Script
application/x-javascript 65.9.58.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1191049bde29a917914bf622ee8fd9127ae6b334e5eb9a06f49e99ee727f478

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 21:10:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Mar 2021 21:10:22 GMT
Server: AmazonS3
Age: 82759
ETag: "d72591bc1f0bc44d9737fbe8f3eb8bba"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 51484
X-Amz-Cf-Id: CrVXbwTxZB5BO7XVLFx1mhHrVccI2p9ZTSAADlcUYydDQXxLX4Iv7Q==

GET
H2 200 markets.min.css Show response
www.benefitspro.com/assets/master-template/css/release/ 328 KB
45 KB 381ms
380ms XHR
text/css 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com/assets/master-template/css/release/markets.min.css?2021-03-02-15

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/master-core-lite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d901c0df0666d0ebe00231b25eef17879e714a2cf29d2f57bde706ac040e324b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 6
backend: templates_newlaw_director
cf-request-id: 089628d67800002b4db38ec000000001
cteonnt-length: 335677
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"335677-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 629d4403fac22b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:57 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1614715797157
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1614715797157

362 B
1 KB

69ms
68ms

XHR
application/json

52.17.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1614715797157

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.73.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-73-77.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c6b857abd457ad8b2cc55c4fc5f1a29e27eb5ed979f08e24f32082a38d226628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0aaba09ea.edge-irl1.demdex.com 5.80.6.20210202104731 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: hdlngcqSQKo=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 298
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.benefitspro.com
X-TID: TAMTn4wuQq0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1614715797157
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 utag.94.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 44 KB
15 KB 67ms
66ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.94.js?utv=ut4.39.202102211617
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c1ed60895f330d39c23375e17f26ed3d051e6d401f084b8fad926ade60b8ae8

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Sun, 21 Feb 2021 16:17:58 GMT
server: AkamaiNetStorage
etag: "6c2b1069634c66426526028cf2c1a38a:1613924277.992605"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 15119
expires: Wed, 17 Mar 2021 20:09:57 GMT

GET
H2 200 utag.26.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 55ms
55ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202009291521
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ad66282196417c4be6122180d7df5f4791ac8771b45be060e314a2062f4afdf7

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 15:21:22 GMT
server: AkamaiNetStorage
etag: "d73b75d9c05533ec4cb46dbbf75d286b:1601392882.777636"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1513
expires: Wed, 17 Mar 2021 20:09:57 GMT

GET
H2 200 utag.78.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 109 KB
35 KB 75ms
75ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.39.202103011749
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 58a9f9a5cae4e7aa57717cefe966f85a4a59c791a77605475af04a6eef934176

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 17:49:44 GMT
server: AkamaiNetStorage
etag: "6e7ea1b198da88d192dd43d7e4133e43:1614620984.0778"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 35057
expires: Wed, 17 Mar 2021 20:09:57 GMT

GET
H2 200 utag.32.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 55ms
55ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.32.js?utv=ut4.39.201909121652
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:56 GMT
server: AkamaiNetStorage
etag: "fb390697366796015697c0162fac7588:1592861216.366485"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1448
expires: Wed, 17 Mar 2021 20:09:57 GMT

GET
H2 200 utag.39.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 64ms
64ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2016 19:05:16 GMT
server: AkamaiNetStorage
etag: "19f5cfea9207d9078058ad07886d8356:1472583916"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 953
expires: Wed, 17 Mar 2021 20:09:57 GMT

GET
H2 200 utag.101.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 13 KB
4 KB 65ms
65ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 300908cbcb84903590648db1851fcb3c493af3aaab47d4109e0a9f8394e06fd7

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:53 GMT
server: AkamaiNetStorage
etag: "d92cbafa99067935fba25cba6e9bcb91:1592861213.763276"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4339
expires: Wed, 17 Mar 2021 20:09:57 GMT

GET
H2 200 utag.112.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 64ms
64ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.39.202005192159
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Tue, 19 May 2020 21:59:32 GMT
server: AkamaiNetStorage
etag: "237667acf6557ccb2652f9af3e9f82a8:1589925572.725309"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1014
expires: Wed, 17 Mar 2021 20:09:57 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 27ms
6ms Script
application/x-javascript 2600:9000:206f:6400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202009291521
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 18:13:16 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 02:03:13 GMT
server: nginx
age: 7001
etag: W/"60121b61-8e23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: iYCKDlpvBCbefj_qRZSIFJIGsy_h-6-RgamXXrKw-aaR0VLkkVMOCg==
expires: Wed, 03 Mar 2021 18:13:16 GMT

GET
H2

200

i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0177f48fbe97005e0f9378f8fe8800078003407000b08&tealium_account=alm&tealium_profile=main
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0177f48fbe97005e0f9378f8fe8800078003407000b08&tealium_account=alm&tealium_profile=main&goog...
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0177f48fbe97005e0f9378f8fe8800078003407000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEMD-xkxPNQARil...

43 B
971 B

198ms
63ms

Image
image/gif

3.124.226.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0177f48fbe97005e0f9378f8fe8800078003407000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEMD-xkxPNQARilthZPGWkrc&google_cver=1
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.226.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-226-36.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:57 GMT
x-serverid: uconnect_i-0b50b213e53fc5e30
x-did: 0177f48fbe97005e0f9378f8fe8800078003407000b08
x-tid: 0177f48fbe97005e0f9378f8fe8800078003407000b08
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: alm:main:2:vdata
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-type: image/gif
x-ulver: 30713ad061dee42c94ee78c6f18febf21f29ee9d-SNAPSHOT
content-length: 43
x-uuid: 1889bec7-03a7-4198-b49d-678b8397fb14
expires: Tue, 02 Mar 2021 20:09:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0177f48fbe97005e0f9378f8fe8800078003407000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEMD-xkxPNQARilthZPGWkrc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 23 KB
9 KB 32ms
8ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
etag: "/D8P7qgiWm3WmfjhiS2eTg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 09 Mar 2021 20:09:57 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 274ms
73ms Script
application/javascript 34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?22
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3cc4d52780a21eb51474c98c4693fd91cd8d2fc583e33a16dad087809f61cdc9

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 20:09:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 17:39:24 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=77366
Connection: keep-alive
Content-Length: 12550
Expires: Wed, 03 Mar 2021 17:39:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
243 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.benefitspro.com

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.94.js?utv=ut4.39.202102211617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 pubads_impl_2019081501.js Show response
securepubads.g.doubleclick.net/gpt/ 157 KB
58 KB 164ms
58ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.94.js?utv=ut4.39.202102211617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

933b31ae725eac27028e612a8faf7088d62d64cc53fcc2d39d495d9e3842f283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Aug 2019 13:06:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59224
x-xss-protection: 0
expires: Tue, 02 Mar 2021 20:09:57 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
243 B 50ms
50ms Script
application/x-javascript 23.37.56.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202103011749&cb=1614715797267
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.56.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-56-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 22
expires: Tue, 02 Mar 2021 20:19:57 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 421ms
141ms Image
image/gif 34.207.42.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=benefitspro.com&p=%2F&u=Ctzn0xDKZktAB33bpY&d=benefitspro.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4655&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2077&t=HayEiBmc92PCCvvh4Cry7O5DUT54C&V=122&i=BenefitsPRO%3A%20Employee%20Benefits%20News%2C%20Trends%20%26%20Sales%20Tips%20%7C%20BenefitsPRO&tz=-60&sn=1&sv=DjUeu6DyQFHZCYVXjpCOluq3psdQ3&sd=1&im=067b2ef3&_
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.42.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-42-216.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 rules-p-tet4NLTPxSXJn.js Show response
rules.quantcount.com/ 3 KB
1 KB 103ms
45ms Script
application/x-javascript 2600:9000:20d7:f800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-tet4NLTPxSXJn.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:f800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2017 01:28:01 GMT
server: AmazonS3
x-amz-cf-pop: ZAG50-C1
etag: W/"f0a36155fe2ee3d6ce46f06d32dfc5df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b63f332297d95bccb0f4e41c4aef0ab1.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: Q0BUa5dVsqdbzwn_uHc1xwQa33bqwRk3IuzuFzawtL-TObPfkc5YZA==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
792 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:09:57 GMT
server: ESF
date: Tue, 02 Mar 2021 20:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Mar 2021 20:09:57 GMT

GET
H2 200 qkq4rhw.js Show response
use.typekit.net/ 19 KB
7 KB 190ms
155ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.js

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

eab94bfcd230b07377dd03ee9f8e0deea86ac3b1d34494e43a9daa6f692c5202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 02 Mar 2021 20:09:57 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7012

GET
H2 200 all.json Show response
www.benefitspro.com//paging/content/ 124 KB
19 KB 112ms
112ms XHR
application/json 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitspro.com//paging/content/all.json?id=32&limit=100&start=20

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32deb2c138b1676a6908454b1801ef130391f70bfac5680761b747158ba2fabd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.benefitspro.com/?slreturn=20210202150955
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json;charset=UTF-8
cache-control: public, max-age=14400
backend: templates_newlaw_director
cf-ray: 629d44062e242b4d-FRA
x-vnode: 27
cf-request-id: 089628d7d800002b4d82363000000001

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET /
geoip.alm.com/json/ 0
0

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D506763%26tzOffset%3D-60%26url%3Dhttps%253A%252F%252Fwww.benefitspro.c...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D506763%2526tzOffset%2...
https://a.dpmsrv.com/dpmpxl/index.php?id=1234581160655061252&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=506763&tzOffset=-60&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&_=161471579...

242 B
997 B

590ms
140ms

Script
text/javascript

34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=1234581160655061252&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=506763&tzOffset=-60&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&_=1614715797528
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-142-95.compute-1.amazonaws.com
Software: /
Resource Hash: 51b32b48dd2834d8f161c5b6325807967f73e6a55a7b4a0f33b0b231494d4457

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 218
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:09:57 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.8:80
AN-X-Request-Uuid: 798d27d5-5fb2-44e2-a030-d775596b25ed
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=1234581160655061252&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=506763&tzOffset=-60&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&_=1614715797528
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 07-employer-contributions-money.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/02/ 31 KB
31 KB 22ms
21ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/02/07-employer-contributions-money.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6362d61719a127124eaf05b311de224089876c65d19a0acfe1224ceb3d6540e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: HIT
age: 6931
cf-polished: origSize=31854, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Mon, 01 Mar 2021 22:08:53 GMT
content-length: 31297
cf-request-id: 089628d86c00002b4dd41a4000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "10a10f9-7c6e-5bc80dd0b218b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d44071fd12b4d-FRA
x-vnode: 21
expires: Wed, 03 Mar 2021 00:09:57 GMT

GET
H2 200 Healthcare-Costs-Article-202007281740.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2020/07/ 85 KB
85 KB 370ms
369ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2020/07/Healthcare-Costs-Article-202007281740.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd8e7d239802c20d9aaebe7a1366bc11eab1d1310e295375fe0f41c02183c546

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=jpeg, origSize=102537
x-cache: HIT 6
backend: contribsreimg_prod_director
content-disposition: inline; filename="Healthcare-Costs-Article-202007281740.webp"
content-length: 86718
cf-request-id: 089628d86d00002b4da6b9b000000001
last-modified: Tue, 28 Jul 2020 21:40:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "855e89-19089-5ab874b884d4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 03 Mar 2021 00:09:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d44071fd52b4d-FRA
x-vnode: 21
cf-bgj: imgq:100,h2pri

GET
H2 200 PaidLeave.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2019/03/ 44 KB
44 KB 13ms
12ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2019/03/PaidLeave.jpg

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88401fdd953fb9b79ea9acfbafadf7becd2c5934a54eeedfe4e82169c32850f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: HIT
age: 5980
cf-polished: origSize=45397, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
last-modified: Wed, 06 Mar 2019 22:02:12 GMT
content-length: 45084
cf-request-id: 089628d86e00002b4df3aba000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d763b-b155-5837424599d51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d44071fd92b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:57 GMT

GET
H2 200 05-hype-robo-technology.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/03/ 10 KB
11 KB 369ms
369ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/03/05-hype-robo-technology.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a944f315f19be02492bf8dee5e10fc19340474b0ea5f894f339fe43ae59f456

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: MISS
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 10270
cf-request-id: 089628d86f00002b4ddb0eb000000001
last-modified: Tue, 02 Mar 2021 19:41:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "11a1cec-281e-5bc92ec6771ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44071fe12b4d-FRA
x-vnode: 28
expires: Wed, 03 Mar 2021 00:09:57 GMT

GET
H2 200 green-hsa-card.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/03/ 13 KB
13 KB 375ms
374ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/03/green-hsa-card.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47eec74e03d32f736a7712c63ef2fba24fa8bf27e32d42455d3a3366768d69f4

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: MISS
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 13132
cf-request-id: 089628d86f00002b4de8307000000001
last-modified: Tue, 02 Mar 2021 18:06:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "11a0616-334c-5bc919880d01a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44071fe32b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:57 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.benefitspro.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 09:18:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 384663
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 09:18:54 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.benefitspro.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 93265
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:15:32 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.benefitspro.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 433711
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:26 GMT

GET
H/1.1 200
OK Cookie set dest5.html Show response
alm.demdex.net/ Frame 4B15 7 KB
3 KB 275ms
68ms Document
text/html 52.208.225.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.225.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-225-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: alm.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.benefitspro.com/?slreturn=20210202150955
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=47868995846565577133644298701196842549
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 11 Feb 2021 14:59:47 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=47868995846565577133644298701196842549;Path=/;Domain=.demdex.net;Expires=Sun, 29-Aug-2021 20:09:57 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: k5AKl2RoRps=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
b.law.com/ 48 B
509 B 225ms
60ms XHR
application/x-javascript 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.law.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=54895006477272537134383060519882676341&ts=1614715797629

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

acf1c5f96a65087430a8279e927dc6dcaa6dd90a9fd11abbd28775feda1a8bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5955cb7dcf-rp7mb
vary: Origin
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YD6blQAAADcaWCkN
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=47868995846565577133644298701196842549
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YD6blQAAADcaWCkN

42 B
915 B

65ms
65ms

Image
image/gif

52.17.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YD6blQAAADcaWCkN

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.73.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-73-77.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-046698346.edge-irl1.demdex.com 5.80.6.20210202104731 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Xa0qoDL9QnM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YD6blQAAADcaWCkN
Date: Tue, 02 Mar 2021 20:09:57 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 pixel;r=743709615;labels=ALM%20Insurance.Benefits%20Pro;rf=0;uht=2;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955;fpan=1;fpa=P0-1751066377-1614715797632;ns=0...
pixel.quantserve.com/ 35 B
371 B 11ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=743709615;labels=ALM%20Insurance.Benefits%20Pro;rf=0;uht=2;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955;fpan=1;fpa=P0-1751066377-1614715797632;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=benefitspro.com;je=0;sr=1600x1200x24;dst=1;et=1614715797631;tzo=-60;ogl=type.website%2Ctitle.BenefitsPRO%3A%20Employee%20Benefits%20News%252C%20Trends%20%26%20Sales%20Tips%20%7C%20BenefitsPRO%2Csite_name.BenefitsPRO%2Curl.https%3A%2F%2Fwww%252Ebenefitspro%252Ecom%2F%2Cimage.%2F%2Fimages%252Ebenefitspro%252Ecom%2Fmedia%2Fmaster-template%2Fsocial-share-logos%2Fsocial-share-b%2Cdescription.BenefitsPRO%252Ecom%20is%20the%20leading%20source%20of%20employee%20benefits%20news%252C%20trends%252C%20opinion

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
246 B 519ms
127ms XHR
application/json 88.214.207.207
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.214.207.207 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
270 B 72ms
23ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:56 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 200 adreq Show response
ads.servenobid.com/ 206 B
441 B 214ms
69ms XHR
application/json 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9572
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 484ed7a98c91dc00b55fea65cc9be99a62caf1cd4941efd361dc90d9de5aa2c5

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.benefitspro.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
744 B 93ms
53ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:09:57 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid: 74b8419a-abea-46a9-a981-e81b6589e176
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
246 B 510ms
128ms XHR
application/json 88.214.207.207
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.214.207.207 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 B
270 B 74ms
24ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:56 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 200 adreq Show response
ads.servenobid.com/ 206 B
441 B 209ms
69ms XHR
application/json 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10744
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 484ed7a98c91dc00b55fea65cc9be99a62caf1cd4941efd361dc90d9de5aa2c5

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.benefitspro.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
743 B 140ms
51ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:09:57 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.59:80
AN-X-Request-Uuid: e61e935d-773c-4650-be57-dfba6cac3e6a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 206 B
441 B 204ms
69ms XHR
application/json 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=7180
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 484ed7a98c91dc00b55fea65cc9be99a62caf1cd4941efd361dc90d9de5aa2c5

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.benefitspro.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 2 B
270 B 72ms
23ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:56 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
744 B 155ms
55ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:09:57 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.180:80
AN-X-Request-Uuid: beb0b68f-c575-43da-923f-58930f2acc85
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
246 B 516ms
137ms XHR
application/json 88.214.207.207
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.214.207.207 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
246 B 507ms
129ms XHR
application/json 88.214.207.207
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.214.207.207 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 200 adreq Show response
ads.servenobid.com/ 206 B
451 B 198ms
68ms XHR
application/json 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=7354
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 484ed7a98c91dc00b55fea65cc9be99a62caf1cd4941efd361dc90d9de5aa2c5

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.benefitspro.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
744 B 167ms
71ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:09:57 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.234:80
AN-X-Request-Uuid: c7476715-201f-4388-bc76-d7be86f057a2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
270 B 73ms
23ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:56 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
244 B 155ms
102ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

435faf0889dacbfbfb8bce6658239f25480b329a09b6ba8268a43c595d90aafc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_rendering_2019081501.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
25 KB 115ms
73ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019081501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

b4c82cd1a7be83bf80ba5fba38e1a1687d3766bfc012a46e71a1bbd8bc3eb7d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Aug 2019 13:06:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25233
x-xss-protection: 0
expires: Tue, 02 Mar 2021 20:09:57 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 128ms
100ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

419d1ac6bf284bb6ce32ba1265427efd418bbdbc7e0bee2babc3c48fb9f39e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2701
x-xss-protection: 0
google-lineitem-id: 4598631072
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138226959158
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
258 B 101ms
93ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

fc4727a062a4f5536f572bc595822e6c894c8d041af49e5952b8e31f40c4a8ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
589 B 80ms
80ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ac0b1aeb55f43ad6eba45dbeec04d6544c3a072cc12f3a044f60c51f0a9fed75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
253 B 82ms
82ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b73c6b780727e1d0424a7dc44af81088c3034b02e5b52f118fd264d7d4a776d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
251 B 86ms
86ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2a04c2730b40dd67549ee75f16cce1e3d7d7d6155bdf9dea401a70f100a80785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
255 B 76ms
75ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

0306c18cbd0044eccb749b193f5ed42ba8935c088f79f6da36e5ed1fcd8da476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
250 B 78ms
78ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4068640430925984&correlator=1145749048730274&output=ldjh&callback=googletag.impl.pubads.callbackProxy11&impl=fifs&json_a=1&eid=21062833%2C21064368%2C21064102&vrg=2019081501&guci=2.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20210302&iu_parts=21665826759%2Cbenefitspro%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&prev_scp=position%3Des_logo_pushdown&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1614715797&dt=1614715797822&dlt=1614715796555&idt=1082&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3638061094&ucis=f&ifi=15&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&dssz=46&icsg=211930866922303&mso=32&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=1600x6588&msz=150x31&blev=1&bisch=1&ga_vid=1225397438.1614715798&ga_sid=1614715798&ga_hid=278373593&fws=128&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

843c1e5f3ae31552e3e6ee92834b6b6e4f36928c376deb603d93ffde5669b0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
256 B 76ms
76ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7aa9bcd77cde64d815c74a7bc2e22404db244960bad110dfc3368d92d763e586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 223
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
251 B 79ms
78ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

bea2c4ef34b2e29e9b8cbb174c8af18ae4f88b6beffe61f41ca0b4214aa4e488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s04844834735272
b.law.com/b/ss/almbpro,almglobal/1/JS-1.6/ 43 B
222 B 62ms
61ms Image
image/gif 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.law.com/b/ss/almbpro,almglobal/1/JS-1.6/s04844834735272?AQB=1&ndh=1&pf=1&t=2%2F2%2F2021%2021%3A9%3A57%202%20-60&mid=54895006477272537134383060519882676341&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=bpro%3Ahome&g=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&cc=USD&ch=bpro%3Ahome&server=bpro&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v24=bpro&c30=home&v30=D%3Dc30&c40=16&c41=3%3A00pm&v41=D%3Dc41&c42=tuesday&v42=D%3Dc42&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
x-content-type-options: nosniff
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 03 Mar 2021 20:09:57 GMT
server: jag
xserver: anedge-5955cb7dcf-pw8dp
etag: 3467575771532787712-4621937701314154837
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 01 Mar 2021 20:09:57 GMT

GET
H2 200 nav-icon-sign-in-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 240 B
449 B 39ms
38ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 704
cf-polished: origFmt=png, origSize=3131
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 240
cf-request-id: 089628d9a200002b4ded330000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"3131-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d44090b282b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:57 GMT

GET
H2 200 arrow-open.png
www.benefitspro.com/assets/master-template/images/market-images/ 134 B
424 B 19ms
18ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/arrow-open.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 704
cf-polished: origFmt=png, origSize=2986
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="arrow-open.webp"
cf-bgj: imgq:100,h2pri
content-length: 134
cf-request-id: 089628d9a200002b4dfe3bd000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"2986-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d44090b292b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:57 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 67ms
67ms Script
application/javascript 34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&pv=1614715797932_q2sq332bg&bl=en-us&cb=1003877&return=&ht=&d=&dc=&si=1614715797932_q2sq332bg&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:09:57 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 36ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33656

GET
H2 200 l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 33 KB
33 KB 48ms
18ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 943c47e42eff83d25675ef352e488d2e3aaf8c8af0f019a78d21339836a1f065

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
server: nginx
etag: "0373618e2db17cca6330e4b11556968310f08eb7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33856

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 40ms
11ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 32 KB
32 KB 36ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
server: nginx
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32380

GET
H2 200 l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ 32 KB
33 KB 66ms
37ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
server: nginx
etag: "b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33180

GET
H2 200 l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 19 KB
19 KB 152ms
123ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 36c9fc6051d4a3d870934f3f78edcc4acaeb2b289453123baaccceaf125f4456

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
server: nginx
etag: "5cf72d8979177145b3e27e04c6afd6f60bee7a35"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19272

GET
H2 200 l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 19 KB
19 KB 70ms
41ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 46a69b88df8dce5def5cf781098b96c0748ed4359bfe4e7e9047b4606ba91184

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
server: nginx
etag: "70dc2d1e85f8b46c0851a31b57494c0bdb743209"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19068

GET
H2 200 l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 18 KB
18 KB 40ms
12ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 94ff1886b75337d9ecd8fd6c1ea51aee392e6013ac927b81a01fa62d7b79d08b

Request headers

Origin: https://www.benefitspro.com
Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
server: nginx
etag: "fa20d38ca87af1153085d9146b698f2bb93b7223"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 18468

GET
H2 200 money-rules-laws-fiduciary.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/02/ 19 KB
19 KB 459ms
457ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/02/money-rules-laws-fiduciary.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

012d0c64819924312107f6b87b10fe19d9e530862cccdabcfdfeeebf0180b56c

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
cf-cache-status: MISS
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 19197
cf-request-id: 089628d9d700002b4df9324000000001
last-modified: Fri, 26 Feb 2021 16:56:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "10a10d0-4afd-5bc402786e242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44095bbc2b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:58 GMT

GET
H2 200 02-dollar-money-medical-health-care.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/02/ 16 KB
16 KB 17ms
16ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/02/02-dollar-money-medical-health-care.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e664b2e6e726a513565cc9f775143f55f92a3a6eb61b7026fa49cde77dcf238

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: HIT
age: 5975
cf-polished: origSize=17840, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 16495
cf-request-id: 089628d9db00002b4dab3cd000000001
last-modified: Fri, 26 Feb 2021 16:45:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "10a10ce-45b0-5bc3fffcd3c4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:57 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44095bbe2b4d-FRA
x-vnode: 21
cf-bgj: imgq:100,h2pri

GET
H2 200 Business-loss-Article-202011121631.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2020/11/ 8 KB
8 KB 12ms
11ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2020/11/Business-loss-Article-202011121631.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f65c6ce5ab2d48ac6df269b9e62ee03cd929c357dec8c3dfc2590a39be44e44

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: HIT
age: 5978
cf-polished: origSize=8313, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 7709
cf-request-id: 089628d9d800002b4dff158000000001
last-modified: Fri, 26 Feb 2021 16:00:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d81089-2079-5bc3f5cab3af5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:57 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44095bc12b4d-FRA
x-vnode: 21
cf-bgj: imgq:100,h2pri

GET
H2 200 Data-security-Article-202007222050.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2020/07/ 6 KB
6 KB 14ms
13ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2020/07/Data-security-Article-202007222050.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b33a1f8a41b1c9eebdf7f5e67bdf51335e10a82523590816ef2ba892088ffbc

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: HIT
age: 5975
cf-polished: origSize=6314, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 5756
cf-request-id: 089628d9e200002b4dd9277000000001
last-modified: Wed, 23 Dec 2020 15:03:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "840599-18aa-5b722ffda665c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:57 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44096bd82b4d-FRA
x-vnode: 21
cf-bgj: imgq:100,h2pri

GET
H2 200 DrugSpendingShutterstock.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2020/02/ 9 KB
9 KB 13ms
12ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2020/02/DrugSpendingShutterstock.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8182715bda092b0d347f4994cf2661a956724e4ba5512bffe4ae0351855062d6

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: HIT
age: 5974
cf-polished: origSize=9550, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 8934
cf-request-id: 089628d9e200002b4d999a3000000001
last-modified: Fri, 20 Mar 2020 14:18:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7ddbfb-254e-5a149f403c6a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:57 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44096bdb2b4d-FRA
x-vnode: 27
cf-bgj: imgq:100,h2pri

GET
H2 200 healthCareDiagnostics-1.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2018/12/ 13 KB
14 KB 13ms
13ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2018/12/healthCareDiagnostics-1.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8035fb392745a641b99c825e5fae8fcc95b3fbd84d8a71879f46506dbe231119

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:57 GMT
cf-cache-status: HIT
age: 5977
cf-polished: origSize=13952, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 13159
cf-request-id: 089628d9e300002b4d9e8f4000000001
last-modified: Mon, 26 Aug 2019 15:18:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6d8752-3680-59106ac30a62c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:57 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44096be02b4d-FRA
x-vnode: 27
cf-bgj: imgq:100,h2pri

GET
H2 200 woman-virtual-meeting-online.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2020/11/ 11 KB
12 KB 20ms
18ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2020/11/woman-virtual-meeting-online.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2a4eab4937097402dcc55d7926f03a0631f3e3107eeb38e4c039849801e26e

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
cf-cache-status: HIT
age: 5978
cf-polished: origSize=12291, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 11593
cf-request-id: 089628d9e800002b4dab3ce000000001
last-modified: Wed, 11 Nov 2020 13:39:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d80dcd-3003-5b3d4ed7aa838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:58 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44097bec2b4d-FRA
x-vnode: 27
cf-bgj: imgq:100,h2pri

GET
H2 200 Vector-of-Coronavirus-Article-202005221353.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2020/05/ 11 KB
12 KB 17ms
16ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2020/05/Vector-of-Coronavirus-Article-202005221353.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5cfe7cbc5ac38d2afa001030f6cc285d1f79058ac750ac910ab6e1a476fe66a

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
cf-cache-status: HIT
age: 5977
cf-polished: origSize=12518, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 11753
cf-request-id: 089628d9e800002b4d8ea19000000001
last-modified: Thu, 28 May 2020 14:14:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8361b1-30e6-5a6b5f0bba363"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:57 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44097bee2b4d-FRA
x-vnode: 27
cf-bgj: imgq:100,h2pri

GET
H2 200 Drugs.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2018/04/ 15 KB
15 KB 18ms
16ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2018/04/Drugs.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e26d28ee2081b3a2fe478a03e4d49604256379a889fd195088d7a6551e1a2ad

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
cf-cache-status: HIT
age: 5977
cf-polished: origSize=16540, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 15362
cf-request-id: 089628d9f400002b4dc6b8f000000001
last-modified: Thu, 21 Mar 2019 02:43:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e56ac-409c-58491b32c7ba3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:58 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44098c1a2b4d-FRA
x-vnode: 21
cf-bgj: imgq:100,h2pri

GET
H2 200 new-product-roundup-globe.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/02/ 6 KB
6 KB 18ms
17ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/02/new-product-roundup-globe.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e163d9c5442d117b0fe92474f7724208091d09f146a9e7e872b72edf78e6d570

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
cf-cache-status: HIT
age: 5978
cf-polished: origSize=6868, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 6228
cf-request-id: 089628d9f300002b4da5332000000001
last-modified: Thu, 25 Feb 2021 23:30:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "10a10c8-1ad4-5bc3188f6ef16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:58 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d44098c1c2b4d-FRA
x-vnode: 27
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 0C0F 7 KB
4 KB 27ms
13ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb4e3c5ec8da50521db4145040e7e7e141c1b0d9fc03d40b4cb5b3d0d1a91364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.benefitspro.com/?slreturn=20210202150955
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3491
date: Wed, 24 Feb 2021 13:47:55 GMT
expires: Thu, 24 Feb 2022 13:47:55 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 541323
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602243598683"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Tue, 02 Mar 2021 20:09:58 GMT

GET
H2 200 06-young-employees-escalator.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2019/10/ 16 KB
17 KB 471ms
471ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2019/10/06-young-employees-escalator.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd2fcfda57a30312571ea7848d78f1417b201d930f8ecf2ddda937c64726773

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
cf-cache-status: MISS
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 16395
cf-request-id: 089628da6a00002b4dd9284000000001
last-modified: Tue, 02 Mar 2021 15:56:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "704dc2-400b-5bc8fc7790191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d440a4d8e2b4d-FRA
x-vnode: 21
expires: Wed, 03 Mar 2021 00:09:58 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
182 B 21ms
6ms Image
image/gif 2a02:26f0:6c00:285::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=qkq4rhw&ht=tk&h=www.benefitspro.com&f=139.169.175.5474.25136.14541.14546.14548&a=702529&js=1.20.0&app=typekit&e=js&_=1614715798166
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:285::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
last-modified: Wed, 02 Sep 2020 00:55:11 GMT
server: nginx
etag: "5f4eed6f-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-35/js/ Frame 0C0F 25 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/js/ext.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4064b00bf5906ba8f528ef2785db8737adf0ffbf2452b0c81398d0c5be71e039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 05:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398327
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8539
x-xss-protection: 0
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 05:31:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C0F 107 KB
33 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Tue, 02 Mar 2021 20:09:58 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 0C0F 297 KB
101 KB 80ms
80ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1b676ab5137dd53fb543c752bb93e097bd3428d5c35af3040e8bf8930aef6362

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 18:24:13 GMT
server: AmazonS3
x-amz-request-id: 3AAX4P0NFMV9WSYV
etag: "b13533cf80737a6a16c9e547465d903b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=58481
accept-ranges: bytes
content-length: 102641
x-amz-id-2: zeqLjAHWXZh7+mmEvffVVyD2NnSnt66QkJm3S6x66LrKy4IMhKSjKuON1tV5k8GMkOIROmNG4Wo=

POST
H2 200 adreq Show response
ads.servenobid.com/ 206 B
450 B 68ms
68ms XHR
application/json 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=4243
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 484ed7a98c91dc00b55fea65cc9be99a62caf1cd4941efd361dc90d9de5aa2c5

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.benefitspro.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
897 B 57ms
57ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:09:58 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.6:80
AN-X-Request-Uuid: 8916073c-41a8-497b-b875-f0b102731289
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.benefitspro.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
246 B 127ms
127ms XHR
application/json 88.214.207.207
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.214.207.207 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 B
270 B 24ms
24ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.benefitspro.com
Date: Tue, 02 Mar 2021 20:09:57 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 754ms
753ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4068640430925984&correlator=1145749048730274&output=ldjh&callback=googletag.impl.pubads.callbackProxy15&impl=fifs&json_a=1&eid=21062833%2C21064368%2C21064102&vrg=2019081501&guci=2.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20210302&iu_parts=21665826759%2Cbenefitspro%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Dtop&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie=ID%3Dff2502e8f18ceddc%3AT%3D1614715797%3AS%3DALNI_MYNpXJ4yLQw0i5eVsH_3rjSdxMy-Q&cookie_enabled=1&bc=31&abxe=1&lmt=1614715798&dt=1614715798202&dlt=1614715796555&idt=1082&frm=20&biw=1600&bih=1200&oid=3&adxs=230&adys=623&adks=2374663990&ucis=l&ifi=21&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&dssz=47&icsg=211930866922303&mso=32&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=1170x130&msz=1140x90&blev=1&bisch=1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8d5EylDfTky7qHo6h89KgV10140_5vkjKsJIlD0ovES7FFWcpD0fVH3vouWXniw6uIUBJji6PnPDRsNZLaMiOCdA%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1225397438.1614715798&ga_sid=1614715798&ga_hid=278373593&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1a1c0dac3c389aa695f2e5b91cd8b396acc9894315eac254d797f514bf7daa39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11163
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 336 B
170 B 1022ms
1021ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4068640430925984&correlator=1145749048730274&output=ldjh&callback=googletag.impl.pubads.callbackProxy17&impl=fifs&json_a=1&eid=21062833%2C21064368%2C21064102&vrg=2019081501&guci=2.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20210302&iu_parts=21665826759%2Cbenefitspro%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3Dmiddle1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie=ID%3Dff2502e8f18ceddc%3AT%3D1614715797%3AS%3DALNI_MYNpXJ4yLQw0i5eVsH_3rjSdxMy-Q&cookie_enabled=1&bc=31&abxe=1&lmt=1614715798&dt=1614715798224&dlt=1614715796555&idt=1082&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=1192&adks=2389933584&ucis=n&ifi=23&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&dssz=47&icsg=211930866922303&mso=32&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&blev=1&bisch=1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8d5EylDfTky7qHo6h89KgV10140_5vkjKsJIlD0ovES7FFWcpD0fVH3vouWXniw6uIUBJji6PnPDRsNZLaMiOCdA%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1225397438.1614715798&ga_sid=1614715798&ga_hid=278373593&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8175c58878a49b2e0f0e553ba8871ff5755aea874fa47ac6edaadc783e4e3c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 336 B
169 B 1155ms
1155ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4068640430925984&correlator=1145749048730274&output=ldjh&callback=googletag.impl.pubads.callbackProxy18&impl=fifs&json_a=1&eid=21062833%2C21064368%2C21064102&vrg=2019081501&guci=2.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20210302&iu_parts=21665826759%2Cbenefitspro%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3Dmiddle&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie=ID%3Dff2502e8f18ceddc%3AT%3D1614715797%3AS%3DALNI_MYNpXJ4yLQw0i5eVsH_3rjSdxMy-Q&cookie_enabled=1&bc=31&abxe=1&lmt=1614715798&dt=1614715798243&dlt=1614715796555&idt=1082&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=733&adks=621869612&ucis=p&ifi=25&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&dssz=47&icsg=211930866922303&mso=32&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&blev=1&bisch=1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8d5EylDfTky7qHo6h89KgV10140_5vkjKsJIlD0ovES7FFWcpD0fVH3vouWXniw6uIUBJji6PnPDRsNZLaMiOCdA%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1225397438.1614715798&ga_sid=1614715798&ga_hid=278373593&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e4946cffdc22b21106cd64f99c5a1d001d59b745659b4ffb723aa04e8222808a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.benefitspro.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0C0F 0
0 82ms
81ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxI900lj6WGeOak5PFsXsOArl6DOwTtoWwN93mm3LGJGgORuu86ADscnJzGgENJbIadPBD4PoQ_GKPdZCpKlt8pASGZtW6vJHhzQDDo8HWzc-D3-STW-Sy0IrJTb2d-zm09ylz72UN3bfvzf42Rv_GWrtXP9ZQSuebAQ2xLjS3H-2g2oKjaI_AY4CjDkNDI9XuxqjiYQIuVxiU0qQk1xliwK7hjTiTnZ-OUNe_j_HH09pDrNcloDmiX9BqoS5yoZus9XmFHIGlZO8bQNB1qaFO-9sVHoDcvpVp3NZlW3vKSo7NFEela9-mpPL8&sig=Cg0ArKJSzAw0ri3s5AitEAE&urlfix=1&adurl=

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 20:09:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 smart_benefitspro.epl Show response
www.dianomi.com/ Frame 7B9D 5 KB
2 KB 237ms
122ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3821ba89b97c6b9e87e6fec83fd5a7bac9a02875598c00d728bf895e1bc0da2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smart_benefitspro.epl?id=3426&url=https%3A//tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6f064e615dba4fe612dcff8173e56e861614715798; expires=Thu, 01-Apr-21 20:09:58 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=60; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/1972/61.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 089628db9100004c8cf41c0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 629d440c1c134c8c-AMS
content-encoding: br
cf-h2-pushed: </img/a/pss/1972/61.css>

GET
DATA 200
OK truncated
/ Frame 0C0F 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4317150775184d7f83e6efb05dc17dbea771ddbe4faba1f5f492c8c6cce64841

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0C0F 0
0 141ms
88ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGRlt5pnd5k1SzIAXvbIP6ToNeB6kK9_l5MYOz2p2fhdu6QvYWWvMUTCwIlPGMPLq_cZo5_c-X6ha5l7Cc1mayhvvC0EA8DKF8Kxb7rZ6KzjBaU8m8aqUIcOeVFZNgbyX9rhqAeqL_fZNjqFoyPsrqhJghBILPFpgq0ySOqyb1EYv9McnwIwJArPhu1strSPzCNzgm85pdxE_niBgt0rByLhdrxFpdWSSELpTwRFyvpo0-fEK68F6hwb8_-iK0a7DUGVKX6I0JJTFUR16dNsE6bD8NmGe_qJE8li0B3DzIiCyoJQcYIJwoYvKrXfY&sig=Cg0ArKJSzMQp4TrbbdiMEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 20:09:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 02 Mar 2021 20:09:58 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ Frame 0C0F 28 KB
13 KB 73ms
73ms Script
application/javascript 34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?222021
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almdfp680616975594/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3cc4d52780a21eb51474c98c4693fd91cd8d2fc583e33a16dad087809f61cdc9

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 20:09:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 11:57:15 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=56837
Connection: keep-alive
Content-Length: 12550
Expires: Wed, 03 Mar 2021 11:57:15 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 0C0F 128 B
302 B 77ms
75ms Script
text/html 52.212.194.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=1078484734&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1646148425&tf=Id8O-DxRgoC-xFQTS-CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-1cQ31u7Cex5YkrqdycYLLo%2BX1UC%2FyeTy8j%2F4uhjkxPYPVB9OTwGYDFJZ&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=450&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=ALMDFP1&hp=1&pxm=1&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.benefitspro.com&lp=https%3A%2F%2Fwww.benefitspro.com&t=1614715798344&de=257280417920&m=0&ar=aebf41e-clean&iw=82104a3&q=2&cb=0&ym=0&cu=1614715798344&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=4523117267%3A2258748177%3A4598631072%3A138226959158&zMoatMData=1&zMoatTopic=-&zMoatPS=d_right_rail&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=benefitspro.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&id=0&ii=3&bo=21664827602&bd=21683638891&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683638891&zMoatDomain=benefitspro.com&zMoatSubdomain=benefitspro.com&dfp=0%2C1&la=21683638891&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&tz=d_right_rail&iq=na&tt=na&tu=1&fs=189020&na=570305991&cs=0&callback=MoatDataJsonpRequest_49247710
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almdfp680616975594/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.194.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-194-196.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: c17fdaad5812bbe09392344ff867c218be6cfdae827182ea4d73c4cb3037f7f2

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "b897e5fbe206b77b32e313407a95c50058208dca"
content-length: 128
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0C0F 43 B
260 B 54ms
53ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&pxm=1&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.benefitspro.com&lp=https%3A%2F%2Fwww.benefitspro.com&t=1614715798344&de=257280417920&m=0&ar=aebf41e-clean&iw=82104a3&q=3&cb=0&ym=0&cu=1614715798344&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=4523117267%3A2258748177%3A4598631072%3A138226959158&zMoatMData=1&zMoatTopic=-&zMoatPS=d_right_rail&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=benefitspro.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&id=0&ii=3&bo=21664827602&bd=21683638891&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683638891&zMoatDomain=benefitspro.com&zMoatSubdomain=benefitspro.com&dfp=0%2C1&la=21683638891&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&tz=d_right_rail&iq=na&tt=na&tu=1&fs=189020&na=250044362&cs=0
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Mar 2021 20:09:58 GMT

GET
H2 200 61.css
www.dianomi.com/img/a/pss/1972/ Frame 7B9D 2 KB
1 KB 30ms
0ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/1972/61.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 775841
cf-polished: origSize=2947
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Feb 2021 06:51:48 GMT
server: cloudflare
etag: W/"b83-5baf5d645f452"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Fri, 02 Apr 2021 06:09:58 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 089628dbd400004c8c433a6000000001
cf-ray: 629d440c8d644c8c-AMS
cf-bgj: minify

GET
H2 200 Ufe3LcCoyKoAADivRIsAAAAC.png
www.dianomi.com/img/uploads/ Frame 7B9D 1 KB
1 KB 66ms
66ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smart_benefitspro.epl?id=3426&url=https%3A//tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 514054
cf-polished: origFmt=png, origSize=2126
content-disposition: inline; filename="Ufe3LcCoyKoAADivRIsAAAAC.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 1026
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Aug 2020 14:28:40 GMT
server: cloudflare
etag: "84e-5acc31ee827fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 02 Apr 2021 06:09:58 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 089628dc3100004c8c4d8c4000000001
accept-ranges: bytes
cf-ray: 629d440d1f064c8c-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1234581160655061252&pixelIndex=0&_=1614715797529
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1234581160655061252&pixelIndex=0&_=1614715797529&google_gid=CAESEHjN5Qo2gw3SWDHtAKfDdOY&google_cver=1

0
598 B

140ms
140ms

Script
text/javascript

34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1234581160655061252&pixelIndex=0&_=1614715797529&google_gid=CAESEHjN5Qo2gw3SWDHtAKfDdOY&google_cver=1
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-142-95.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1234581160655061252&pixelIndex=0&_=1614715797529&google_gid=CAESEHjN5Qo2gw3SWDHtAKfDdOY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
66 B 159ms
57ms Image
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1234581160655061252
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 nav-icon-sign-in-white.png
www.benefitspro.com/assets/master-template/images/market-images/ 240 B
408 B 19ms
19ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 705
cf-polished: origFmt=png, origSize=3131
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 240
cf-request-id: 089628dd4a00002b4dd71b4000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"3131-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d440ede102b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:58 GMT

GET
H2 200 arrow-open.png
www.benefitspro.com/assets/master-template/images/market-images/ 134 B
402 B 16ms
15ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitspro.com/assets/master-template/images/market-images/arrow-open.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 705
cf-polished: origFmt=png, origSize=2986
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="arrow-open.webp"
cf-bgj: imgq:100,h2pri
content-length: 134
cf-request-id: 089628dd4a00002b4dc6bd2000000001
last-modified: Fri, 26 Feb 2021 21:28:26 GMT
server: cloudflare
etag: W/"2986-1614374906000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 629d440ede112b4d-FRA
x-vnode: 27
expires: Wed, 03 Mar 2021 00:09:58 GMT

GET
H2 200 05-hype-robo-technology.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/03/ 10 KB
10 KB 366ms
365ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/03/05-hype-robo-technology.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a944f315f19be02492bf8dee5e10fc19340474b0ea5f894f339fe43ae59f456

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:59 GMT
cf-cache-status: MISS
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 10270
cf-request-id: 089628dd4b00002b4df79c7000000001
last-modified: Tue, 02 Mar 2021 19:41:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "11a1cec-281e-5bc92ec6771ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d440ede132b4d-FRA
x-vnode: 21
expires: Wed, 03 Mar 2021 00:09:59 GMT

GET
H2 200 green-hsa-card.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/03/ 12 KB
12 KB 13ms
12ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/03/green-hsa-card.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9d269863be3027b66a01567739fb543948f37e3f083659350e7e5783ac2e94

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=13132, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 11917
cf-request-id: 089628dd4b00002b4daca9a000000001
last-modified: Tue, 02 Mar 2021 18:06:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "11a0616-334c-5bc919880d01a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:58 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d440ede152b4d-FRA
x-vnode: 27
cf-bgj: imgq:100,h2pri

GET
H2 200 06-young-employees-escalator.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2019/10/ 15 KB
15 KB 14ms
13ms Image
image/jpeg 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2019/10/06-young-employees-escalator.jpg?profile=river-small

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f443ebb93b3859ec09bd563f08a59739850bcb06267c0d17373757e939b037

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:09:58 GMT
cf-cache-status: HIT
age: 0
cf-polished: origSize=16395, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 15396
cf-request-id: 089628dd4b00002b4df3b0e000000001
last-modified: Tue, 02 Mar 2021 15:56:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "704dc2-400b-5bc8fc7790191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 03 Mar 2021 00:09:58 GMT
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 629d440ede162b4d-FRA
x-vnode: 21
cf-bgj: imgq:100,h2pri

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0C0F 43 B
260 B 53ms
53ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&pxm=1&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fwww.dianomi.com%2Fsmart_benefitspro.epl%3Fid%3D3426%26url%3Dhttps%253A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-35%2Fhtml%2Fcontainer.html&i=ALMDFP1&ol=1078484734&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1646148425&tf=Id8O-DxRgoC-xFQTS-CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-1cQ31u7Cex5YkrqdycYLLo%2BX1UC%2FyeTy8j%2F4uhjkxPYPVB9OTwGYDFJZ&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=450&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=450&w=300&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.benefitspro.com&lp=https%3A%2F%2Fwww.benefitspro.com&t=1614715798344&de=257280417920&cu=1614715798344&m=570&ar=aebf41e-clean&iw=82104a3&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=454&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=140&cd=0&ah=140&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2258748177%3A4598631072%3A138226959158&bo=21664827602&bd=21683638891&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683638891&zMoatDomain=benefitspro.com&zMoatSubdomain=benefitspro.com&dfp=0%2C1&la=21683638891&zMoatMData=1&zMoatTopic=-&zMoatPS=d_right_rail&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=benefitspro.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_right_rail&iq=na&tt=na&tu=1&tc=0&fs=189020&na=94573767&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Mar 2021 20:09:58 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/042011201932000/ 20 KB
7 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6472e6da151b368c12e45ef0fe84152f62e2fc56de1e82c1527f679b98e67fda

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 506864
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7286
x-xss-protection: 0
server: sffe
date: Wed, 24 Feb 2021 23:22:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1c816ec4bc2916c1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 23:22:14 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/042011201932000/ Frame D24B 187 KB
53 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e41d274d84180bb88caadfcf7aeb7bd7c186c11ee50aca6596727cbc2134f14

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 258532
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53568
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 20:21:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "edf1e7003a59fb72"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 20:21:06 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/042011201932000/v0/ Frame D24B 13 KB
5 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23420576b21bcc177885d26d7c92ea2aec52a82fe0ae33eea54524404c186469

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307563
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 06:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "132e0756afd6b3f5"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 06:43:55 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/042011201932000/v0/ Frame D24B 90 KB
28 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81fb18f0aec660394554e70ac7168c0561a3885ebb2dea308c50dd1af48d1eaf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 366926
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27748
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 14:14:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "731f3d04177aadff"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 14:14:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/042011201932000/v0/ Frame D24B 3 KB
1 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcf470918cdf64149fce46d045b601f5d393bc28d0662aa9791738a790da186e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 376571
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1362
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 11:33:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe70e509a46329f5"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:33:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/042011201932000/v0/ Frame D24B 41 KB
13 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73bd86f3cb0add00357e8ae2f1305ef8afd47d9fbc9fc57287c6c3e11a4470d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 376572
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13037
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 11:33:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08fb34764e14c346"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:33:46 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame D24B 4 KB
1 KB 35ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019081501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:08:12 GMT
server: ESF
date: Tue, 02 Mar 2021 20:09:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Mar 2021 20:09:58 GMT

GET
DATA 200
OK truncated
/ Frame D24B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c414e0a23a1130f8205f172cc056b936f3673896c61bebbbd5655102c70034e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D24B 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 42421
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D24B 295 B
510 B 6ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 74707
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 02 Mar 2021 23:24:51 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D24B 0
0 80ms
79ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFUfLlps-YKLkD7OhlQeZh4eQCPCV_p5fy4aRxrUL2tkeEAEgm_Tta2Dp5MmF2BqgAei-negDyAEB4AIAqAMByAMKqgTdAU_QVzW1wW7O5bCXsGOUKo4OA2Fevt1ihLrIS6P5bAtFcrQC2Qe8u_S23UPe0L7tPYWIUNeGneUDdHXILDeHUjG8o7gB-KaLyZAavbkJWA8DBHkKEui8KuqABQBEUGnwxmygPC-fl3pNLogj1O-MvLYtDjUfwDZLGLZTJeHZLLF9qQGNTtFf-3pPM2KVPTocG_0BLDOOUklspda4pGf3VBfxpXm7_9rlyTA3umfUSkXAtYRlF5ZoHnniCn8b6Ji6rrhnv1QrTQ-IE_1Vzbq5PN8cCLASUfZqjyGf8gfgwASA-sa7gALgBAGSBQQIBBgBkgUECAUYBIAHgMHiF6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCo1yTSCAkIgOGAcBABGB2ACgPICwHYEw2IFAOyFxoKGAgAEhRwdWItMTI2MTk5MjQ0NDgwMzg3NQ&sigh=WR893Ta8unw&tpd=AGWhJmtY6btFV435XYi6vxQcS3Ul4CjqCPCXgmBuc3pZZ6GHPw
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 283ms
283ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALM_HEADER1&hp=1&zMoatAdUnit1=benefitspro&zMoatAdUnit2=home&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1614715796803&de=574523199851&rx=390510484092&m=0&ar=01dda15-clean&iw=76ee2b5&q=1&cb=0&cu=1614715796803&ll=2&lm=0&ln=0&em=0&en=0&d=4525440395%3A2480285401%3A5003105952%3A138270684736&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&id=1&ii=4&bo=benefitspro&bd=home&gw=almheader466656885399&fd=1&ac=1&it=500&pe=1%3A-%3A-%3A0%3A0&fs=188112&na=1890456490&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Mar 2021 20:09:59 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D24B 11 KB
11 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.benefitspro.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 381053
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 10:19:06 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D24B 11 KB
11 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.benefitspro.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 403881
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 03:58:38 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D24B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/?slreturn=20210202150955
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 02 Mar 2021 20:09:59 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
446 B 57ms
38ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&r=300x250%7C300x600&w=300&h=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D24B 42 B
479 B 67ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswaL_faP7BWGN5swDbtYLoFOzBVu3PgQM_cdwtMiJBXsX6oaESLGVcql3lyM2WjUygIhPQjpj0CXxtD7RtOv324qPM939VFPJFjJ5OO4_fk9ea6Oij21pu5SiUnw&sai=AMfl-YRgKLyrK_8Y9t2UF-o21OD6mb9VieyRjjlFqUc5TVrKFekAWtlIeRo_UU0KuPMUcBkwyBxjWvHheA6hxj_hkdRYv19pdLyjHPL_-1A7NEFMbaK4WbrmWkm4OqeP&sig=Cg0ArKJSzD1dbvAz1Ik3EAE&cid=CAASPeRo4l-0HCKwjPbudS3Q_eLG9G9T2WMW5hk5xMl5RI0EX6cnLPI7S9uPX_FkknroEIn6zwy8e_c4NCqI9bc&id=ampim&o=315,623&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=121&tls=1122&g=100&h=100&tt=1122&r=v&avms=ampa&adk=2374663990

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8DE6 995 B
1 KB 156ms
50ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.benefitspro.com/?slreturn=20210202150955
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 02 Mar 2021 20:10:01 GMT
Age: 25973141
X-Served-By: cache-lga21948-LGA, cache-hhn4045-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 595074
X-Timer: S1614715801.349263,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 5A99 5 KB
2 KB 36ms
8ms Document
text/html 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1bf0f793f957d7a8a82b636c8fd8bb9d828db1dc0b701c9e93b69f7ee760e26

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.benefitspro.com/?slreturn=20210202150955
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Thu, 11 Feb 2021 00:16:53 GMT
accept-ranges: bytes
etag: "174fe5e69b1c2039a37a15a7de1d23c5"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: vQwCYENZRjmK/Kns47SXQ/BZ7nv0yp61Mk8HGT4YnhkY0+kvpaYEkvk8uhgdC2tIArKNQw3PcJ4=
x-amz-request-id: HV0DYGHT5SX4SZ6G
x-azure-ref-originshield: 0kRQ+YAAAAAAIoqMNzGu7TJW6eyVrgArfTE9OMjFFREdFMDExMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0mZs+YAAAAABxVpZ3NIFaRr8wdkGfKTidRlJBRURHRTEwMTcAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Tue, 02 Mar 2021 20:10:00 GMT

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame AB29 5 KB
2 KB 37ms
10ms Document
text/html 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1bf0f793f957d7a8a82b636c8fd8bb9d828db1dc0b701c9e93b69f7ee760e26

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.benefitspro.com/?slreturn=20210202150955
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Thu, 11 Feb 2021 00:16:53 GMT
accept-ranges: bytes
etag: "174fe5e69b1c2039a37a15a7de1d23c5"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: vQwCYENZRjmK/Kns47SXQ/BZ7nv0yp61Mk8HGT4YnhkY0+kvpaYEkvk8uhgdC2tIArKNQw3PcJ4=
x-amz-request-id: HV0DYGHT5SX4SZ6G
x-azure-ref-originshield: 0kRQ+YAAAAAAIoqMNzGu7TJW6eyVrgArfTE9OMjFFREdFMDExMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0mZs+YAAAAACdQ3k7ZHHoQZzljZCgtF8+RlJBRURHRTEwMTcAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Tue, 02 Mar 2021 20:10:00 GMT

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 5768 5 KB
2 KB 34ms
8ms Document
text/html 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1bf0f793f957d7a8a82b636c8fd8bb9d828db1dc0b701c9e93b69f7ee760e26

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.benefitspro.com/?slreturn=20210202150955
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Thu, 11 Feb 2021 00:16:53 GMT
accept-ranges: bytes
etag: "174fe5e69b1c2039a37a15a7de1d23c5"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: vQwCYENZRjmK/Kns47SXQ/BZ7nv0yp61Mk8HGT4YnhkY0+kvpaYEkvk8uhgdC2tIArKNQw3PcJ4=
x-amz-request-id: HV0DYGHT5SX4SZ6G
x-azure-ref-originshield: 0kRQ+YAAAAAAIoqMNzGu7TJW6eyVrgArfTE9OMjFFREdFMDExMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0mZs+YAAAAAAT0ndecAE4TJsS6y49GLJLRlJBRURHRTEwMTcAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Tue, 02 Mar 2021 20:10:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 1ED1 995 B
1 KB 155ms
50ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.benefitspro.com/?slreturn=20210202150955
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 02 Mar 2021 20:10:01 GMT
Age: 25973141
X-Served-By: cache-lga21948-LGA, cache-hhn4051-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 1320051
X-Timer: S1614715801.354470,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame B95E 5 KB
2 KB 33ms
9ms Document
text/html 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1bf0f793f957d7a8a82b636c8fd8bb9d828db1dc0b701c9e93b69f7ee760e26

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.benefitspro.com/?slreturn=20210202150955
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Thu, 11 Feb 2021 00:16:53 GMT
accept-ranges: bytes
etag: "174fe5e69b1c2039a37a15a7de1d23c5"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: vQwCYENZRjmK/Kns47SXQ/BZ7nv0yp61Mk8HGT4YnhkY0+kvpaYEkvk8uhgdC2tIArKNQw3PcJ4=
x-amz-request-id: HV0DYGHT5SX4SZ6G
x-azure-ref-originshield: 0kRQ+YAAAAAAIoqMNzGu7TJW6eyVrgArfTE9OMjFFREdFMDExMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0mZs+YAAAAACJl9QHJbQLR4w23R4o2oclRlJBRURHRTEwMTcAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Tue, 02 Mar 2021 20:10:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9F89 995 B
1 KB 158ms
54ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.benefitspro.com/?slreturn=20210202150955
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 02 Mar 2021 20:10:01 GMT
Age: 25973142
X-Served-By: cache-lga21948-LGA, cache-hhn4020-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 3034415
X-Timer: S1614715801.356182,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 6E86 995 B
1 KB 159ms
54ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.benefitspro.com/?slreturn=20210202150955
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 02 Mar 2021 20:10:01 GMT
Age: 25973141
X-Served-By: cache-lga21948-LGA, cache-hhn4040-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 3000167
X-Timer: S1614715801.357995,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 30F1 5 KB
2 KB 30ms
9ms Document
text/html 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1bf0f793f957d7a8a82b636c8fd8bb9d828db1dc0b701c9e93b69f7ee760e26

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.benefitspro.com/?slreturn=20210202150955
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Thu, 11 Feb 2021 00:16:53 GMT
accept-ranges: bytes
etag: "174fe5e69b1c2039a37a15a7de1d23c5"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: vQwCYENZRjmK/Kns47SXQ/BZ7nv0yp61Mk8HGT4YnhkY0+kvpaYEkvk8uhgdC2tIArKNQw3PcJ4=
x-amz-request-id: HV0DYGHT5SX4SZ6G
x-azure-ref-originshield: 0kRQ+YAAAAAAIoqMNzGu7TJW6eyVrgArfTE9OMjFFREdFMDExMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0mZs+YAAAAAA6OT+enauPQbcSBX+cKN0qRlJBRURHRTEwMTcAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Tue, 02 Mar 2021 20:10:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame F37B 995 B
1 KB 161ms
55ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.benefitspro.com
URL: https://www.benefitspro.com/assets/master-template/js/prebid/benefitspro.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.benefitspro.com/?slreturn=20210202150955
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.benefitspro.com/?slreturn=20210202150955

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 02 Mar 2021 20:10:01 GMT
Age: 25973141
X-Served-By: cache-lga21948-LGA, cache-hhn4024-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 1339151
X-Timer: S1614715801.360068,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

hms.gif
sync.colossusssp.com/
Redirect Chain

https://colossusssp.com/?c=o&m=cookie
https://sync.colossusssp.com/hms.gif?puid=59fb43608a7cacd67b48cc196a11a0aecbbf387d

42 B
648 B

392ms
132ms

Image
image/gif

88.214.193.99
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.colossusssp.com/hms.gif?puid=59fb43608a7cacd67b48cc196a11a0aecbbf387d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.214.193.99 , United Kingdom, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0

Redirect headers

Location: https://sync.colossusssp.com/hms.gif?puid=59fb43608a7cacd67b48cc196a11a0aecbbf387d
Date: Tue, 02 Mar 2021 20:10:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 04AD 3 KB
1 KB 214ms
71ms Document
text/html 52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 81ced3555ed8707bc46d5b05ce23b5309a0e7b4ed7a7803185209c069657884f

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_9c4e7844-bcba-4ba3-85dc-54946e003e5c; Domain=.gumgum.com; Expires=Wed, 02-Mar-2022 20:10:01 GMT; Path=/; Secure; SameSite=None
etag: W/"061e87a6837d2a55fda0b6bb29554368c"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame DF12 0
0 445ms
145ms Document
text/plain 208.100.17.178
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D439%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D439%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

x-33x-status: 2000208
server: 33XP002
date: Tue, 02 Mar 2021 20:10:00 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 2B56 2 KB
818 B 165ms
53ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D1258%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D1258%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

sync
ads.servenobid.com/ Frame 5768
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D10140%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D10140%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&cbimg=10140&uid=8979720418151428282

0
285 B

67ms
67ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&cbimg=10140&uid=8979720418151428282
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: ddc12bc9-dd96-4e71-b298-f05b781ab607
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&cbimg=10140&uid=8979720418151428282
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 5768
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D10339%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D10339%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&cbimg=10339&uid=562487109540c6f730e8ee39

0
289 B

67ms
67ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=10339&uid=562487109540c6f730e8ee39
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Tue, 02 Mar 2021 20:10:01 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=10339&uid=562487109540c6f730e8ee39
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 784D 3 KB
1 KB 233ms
110ms Document
text/html 52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 104c308432386a1c5168f25c1d1779da8edf886f6cae438511c7d6a3557c8830

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_681a5eda-d90f-44c1-96d8-d887268ff53c; Domain=.gumgum.com; Expires=Wed, 02-Mar-2022 20:10:01 GMT; Path=/; Secure; SameSite=None
etag: W/"07c65b68c68122d02dcbce1631b028975"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame 0CE1 0
0 425ms
145ms Document
text/plain 208.100.17.178
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D2603%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP001 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D2603%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

x-33x-status: 2000208
server: 33XP001
date: Tue, 02 Mar 2021 20:10:00 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0B8E 2 KB
818 B 145ms
54ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D10568%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D10568%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

sync
ads.servenobid.com/ Frame 5A99
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D5073%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D5073%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&cbimg=5073&uid=1897058634585796951

0
286 B

67ms
67ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&cbimg=5073&uid=1897058634585796951
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid: 1e33ecfe-a7dc-4fbf-b26a-f006c4812f89
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&cbimg=5073&uid=1897058634585796951
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 5A99
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D7619%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D7619%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&cbimg=7619&uid=a4eb2263ed72013b1a77618b

0
289 B

67ms
67ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=7619&uid=a4eb2263ed72013b1a77618b
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Tue, 02 Mar 2021 20:10:01 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=7619&uid=a4eb2263ed72013b1a77618b
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame A81A 3 KB
1 KB 191ms
71ms Document
text/html 52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 681c704e441ca66bc59ce4e02a5209d7a2983a189e106e10a4b55d37bb403476

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_e8841ab3-ee2b-4513-94ed-087278918124; Domain=.gumgum.com; Expires=Wed, 02-Mar-2022 20:10:01 GMT; Path=/; Secure; SameSite=None
etag: W/"0b80d1ff1f932ca2c7cbb1375999328db"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame 0ABB 0
0 422ms
146ms Document
text/plain 208.100.17.178
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D7014%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D7014%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

x-33x-status: 2000208
server: 33XP004
date: Tue, 02 Mar 2021 20:10:01 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 639D 2 KB
818 B 141ms
53ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D4543%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D4543%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

sync
ads.servenobid.com/ Frame 30F1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D6920%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D6920%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&cbimg=6920&uid=1936715904665070801

0
285 B

67ms
67ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&cbimg=6920&uid=1936715904665070801
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid: 45628d72-c49c-4a7a-ad0c-05312423c420
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&cbimg=6920&uid=1936715904665070801
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 30F1
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D5236%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D5236%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&cbimg=5236&uid=ce694b57b82b5c37f2d8b868

0
289 B

68ms
68ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=5236&uid=ce694b57b82b5c37f2d8b868
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Tue, 02 Mar 2021 20:10:01 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=5236&uid=ce694b57b82b5c37f2d8b868
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 7EDD 3 KB
1 KB 222ms
110ms Document
text/html 52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2febbd1c397527c728072cd2732a774971fad65c922dcf5ebfaa997b4d657936

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_ba4fb4b6-0ce8-493e-87f8-5826dfb252c2; Domain=.gumgum.com; Expires=Wed, 02-Mar-2022 20:10:01 GMT; Path=/; Secure; SameSite=None
etag: W/"0c8f2737f025c8a504a0487b9ea88412d"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame C3A0 0
0 415ms
145ms Document
text/plain 208.100.17.178
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D7930%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D7930%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

x-33x-status: 2000208
server: 33XP003
date: Tue, 02 Mar 2021 20:10:01 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame EC21 2 KB
818 B 133ms
53ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D4820%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D4820%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

sync
ads.servenobid.com/ Frame B95E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D9788%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D9788%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&cbimg=9788&uid=4569666279889786098

0
286 B

68ms
67ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&cbimg=9788&uid=4569666279889786098
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: 5ba89cec-6152-46a7-a35f-838f76ed48a2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&cbimg=9788&uid=4569666279889786098
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame B95E
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D10646%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D10646%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&cbimg=10646&uid=ce694b57b82b5c37f2d8b868

0
289 B

69ms
68ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=10646&uid=ce694b57b82b5c37f2d8b868
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Tue, 02 Mar 2021 20:10:01 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=10646&uid=ce694b57b82b5c37f2d8b868
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 2CD5 3 KB
1 KB 179ms
70ms Document
text/html 52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c8ff57e618a0f47b8293a205ab9cd2a2620fffcb9913fbb0f96bea1ef9edf83

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_836d6865-d79a-4ae8-b84d-fbaddad23b10; Domain=.gumgum.com; Expires=Wed, 02-Mar-2022 20:10:01 GMT; Path=/; Secure; SameSite=None
etag: W/"082b32c9a1465d2d0a54e584c0d1ccbfb"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame 3E73 0
0 411ms
145ms Document
text/plain 208.100.17.178
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D3996%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D3996%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

x-33x-status: 2000208
server: 33XP005
date: Tue, 02 Mar 2021 20:10:01 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 14A5 2 KB
818 B 131ms
54ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D1775%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D1775%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

sync
ads.servenobid.com/ Frame AB29
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D10459%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D10459%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&cbimg=10459&uid=918937116993929019

0
285 B

70ms
67ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&cbimg=10459&uid=918937116993929019
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid: c3f217f4-2e72-47b5-bbd1-c195b84869f6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&cbimg=10459&uid=918937116993929019
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame AB29
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D7194%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D7194%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&cbimg=7194&uid=d3ea474a843aafd9b9d3e59f

0
289 B

67ms
67ms

Image
image/avif

54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=7194&uid=d3ea474a843aafd9b9d3e59f
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:01 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Tue, 02 Mar 2021 20:10:01 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=7194&uid=d3ea474a843aafd9b9d3e59f
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 8DE6
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
816 B

53ms
52ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: 863a0633-ff6f-45f5-9c81-b6e20fd7c769
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.247:80
AN-X-Request-Uuid: b87f804c-9203-40c9-b5b9-4dbe6fc1e10d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 1ED1
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
817 B

72ms
71ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid: b2a9e930-f1cc-4436-a3e7-8ba5fbd3f1d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.36:80
AN-X-Request-Uuid: 28fde9e3-17ca-448b-b92c-cbae8fa52411
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 9F89
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
816 B

117ms
86ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: f65428f4-7c70-4b86-9144-8803bf3aa861
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.36:80
AN-X-Request-Uuid: 85e1a9e6-c172-4e19-92fc-7ddce627ee74
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 6E86
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
817 B

123ms
65ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid: 1d8f26d7-bbfb-42f5-8774-8440174f6f2c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80
AN-X-Request-Uuid: ec19eba2-e8d4-439f-867a-7e6c723fa1fb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame F37B
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
816 B

89ms
89ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid: 5cb8e85e-4389-4b77-975c-665bc1c86fac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid: ababb383-32c5-4986-8d11-b3c4203f8f50
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ Frame 0C0F 62 B
572 B 67ms
66ms Script
application/javascript 34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-35%2Fhtml%2Fcontainer.html&pv=1614715798427_ktg6ev5pd&bl=en-us&cb=6205373&return=&ht=&d=&dc=&si=1614715798427_ktg6ev5pd&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:00 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 0C0F 20 B
482 B 662ms
228ms Script
application/javascript 3.220.90.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=222021
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.90.167 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 20:10:01 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Wed, 03 Mar 2021 20:10:02 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2CD5
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=5311399952946282678

35 B
237 B

3305ms
142ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=5311399952946282678
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80
AN-X-Request-Uuid: 1b5fc41d-bf44-45b6-88e8-f480040c7c2e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=5311399952946282678
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2CD5
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_836d6865-d79a-4ae8-b84d-fbaddad23b10&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_836d6865-d79a-4ae8-b84d-fbaddad23b10&gdpr=0&gdpr_consent=&us_privacy=1---
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6267f274-9385-439b-abac-7fb519c7ace1
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6267f274-9385-439b-abac-7fb519c7ace1
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=524a5bf6-973b-4705-b06f-4c760f1c1eab&user_group=1&ssp=gumgum2&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1
https://rtb.gumgum.com/usersync?b=bsw&i=6267f274-9385-439b-abac-7fb519c7ace1

35 B
237 B

2404ms
141ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=6267f274-9385-439b-abac-7fb519c7ace1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=6267f274-9385-439b-abac-7fb519c7ace1
date: Tue, 02 Mar 2021 20:10:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

syncUser
sync.outbrain.com/ Frame 2CD5
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28yDfI4Lh3mXlVmKK0ACjA8Byy2r9Wy8nOPig47YC9tayKo4fdgOdYTEvesLoSiTvQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_681a5eda-d90f-44c1-96d8-d887268ff53c&obuid=ENC(yDfI4Lh3mXlVmKK0ACjA8Byy2r9Wy8nOPig47YC9tayKo4fdgOdYTEvesLoSiTvQ)

0
120 B

4271ms
132ms

Image
text/plain

64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_681a5eda-d90f-44c1-96d8-d887268ff53c&obuid=ENC(yDfI4Lh3mXlVmKK0ACjA8Byy2r9Wy8nOPig47YC9tayKo4fdgOdYTEvesLoSiTvQ)
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-TraceId: c65f41594353ad5bc3a1b20cfcf88fa2
Date: Tue, 02 Mar 2021 20:10:09 GMT
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_681a5eda-d90f-44c1-96d8-d887268ff53c&obuid=ENC(yDfI4Lh3mXlVmKK0ACjA8Byy2r9Wy8nOPig47YC9tayKo4fdgOdYTEvesLoSiTvQ)
date: Tue, 02 Mar 2021 20:10:04 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2CD5
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=c04fa12d-99e7-4289-84cd-8abbf41c6cfe

35 B
237 B

3132ms
141ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=c04fa12d-99e7-4289-84cd-8abbf41c6cfe
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=c04fa12d-99e7-4289-84cd-8abbf41c6cfe
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2CD5
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-213b9f40-0180-40ed-4480-652b67945986$ip$194.99.105.99

35 B
237 B

2821ms
133ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-213b9f40-0180-40ed-4480-652b67945986$ip$194.99.105.99
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-213b9f40-0180-40ed-4480-652b67945986$ip$194.99.105.99
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2CD5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-ZmZ6cTJ1lxDDAn6tP38Pzjy6dTw_IQAVwrCK

35 B
237 B

3293ms
142ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-ZmZ6cTJ1lxDDAn6tP38Pzjy6dTw_IQAVwrCK
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-ZmZ6cTJ1lxDDAn6tP38Pzjy6dTw_IQAVwrCK
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2CD5
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=45c2b81f-7b93-11eb-accc-c7b3cde757ee

35 B
237 B

2316ms
136ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=45c2b81f-7b93-11eb-accc-c7b3cde757ee
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=45c2b81f-7b93-11eb-accc-c7b3cde757ee
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 45c2b820-7b93-11eb-accc-c7b3cde757ee

GET
H2 204 services
sync.technoratimedia.com/ Frame 2CD5 0
381 B 913ms
138ms Image
text/plain 150.136.25.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 535573530
access-control-allow-origin: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2CD5
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_836d6865-d79a-4ae8-b84d-fbaddad23b10&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=yByqVkG0F-6sC_24ZwV2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26KCPFYVM22HGBDC2NTTINPTENC2O5LDEJTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=yByqVkG0F-6sC_24ZwV2&us_privacy=1---

35 B
237 B

1679ms
138ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=yByqVkG0F-6sC_24ZwV2&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:03 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=yByqVkG0F-6sC_24ZwV2&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2CD5
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

35 B
237 B

2669ms
135ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 2CD5
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=SeZeGL01vYvj&ev=1&pid=558355

35 B
237 B

2076ms
131ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=SeZeGL01vYvj&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=SeZeGL01vYvj&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-qfwbq
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame 2CD5 0
300 B 77ms
67ms Image
image/avif 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=1354&uid=e_836d6865-d79a-4ae8-b84d-fbaddad23b10
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:05 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1509
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=2220603e-9b9c-4a00-b504-72363b22b6e4&gdpr=0&gdpr_consent=

35 B
237 B

117ms
117ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=2220603e-9b9c-4a00-b504-72363b22b6e4&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=2220603e-9b9c-4a00-b504-72363b22b6e4&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 02 Mar 2021 20:10:00 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
set-cookie: uuid=2220603e-9b9c-4a00-b504-72363b22b6e4; domain=.mathtag.com; path=/; expires=Wed, 30-Mar-2022 20:10:04 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=2220603e-9b9c-4a00-b504-72363b22b6e4&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3578 d17206f master zrh-pixel-x26
Expires: Tue, 02 Mar 2021 20:09:59 GMT

GET
H2

200

URnmbSKM Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 0113
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKd3wCzr

85 B
161 B

49ms
49ms

Document
image/png

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKd3wCzr
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.3.8.v20160314) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKd3wCzr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YD6bmgAAAH84U1LS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Response headers

content-type: image/png
server: Jetty(9.3.8.v20160314)
accept-ranges: bytes
date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
age: 2231
x-served-by: cache-hhn4029-HHN
x-cache: HIT
x-cache-hits: 18617
x-timer: S1614715803.598280,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85

Redirect headers

p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YD6bmgAAAKd3wCzr;Path=/;Domain=.everesttech.net;Expires=Wed, 02-Mar-2022 20:10:02 GMT;SameSite=None;Secure
location: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKd3wCzr
server: Jetty(9.3.8.v20160314)
accept-ranges: bytes
date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
x-served-by: cache-hhn4029-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1614715802.449654,VS0,VE97
cache-control: no-cache
pragma: no-cache

GET
H3-Q050

200

pixel Show response
cm.g.doubleclick.net/ Frame F24C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MzZkNjg2NS1kNzlhLTRhZTgtYjg0ZC1mYmFkZGFkMjNiMTA=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MzZkNjg2NS1kNzlhLTRhZTgtYjg0ZC1mYmFkZGFkMjNiMTA=&gdpr=0&gdpr_consent=&google_tc=

170 B
190 B

60ms
59ms

Document
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MzZkNjg2NS1kNzlhLTRhZTgtYjg0ZC1mYmFkZGFkMjNiMTA=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV84MzZkNjg2NS1kNzlhLTRhZTgtYjg0ZC1mYmFkZGFkMjNiMTA=&gdpr=0&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Response headers

content-type: image/png
date: Tue, 02 Mar 2021 20:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MzZkNjg2NS1kNzlhLTRhZTgtYjg0ZC1mYmFkZGFkMjNiMTA=&gdpr=0&gdpr_consent=&google_tc=
date: Tue, 02 Mar 2021 20:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 364
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 20:25:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4F06 8 KB
3 KB 1164ms
54ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=33598
Expires: Wed, 03 Mar 2021 05:30:00 GMT
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 3016
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803

35 B
237 B

1074ms
128ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:03 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=0b077ac3-eb08-4830-b046-fb88be21e490; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjQ0szcvPCuORAFOAE.; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 7965 0
0 2328ms
58ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Response headers

content-type: text/html
date: Tue, 02 Mar 2021 20:10:03 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 4F8A
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ygcAAAAA

35 B
237 B

347ms
128ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ygcAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YD6bnMCo5swAAOa1ygcAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Tue, 02 Mar 2021 20:10:04 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ygcAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 83
X-SO-HostName: m-ad245.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":53,"gdpr":true,"ipv4":"0.0.0.0","key":"YD6bnMCo5swAAOa1ygcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad245"}
X-SO-Key: YD6bnMCo5swAAOa1ygcAAAAA
X-SO-IP: 194.99.105.99
X-SO-Cluster-ID: 53
X-SO-Upstream-ID: m-ad245

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 92FF
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002120

35 B
237 B

1906ms
127ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002120
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=2159827869016002120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwszQwNDMwMDI0MhDiM9Q1zQguCwkJ8w5wC_CX4jU0MzQxNzS1MDA2MLQAAI-cIII0AAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwszQwNDMwMDI0MhDiM9Q1zQguCwkJ8w5wC_AHADo2MKMlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhibmhqYWBsYGgBAH4JYbMQAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002120
Content-Length: 0
Server: Jetty(9.0.6.v20130930)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 3155
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

35 B
237 B

2038ms
93ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D1354%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:02 GMT Tue, 02 Mar 2021 20:10:02 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 04AD
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=890145087628412189

35 B
237 B

3300ms
143ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=890145087628412189
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.6:80
AN-X-Request-Uuid: 4a567e52-d093-4f2c-b99f-5610b93c1d50
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=890145087628412189
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 04AD
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9c4e7844-bcba-4ba3-85dc-54946e003e5c&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_9c4e7844-bcba-4ba3-85dc-54946e003e5c&gdpr=0&gdpr_consent=&us_privacy=1---
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6267f274-9385-439b-abac-7fb519c7ace1&ssp=gumgum2&gdpr=0&gdpr_consent=

43 B
324 B

1181ms
63ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6267f274-9385-439b-abac-7fb519c7ace1&ssp=gumgum2&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:03 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6267f274-9385-439b-abac-7fb519c7ace1&ssp=gumgum2&gdpr=0&gdpr_consent=
date: Tue, 02 Mar 2021 20:10:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 04AD
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28WbD2MUYtIUi1-gthVsJlMpzezNr0P0EmTLQxGrExEVMOUmvHV__TVJgBAv98ABlF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

66ms
66ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28WbD2MUYtIUi1-gthVsJlMpzezNr0P0EmTLQxGrExEVMOUmvHV__TVJgBAv98ABlF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28WbD2MUYtIUi1-gthVsJlMpzezNr0P0EmTLQxGrExEVMOUmvHV__TVJgBAv98ABlF%29
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:05 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28WbD2MUYtIUi1-gthVsJlMpzezNr0P0EmTLQxGrExEVMOUmvHV__TVJgBAv98ABlF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28WbD2MUYtIUi1-gthVsJlMpzezNr0P0EmTLQxGrExEVMOUmvHV__TVJgBAv98ABlF%29
Date: Tue, 02 Mar 2021 20:10:05 GMT
Connection: close
X-TraceId: fd54010a10bce08fe65def438769bb9b
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 04AD
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=e74ee255-e0f8-4ec0-a396-8a9eecf80d88

35 B
237 B

3125ms
134ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=e74ee255-e0f8-4ec0-a396-8a9eecf80d88
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=e74ee255-e0f8-4ec0-a396-8a9eecf80d88
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame 04AD
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-decf1c51-9071-4969-432a-c20d71437de2$ip$194.99.105.99

35 B
237 B

2761ms
133ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-decf1c51-9071-4969-432a-c20d71437de2$ip$194.99.105.99
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-decf1c51-9071-4969-432a-c20d71437de2$ip$194.99.105.99
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 04AD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-ZZqsrgB1lxDj7NvrXRSK8NrFf9ramKbK1_Ou

35 B
237 B

3294ms
143ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-ZZqsrgB1lxDj7NvrXRSK8NrFf9ramKbK1_Ou
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-ZZqsrgB1lxDj7NvrXRSK8NrFf9ramKbK1_Ou
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 04AD
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=45d889d3-7b93-11eb-867b-c7ba2f4f3b0c

35 B
237 B

2165ms
131ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=45d889d3-7b93-11eb-867b-c7ba2f4f3b0c
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=45d889d3-7b93-11eb-867b-c7ba2f4f3b0c
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 45d889d4-7b93-11eb-867b-c7ba2f4f3b0c

GET
H2 204 services
sync.technoratimedia.com/ Frame 04AD 0
382 B 903ms
137ms Image
text/plain 150.136.25.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 974520774
access-control-allow-origin: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame 04AD
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9c4e7844-bcba-4ba3-85dc-54946e003e5c&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=9r3EJWMulBTbDtE3Sh8q&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OLSGNCUUV2NOVWEEVDCIR2EKM2TNA4HCJTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=9r3EJWMulBTbDtE3Sh8q&us_privacy=1---

35 B
237 B

1546ms
139ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=9r3EJWMulBTbDtE3Sh8q&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:03 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=9r3EJWMulBTbDtE3Sh8q&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 04AD
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

35 B
237 B

2618ms
141ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 04AD
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=cpHKuED5XAFs&ev=1&pid=558355

35 B
237 B

2076ms
132ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=cpHKuED5XAFs&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=cpHKuED5XAFs&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame 04AD 0
299 B 67ms
67ms Image
image/avif 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=2887&uid=e_9c4e7844-bcba-4ba3-85dc-54946e003e5c
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:03 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame F530
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=d212603e-9b9c-4500-86e5-4a4c12c458d8&gdpr=0&gdpr_consent=

35 B
237 B

120ms
120ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=d212603e-9b9c-4500-86e5-4a4c12c458d8&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=d212603e-9b9c-4500-86e5-4a4c12c458d8&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 02 Mar 2021 20:10:00 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
set-cookie: uuid=d212603e-9b9c-4500-86e5-4a4c12c458d8; domain=.mathtag.com; path=/; expires=Wed, 30-Mar-2022 20:10:04 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=d212603e-9b9c-4500-86e5-4a4c12c458d8&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3578 d17206f master zrh-pixel-x30
Expires: Tue, 02 Mar 2021 20:09:59 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E7E9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAHUIZjoG
https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAHUIZjoG&gdpr=0&gdpr_consent=&_test=YD6bmgAAAHUIZjoG

35 B
237 B

2290ms
95ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAHUIZjoG&gdpr=0&gdpr_consent=&_test=YD6bmgAAAHUIZjoG
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YD6bmgAAAHUIZjoG&gdpr=0&gdpr_consent=&_test=YD6bmgAAAHUIZjoG
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_681a5eda-d90f-44c1-96d8-d887268ff53c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAHUIZjoG&gdpr=0&gdpr_consent=&_test=YD6bmgAAAHUIZjoG
accept-ranges: bytes
date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
x-served-by: cache-hhn4029-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1614715803.603531,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-Q050

200

pixel Show response
cm.g.doubleclick.net/ Frame C0AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YzRlNzg0NC1iY2JhLTRiYTMtODVkYy01NDk0NmUwMDNlNWM=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YzRlNzg0NC1iY2JhLTRiYTMtODVkYy01NDk0NmUwMDNlNWM=&gdpr=0&gdpr_consent=&google_tc=

170 B
190 B

59ms
59ms

Document
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YzRlNzg0NC1iY2JhLTRiYTMtODVkYy01NDk0NmUwMDNlNWM=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV85YzRlNzg0NC1iY2JhLTRiYTMtODVkYy01NDk0NmUwMDNlNWM=&gdpr=0&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Response headers

content-type: image/png
date: Tue, 02 Mar 2021 20:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YzRlNzg0NC1iY2JhLTRiYTMtODVkYy01NDk0NmUwMDNlNWM=&gdpr=0&gdpr_consent=&google_tc=
date: Tue, 02 Mar 2021 20:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 364
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 20:25:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EAFB 8 KB
3 KB 1220ms
64ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=33598
Expires: Wed, 03 Mar 2021 05:30:00 GMT
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame FBCA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803

35 B
237 B

1074ms
128ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:03 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=0b077ac3-eb08-4830-b046-fb88be21e490; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjQ0szcvPCuORAFOAE.; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 16AD 0
0 2319ms
58ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Response headers

content-type: text/html
date: Tue, 02 Mar 2021 20:10:03 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 8A26
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ynkAAAAA

35 B
237 B

65ms
65ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ynkAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YD6bnMCo5swAAOa1ynkAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Tue, 02 Mar 2021 20:10:04 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YD6bnMCo5swAAOa1ynkAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: m-ad305.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":49,"gdpr":true,"ipv4":"0.0.0.0","key":"YD6bnMCo5swAAOa1ynkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad305"}
X-SO-Key: YD6bnMCo5swAAOa1ynkAAAAA
X-SO-IP: 194.99.105.99
X-SO-Cluster-ID: 49
X-SO-Upstream-ID: m-ad305

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E374
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=875739024679720295

35 B
237 B

1851ms
127ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=875739024679720295
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=875739024679720295
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSsjA3NTe2NDAyMTO3NDcyMLI0FeIz1HV2D_FON_HMzjbJLpXiNTQzNDE3NLUwMDYwNwMA77-tsDMAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSsjA3NTe2NDAyMTO3NDcyMLI0FeIz1HV2D_FON_HMzjbJLgUAKDB7aiQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhibmhqYWBsYG4GAP-DgwIQAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=875739024679720295
Content-Length: 0
Server: Jetty(9.0.6.v20130930)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 95F1
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

35 B
237 B

2072ms
128ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2887%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:02 GMT Tue, 02 Mar 2021 20:10:02 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=7551657636941673485

35 B
237 B

3265ms
135ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=7551657636941673485
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: 962c0abd-b73c-4660-a144-df6073aeddc1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=7551657636941673485
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e8841ab3-ee2b-4513-94ed-087278918124&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e8841ab3-ee2b-4513-94ed-087278918124&gdpr=0&gdpr_consent=&us_privacy=1---
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6267f274-9385-439b-abac-7fb519c7ace1
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1
https://x.bidswitch.net/ul_cb/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1
https://rtb.gumgum.com/usersync?b=bsw&i=17fd9702-200a-40a9-811b-e42b16e75a70

35 B
237 B

1821ms
138ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=17fd9702-200a-40a9-811b-e42b16e75a70
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=17fd9702-200a-40a9-811b-e42b16e75a70
date: Tue, 02 Mar 2021 20:10:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28NnIBy1S-WwyTaxJi3PU3KveON4tBoV0Aell5-T1xKtnNox0-omlipB5EspV77atQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

66ms
66ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28NnIBy1S-WwyTaxJi3PU3KveON4tBoV0Aell5-T1xKtnNox0-omlipB5EspV77atQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28NnIBy1S-WwyTaxJi3PU3KveON4tBoV0Aell5-T1xKtnNox0-omlipB5EspV77atQ%29
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:05 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28NnIBy1S-WwyTaxJi3PU3KveON4tBoV0Aell5-T1xKtnNox0-omlipB5EspV77atQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28NnIBy1S-WwyTaxJi3PU3KveON4tBoV0Aell5-T1xKtnNox0-omlipB5EspV77atQ%29
Date: Tue, 02 Mar 2021 20:10:05 GMT
Connection: close
X-TraceId: b378327a1a3ae044f789acc4f2fb8958
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=e74ee255-e0f8-4ec0-a396-8a9eecf80d88

35 B
237 B

3124ms
133ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=e74ee255-e0f8-4ec0-a396-8a9eecf80d88
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=e74ee255-e0f8-4ec0-a396-8a9eecf80d88
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-f80d614e-133b-45ba-707c-0b0ffe6683d8$ip$194.99.105.99

35 B
237 B

2689ms
142ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-f80d614e-133b-45ba-707c-0b0ffe6683d8$ip$194.99.105.99
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-f80d614e-133b-45ba-707c-0b0ffe6683d8$ip$194.99.105.99
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-jgnZg6Z1lxD5WqaadfsYii6ho_CbYVf4oY0d

35 B
237 B

3285ms
134ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-jgnZg6Z1lxD5WqaadfsYii6ho_CbYVf4oY0d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-jgnZg6Z1lxD5WqaadfsYii6ho_CbYVf4oY0d
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=45ee83b9-7b93-11eb-a856-cdc84786539e

35 B
237 B

2032ms
138ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=45ee83b9-7b93-11eb-a856-cdc84786539e
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=45ee83b9-7b93-11eb-a856-cdc84786539e
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 45ee83ba-7b93-11eb-a856-cdc84786539e

GET
H2 204 services
sync.technoratimedia.com/ Frame A81A 0
381 B 891ms
139ms Image
text/plain 150.136.25.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 579049459
access-control-allow-origin: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e8841ab3-ee2b-4513-94ed-087278918124&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=Zyl2cY12AG2U5oUtyVZs&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WTZNQZGGWJRGJAUOMSVGVXVK5DZKZNHGJTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Zyl2cY12AG2U5oUtyVZs&us_privacy=1---

35 B
237 B

1413ms
139ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Zyl2cY12AG2U5oUtyVZs&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:03 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Zyl2cY12AG2U5oUtyVZs&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

35 B
237 B

2565ms
142ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame A81A
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=oZyjb4S1uAyM&ev=1&pid=558355

35 B
237 B

2084ms
139ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=oZyjb4S1uAyM&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=oZyjb4S1uAyM&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-s8blg
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame A81A 0
299 B 77ms
67ms Image
image/avif 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=3521&uid=e_e8841ab3-ee2b-4513-94ed-087278918124
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:05 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C6EC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=648c603e-9b9c-4e00-baab-227a86cab72c&gdpr=0&gdpr_consent=

35 B
237 B

68ms
67ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=648c603e-9b9c-4e00-baab-227a86cab72c&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=648c603e-9b9c-4e00-baab-227a86cab72c&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 02 Mar 2021 20:10:00 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
set-cookie: uuid=648c603e-9b9c-4e00-baab-227a86cab72c; domain=.mathtag.com; path=/; expires=Wed, 30-Mar-2022 20:10:04 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=648c603e-9b9c-4e00-baab-227a86cab72c&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3578 d17206f master zrh-pixel-x11
Expires: Tue, 02 Mar 2021 20:09:59 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame CDE8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAECnJCrK
https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAECnJCrK&gdpr=0&gdpr_consent=&_test=YD6bmgAAAECnJCrK

35 B
238 B

2204ms
92ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAECnJCrK&gdpr=0&gdpr_consent=&_test=YD6bmgAAAECnJCrK
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YD6bmgAAAECnJCrK&gdpr=0&gdpr_consent=&_test=YD6bmgAAAECnJCrK
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAECnJCrK&gdpr=0&gdpr_consent=&_test=YD6bmgAAAECnJCrK
accept-ranges: bytes
date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
x-served-by: cache-hhn4029-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1614715803.687776,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-Q050

200

pixel Show response
cm.g.doubleclick.net/ Frame 9E4D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg0MWFiMy1lZTJiLTQ1MTMtOTRlZC0wODcyNzg5MTgxMjQ=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg0MWFiMy1lZTJiLTQ1MTMtOTRlZC0wODcyNzg5MTgxMjQ=&gdpr=0&gdpr_consent=&google_tc=

170 B
190 B

60ms
60ms

Document
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg0MWFiMy1lZTJiLTQ1MTMtOTRlZC0wODcyNzg5MTgxMjQ=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg0MWFiMy1lZTJiLTQ1MTMtOTRlZC0wODcyNzg5MTgxMjQ=&gdpr=0&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Response headers

content-type: image/png
date: Tue, 02 Mar 2021 20:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg0MWFiMy1lZTJiLTQ1MTMtOTRlZC0wODcyNzg5MTgxMjQ=&gdpr=0&gdpr_consent=&google_tc=
date: Tue, 02 Mar 2021 20:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 364
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 20:25:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1F88 8 KB
3 KB 1294ms
86ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=33598
Expires: Wed, 03 Mar 2021 05:30:00 GMT
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 62C1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=c705da3c-c3c6-430c-94ad-73532e63621b&t=1617307803

35 B
237 B

1043ms
130ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=c705da3c-c3c6-430c-94ad-73532e63621b&t=1617307803
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=c705da3c-c3c6-430c-94ad-73532e63621b&t=1617307803
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:03 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=c705da3c-c3c6-430c-94ad-73532e63621b&t=1617307803
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=c705da3c-c3c6-430c-94ad-73532e63621b; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwj2gcLcvPCuORAFOAE.; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 77EE 0
0 2307ms
59ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Response headers

content-type: text/html
date: Tue, 02 Mar 2021 20:10:03 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 495E
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yt4AAAAA

35 B
237 B

66ms
66ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yt4AAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YD6bncCo5swAAOa1yt4AAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:05 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Tue, 02 Mar 2021 20:10:05 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yt4AAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40305.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":9,"gdpr":true,"ipv4":"0.0.0.0","key":"YD6bncCo5swAAOa1yt4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40305"}
X-SO-Key: YD6bncCo5swAAOa1yt4AAAAA
X-SO-IP: 194.99.105.99
X-SO-Cluster-ID: 9
X-SO-Upstream-ID: a-ad40305

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 6CB1
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002176

35 B
237 B

1796ms
129ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002176
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=2159827869016002176
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwszQwNDMwMDI0NxPiM9Q1CMgyLfPwyc3KKw6W4jU0MzQxNzS1MDA2NDYEAA5U9IU0AAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwszQwNDMwMDI0NxPiM9Q1CMgyLfPwyc3KKw4GANfnjG0lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhibmhqYWBsaGwIAG-5SfkQAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002176
Content-Length: 0
Server: Jetty(9.0.6.v20130930)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 0DF9
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

35 B
237 B

2018ms
92ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D3521%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:02 GMT Tue, 02 Mar 2021 20:10:02 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=7551657636941673485

35 B
237 B

3246ms
135ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=7551657636941673485
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid: c9d18710-eed9-48f3-ad4d-0cc16f4f4f49
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=7551657636941673485
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ba4fb4b6-0ce8-493e-87f8-5826dfb252c2&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_ba4fb4b6-0ce8-493e-87f8-5826dfb252c2&gdpr=0&gdpr_consent=&us_privacy=1---
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d96e6536-1041-46b6-ae32-4141b1adda6e&ssp=gumgum2
https://rtb.gumgum.com/usersync?b=bsw&i=6267f274-9385-439b-abac-7fb519c7ace1

35 B
237 B

2404ms
140ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=6267f274-9385-439b-abac-7fb519c7ace1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=6267f274-9385-439b-abac-7fb519c7ace1
date: Tue, 02 Mar 2021 20:10:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28QinKaOPcx_m5irHhnXh8OTf7_IxR9K-DAXq3XwApuubonUUsjDrgRhi8kfTXfspY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

66ms
66ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28QinKaOPcx_m5irHhnXh8OTf7_IxR9K-DAXq3XwApuubonUUsjDrgRhi8kfTXfspY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28QinKaOPcx_m5irHhnXh8OTf7_IxR9K-DAXq3XwApuubonUUsjDrgRhi8kfTXfspY%29
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:05 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28QinKaOPcx_m5irHhnXh8OTf7_IxR9K-DAXq3XwApuubonUUsjDrgRhi8kfTXfspY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28QinKaOPcx_m5irHhnXh8OTf7_IxR9K-DAXq3XwApuubonUUsjDrgRhi8kfTXfspY%29
Date: Tue, 02 Mar 2021 20:10:05 GMT
Connection: close
X-TraceId: a6fdf1b4df9e02ded2a25adcc615028a
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=12963e41-084d-4175-a7b6-461b47d64cc7

35 B
237 B

3122ms
132ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=12963e41-084d-4175-a7b6-461b47d64cc7
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=12963e41-084d-4175-a7b6-461b47d64cc7
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-dba092ea-8ef6-42f8-7368-ff3a452740fd$ip$194.99.105.99

35 B
237 B

2624ms
143ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-dba092ea-8ef6-42f8-7368-ff3a452740fd$ip$194.99.105.99
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-dba092ea-8ef6-42f8-7368-ff3a452740fd$ip$194.99.105.99
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-aK1GaQl1lxBNOP.G4__Pa.uJUaeMA4z7wtdy

35 B
237 B

3287ms
137ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-aK1GaQl1lxBNOP.G4__Pa.uJUaeMA4z7wtdy
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-aK1GaQl1lxBNOP.G4__Pa.uJUaeMA4z7wtdy
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=460454fe-7b93-11eb-a275-758938127a66

35 B
237 B

1887ms
139ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=460454fe-7b93-11eb-a275-758938127a66
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=460454fe-7b93-11eb-a275-758938127a66
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 460454ff-7b93-11eb-a275-758938127a66

GET
H2 204 services
sync.technoratimedia.com/ Frame 7EDD 0
381 B 863ms
138ms Image
text/plain 150.136.25.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 515058463
access-control-allow-origin: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ba4fb4b6-0ce8-493e-87f8-5826dfb252c2&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=MFX4sojOhfsnH6_NCioC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TKGLA2HG33KJ5UGM43OJA3F6TSDNFXUGJTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=MFX4sojOhfsnH6_NCioC&us_privacy=1---

35 B
237 B

1278ms
137ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=MFX4sojOhfsnH6_NCioC&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:03 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=MFX4sojOhfsnH6_NCioC&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

35 B
237 B

2505ms
143ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 7EDD
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=w0o8poOsTgJp&ev=1&pid=558355

35 B
237 B

2074ms
129ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=w0o8poOsTgJp&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=w0o8poOsTgJp&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-mdw86
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame 7EDD 0
299 B 79ms
68ms Image
image/avif 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=8727&uid=e_ba4fb4b6-0ce8-493e-87f8-5826dfb252c2
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:05 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 5A96
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=3382603e-9b9c-4700-92bb-b3bc1ef460cb&gdpr=0&gdpr_consent=

35 B
237 B

66ms
66ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=3382603e-9b9c-4700-92bb-b3bc1ef460cb&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=3382603e-9b9c-4700-92bb-b3bc1ef460cb&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 02 Mar 2021 20:10:00 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
set-cookie: uuid=3382603e-9b9c-4700-92bb-b3bc1ef460cb; domain=.mathtag.com; path=/; expires=Wed, 30-Mar-2022 20:10:04 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=3382603e-9b9c-4700-92bb-b3bc1ef460cb&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3578 d17206f master zrh-pixel-x28
Expires: Tue, 02 Mar 2021 20:09:59 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2EA7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAH84U1LS
https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAH84U1LS&gdpr=0&gdpr_consent=&_test=YD6bmgAAAH84U1LS

35 B
237 B

2332ms
132ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAH84U1LS&gdpr=0&gdpr_consent=&_test=YD6bmgAAAH84U1LS
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YD6bmgAAAH84U1LS&gdpr=0&gdpr_consent=&_test=YD6bmgAAAH84U1LS
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_681a5eda-d90f-44c1-96d8-d887268ff53c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAH84U1LS&gdpr=0&gdpr_consent=&_test=YD6bmgAAAH84U1LS
accept-ranges: bytes
date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
x-served-by: cache-hhn4029-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1614715803.598793,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-Q050

200

pixel Show response
cm.g.doubleclick.net/ Frame 63E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYTRmYjRiNi0wY2U4LTQ5M2UtODdmOC01ODI2ZGZiMjUyYzI=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYTRmYjRiNi0wY2U4LTQ5M2UtODdmOC01ODI2ZGZiMjUyYzI=&gdpr=0&gdpr_consent=&google_tc=

170 B
190 B

60ms
59ms

Document
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYTRmYjRiNi0wY2U4LTQ5M2UtODdmOC01ODI2ZGZiMjUyYzI=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9iYTRmYjRiNi0wY2U4LTQ5M2UtODdmOC01ODI2ZGZiMjUyYzI=&gdpr=0&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Response headers

content-type: image/png
date: Tue, 02 Mar 2021 20:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYTRmYjRiNi0wY2U4LTQ5M2UtODdmOC01ODI2ZGZiMjUyYzI=&gdpr=0&gdpr_consent=&google_tc=
date: Tue, 02 Mar 2021 20:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 364
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 20:25:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2FED 8 KB
3 KB 1322ms
55ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=33598
Expires: Wed, 03 Mar 2021 05:30:00 GMT
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame ECFA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803

35 B
237 B

1039ms
93ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:03 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=0b077ac3-eb08-4830-b046-fb88be21e490; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjQ0szcvPCuORAFOAE.; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 7683 0
0 2279ms
59ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Response headers

content-type: text/html
date: Tue, 02 Mar 2021 20:10:03 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame B13B
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yzEAAAAA

35 B
237 B

66ms
66ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yzEAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YD6bncCo5swAAOa1yzEAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:05 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Tue, 02 Mar 2021 20:10:05 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1yzEAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40322.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":6,"gdpr":true,"ipv4":"0.0.0.0","key":"YD6bncCo5swAAOa1yzEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40322"}
X-SO-Key: YD6bncCo5swAAOa1yzEAAAAA
X-SO-IP: 194.99.105.99
X-SO-Cluster-ID: 6
X-SO-Upstream-ID: a-ad40322

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame EBAD
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002208

35 B
237 B

1741ms
130ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002208
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=2159827869016002208
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwszQwNDMwMDIysBDiM9QtSw1xK0zOq4hKTwyU4jU0MzQxNzS1MDA2tDAHAKvEVCE0AAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwszQwNDMwMDIysBDiM9QtSw1xK0zOq4hKTwwEADghvBslAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhibmhqYWBsaGEOAJHF3vMQAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=2159827869016002208
Content-Length: 0
Server: Jetty(9.0.6.v20130930)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 5579
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

35 B
237 B

2071ms
127ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8727%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:02 GMT Tue, 02 Mar 2021 20:10:02 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=5311399952946282678

35 B
237 B

3239ms
144ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=5311399952946282678
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:01 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: 2332ef41-1eea-46f6-8095-7828fa43df8f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=5311399952946282678
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_681a5eda-d90f-44c1-96d8-d887268ff53c&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_681a5eda-d90f-44c1-96d8-d887268ff53c&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D6267f274-9385-439b-abac-7fb519c7ace1
https://x.bidswitch.net/sync?dsp_id=80&user_id=924b603e-9b9c-4b00-b340-13e84a3ac1d8&expires=30&ssp=gumgum2&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=924b603e-9b9c-4b00-b340-13e84a3ac1d8&expires=30&ssp=gumgum2&bsw_param=6267f274-9385-439b-abac-7fb519c7ace1
https://rtb.gumgum.com/usersync?b=bsw&i=949d32f8-ba16-474b-8d25-58040a83c5d8

35 B
237 B

66ms
65ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=949d32f8-ba16-474b-8d25-58040a83c5d8
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:05 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=949d32f8-ba16-474b-8d25-58040a83c5d8
date: Tue, 02 Mar 2021 20:10:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28b-JYsnquMCSyfxYNczAH16GSMsO7Vq1wl_rz2f4gUewpRnQWYdp2oRE7MNA1RDOS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

66ms
65ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28b-JYsnquMCSyfxYNczAH16GSMsO7Vq1wl_rz2f4gUewpRnQWYdp2oRE7MNA1RDOS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28b-JYsnquMCSyfxYNczAH16GSMsO7Vq1wl_rz2f4gUewpRnQWYdp2oRE7MNA1RDOS%29
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:09 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28b-JYsnquMCSyfxYNczAH16GSMsO7Vq1wl_rz2f4gUewpRnQWYdp2oRE7MNA1RDOS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28b-JYsnquMCSyfxYNczAH16GSMsO7Vq1wl_rz2f4gUewpRnQWYdp2oRE7MNA1RDOS%29
Date: Tue, 02 Mar 2021 20:10:09 GMT
Connection: close
X-TraceId: a24704eac3197e606d1886370c8653be
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=11048dad-4ca1-46d4-8a8e-8fa19c68d6f7

35 B
237 B

3126ms
136ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=11048dad-4ca1-46d4-8a8e-8fa19c68d6f7
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=11048dad-4ca1-46d4-8a8e-8fa19c68d6f7
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-d5a46e0e-3e9b-40c1-5915-cad0534c6297$ip$194.99.105.99

35 B
237 B

2542ms
136ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-d5a46e0e-3e9b-40c1-5915-cad0534c6297$ip$194.99.105.99
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-d5a46e0e-3e9b-40c1-5915-cad0534c6297$ip$194.99.105.99
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-fstdCnJ1lxC6hIemnWi9yftk7uBeKK5o.BdT

35 B
237 B

3260ms
134ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-fstdCnJ1lxC6hIemnWi9yftk7uBeKK5o.BdT
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 02 Mar 2021 20:10:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-fstdCnJ1lxC6hIemnWi9yftk7uBeKK5o.BdT
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=461a4e12-7b93-11eb-9484-0b7c31e4d27e

35 B
237 B

1739ms
131ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=461a4e12-7b93-11eb-9484-0b7c31e4d27e
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=461a4e12-7b93-11eb-9484-0b7c31e4d27e
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 461a4e13-7b93-11eb-9484-0b7c31e4d27e

GET
H2 204 services
sync.technoratimedia.com/ Frame 784D 0
381 B 856ms
139ms Image
text/plain 150.136.25.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 501234562
access-control-allow-origin: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_681a5eda-d90f-44c1-96d8-d887268ff53c&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=Dh4C5X7iqwesc5kQq99i&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RDIGRBTKWBXNFYXOZLTMM2WWULRHE4WSJTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Dh4C5X7iqwesc5kQq99i&us_privacy=1---

35 B
237 B

1145ms
138ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Dh4C5X7iqwesc5kQq99i&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:03 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Dh4C5X7iqwesc5kQq99i&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

35 B
237 B

2450ms
143ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:02 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 784D
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=wXHeE2gcSZqb&ev=1&pid=558355

35 B
237 B

2082ms
137ms

Image
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=wXHeE2gcSZqb&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=wXHeE2gcSZqb&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-rv8zn
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame 784D 0
300 B 79ms
68ms Image
image/avif 54.246.70.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=9195&uid=e_681a5eda-d90f-44c1-96d8-d887268ff53c
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.70.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-70-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 20:10:05 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1A08
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=1698603e-9b9c-4b00-9a4f-01b7abcc9ad9&gdpr=0&gdpr_consent=

35 B
237 B

67ms
66ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=1698603e-9b9c-4b00-9a4f-01b7abcc9ad9&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=1698603e-9b9c-4b00-9a4f-01b7abcc9ad9&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:05 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 02 Mar 2021 20:10:00 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
set-cookie: uuid=1698603e-9b9c-4b00-9a4f-01b7abcc9ad9; domain=.mathtag.com; path=/; expires=Wed, 30-Mar-2022 20:10:04 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=1698603e-9b9c-4b00-9a4f-01b7abcc9ad9&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3578 d17206f master zrh-pixel-x12
Expires: Tue, 02 Mar 2021 20:09:59 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2696
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKN3wyzr
https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAKN3wyzr&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKN3wyzr

35 B
237 B

2329ms
126ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAKN3wyzr&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKN3wyzr
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YD6bmgAAAKN3wyzr&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKN3wyzr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_681a5eda-d90f-44c1-96d8-d887268ff53c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YD6bmgAAAKN3wyzr&gdpr=0&gdpr_consent=&_test=YD6bmgAAAKN3wyzr
accept-ranges: bytes
date: Tue, 02 Mar 2021 20:10:02 GMT
via: 1.1 varnish
x-served-by: cache-hhn4029-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1614715803.596523,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-Q050 200 pixel Show response
cm.g.doubleclick.net/ Frame 10D7 170 B
224 B 60ms
59ms Document
image/png 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ODFhNWVkYS1kOTBmLTQ0YzEtOTZkOC1kODg3MjY4ZmY1M2M=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV82ODFhNWVkYS1kOTBmLTQ0YzEtOTZkOC1kODg3MjY4ZmY1M2M=&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Response headers

content-type: image/png
date: Tue, 02 Mar 2021 20:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6546 8 KB
3 KB 1376ms
62ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=33598
Expires: Wed, 03 Mar 2021 05:30:00 GMT
Date: Tue, 02 Mar 2021 20:10:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame A1FA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803

35 B
237 B

1076ms
130ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:03 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=0b077ac3-eb08-4830-b046-fb88be21e490&t=1617307803
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=0b077ac3-eb08-4830-b046-fb88be21e490; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjQ0szcvPCuORAFOAE.; domain=.adsrvr.org; expires=Wed, 02-Mar-2022 20:10:03 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame C408 0
0 2272ms
60ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Response headers

content-type: text/html
date: Tue, 02 Mar 2021 20:10:03 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 864E
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1y4gAAAAA

35 B
237 B

97ms
97ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1y4gAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YD6bncCo5swAAOa1y4gAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:05 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Tue, 02 Mar 2021 20:10:05 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YD6bncCo5swAAOa1y4gAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 5
X-SO-HostName: m-ad274.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":18,"gdpr":true,"ipv4":"0.0.0.0","key":"YD6bncCo5swAAOa1y4gAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad274"}
X-SO-Key: YD6bncCo5swAAOa1y4gAAAAA
X-SO-IP: 194.99.105.99
X-SO-Cluster-ID: 18
X-SO-Upstream-ID: m-ad274

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 8646
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=875739024679720366

35 B
237 B

1646ms
93ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=875739024679720366
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=875739024679720366
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSsjA3NTe2NDAyMTO3NDcyMDYzE-Iz1PXxdHVyrSrOiUjx8pPiNTQzNDE3NLUwMDYyMQUAO6QVxjMAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSsjA3NTe2NDAyMTO3NDcyMDYzE-Iz1PXxdHVyrSrOiUjx8gMAirFBVyQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhibmhqYWBsZGIKAOhVI7MQAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 27 Mar 2022 20:10:03 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=875739024679720366
Content-Length: 0
Server: Jetty(9.0.6.v20130930)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2059
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1

35 B
237 B

2072ms
127ms

Document
image/gif

52.51.160.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.160.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D9195%26uid%3D

Response headers

date: Tue, 02 Mar 2021 20:10:04 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 02 Mar 2021 20:10:02 GMT Tue, 02 Mar 2021 20:10:02 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=ZMcodSGEqRzcS0VtyPsI&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4743 37 KB
14 KB 324ms
63ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67199
Expires: Wed, 03 Mar 2021 14:50:02 GMT
Date: Tue, 02 Mar 2021 20:10:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B836 37 KB
14 KB 346ms
86ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67199
Expires: Wed, 03 Mar 2021 14:50:02 GMT
Date: Tue, 02 Mar 2021 20:10:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame BC50 37 KB
14 KB 326ms
64ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67199
Expires: Wed, 03 Mar 2021 14:50:02 GMT
Date: Tue, 02 Mar 2021 20:10:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 127F 37 KB
14 KB 334ms
62ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67199
Expires: Wed, 03 Mar 2021 14:50:02 GMT
Date: Tue, 02 Mar 2021 20:10:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1981 37 KB
14 KB 335ms
63ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67199
Expires: Wed, 03 Mar 2021 14:50:02 GMT
Date: Tue, 02 Mar 2021 20:10:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4743 0
75 B 213ms
52ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=82507890&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 20:09:50 GMT
Content-Length: 0

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0C0F 43 B
260 B 75ms
74ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&pxm=1&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALMDFP1&ol=1078484734&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1646148425&tf=Id8O-DxRgoC-xFQTS-CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-1cQ31u7Cex5YkrqdycYLLo%2BX1UC%2FyeTy8j%2F4uhjkxPYPVB9OTwGYDFJZ&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=450&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=450&w=300&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.benefitspro.com&lp=https%3A%2F%2Fwww.benefitspro.com&t=1614715798344&de=257280417920&cu=1614715798344&m=5720&ar=aebf41e-clean&iw=82104a3&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=454&le=1&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5097&cd=140&ah=5097&am=140&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2258748177%3A4598631072%3A138226959158&bo=21664827602&bd=21683638891&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683638891&zMoatDomain=benefitspro.com&zMoatSubdomain=benefitspro.com&dfp=0%2C1&la=21683638891&zMoatMData=1&zMoatTopic=-&zMoatPS=d_right_rail&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=benefitspro.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_right_rail&iq=na&tt=na&tu=1&tc=0&fs=189020&na=1212181061&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Mar 2021 20:10:04 GMT

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 402ms
135ms Script
text/javascript 34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=18252462%2C18600656&cl=1008&pixelIndex=0&r=978659&tzOffset=-60&url=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&id=1234581160655061252&_=1614715797530
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-142-95.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=18252462,18600656
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D18252462%2C18600656

43 B
1 KB

58ms
57ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D18252462%2C18600656

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:06 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid: 9fc443cb-8740-44d4-90a9-836076f9418c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Mar 2021 20:10:05 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid: db2d7ec1-c1cc-441e-91bd-478a813af13e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D18252462%2C18600656
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B836 37 KB
14 KB 63ms
63ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67196
Expires: Wed, 03 Mar 2021 14:50:02 GMT
Date: Tue, 02 Mar 2021 20:10:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame BC50 37 KB
14 KB 105ms
104ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=28223
Expires: Wed, 03 Mar 2021 04:00:29 GMT
Date: Tue, 02 Mar 2021 20:10:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B836 0
75 B 53ms
53ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=67177526&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 20:11:17 GMT
Content-Length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 127F 37 KB
14 KB 63ms
63ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67196
Expires: Wed, 03 Mar 2021 14:50:02 GMT
Date: Tue, 02 Mar 2021 20:10:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BC50 0
75 B 53ms
52ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=25952019&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 20:10:05 GMT
Content-Length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1981 37 KB
14 KB 63ms
62ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67196
Expires: Wed, 03 Mar 2021 14:50:02 GMT
Date: Tue, 02 Mar 2021 20:10:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 127F 0
75 B 76ms
52ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=28898515&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 20:10:05 GMT
Content-Length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 53ms
53ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=ALM_HEADER1&hp=1&zMoatAdUnit1=benefitspro&zMoatAdUnit2=home&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=11&f=0&j=&t=1614715796803&de=574523199851&rx=390510484092&m=0&ar=01dda15-clean&iw=76ee2b5&q=2&cb=0&cu=1614715796803&ll=2&lm=0&ln=0&em=0&en=0&d=4525440395%3A2480285401%3A5003105952%3A138270684736&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&id=1&ii=4&bo=benefitspro&bd=home&gw=almheader466656885399&fd=1&ac=1&it=500&pe=1%3A-%3A-%3A0%3A0&fs=188112&na=1596174587&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:08 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Mar 2021 20:10:08 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0C0F 43 B
260 B 57ms
57ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&pxm=1&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALMDFP1&ol=1078484734&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1646148425&tf=Id8O-DxRgoC-xFQTS-CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-1cQ31u7Cex5YkrqdycYLLo%2BX1UC%2FyeTy8j%2F4uhjkxPYPVB9OTwGYDFJZ&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=450&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=450&w=300&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.benefitspro.com%2F%3Fslreturn%3D20210202150955&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.benefitspro.com&lp=https%3A%2F%2Fwww.benefitspro.com&t=1614715798344&de=257280417920&cu=1614715798344&m=10777&ar=aebf41e-clean&iw=82104a3&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=454&le=1&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10154&cd=5097&ah=10154&am=5097&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2258748177%3A4598631072%3A138226959158&bo=21664827602&bd=21683638891&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683638891&zMoatDomain=benefitspro.com&zMoatSubdomain=benefitspro.com&dfp=0%2C1&la=21683638891&zMoatMData=1&zMoatTopic=-&zMoatPS=d_right_rail&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=benefitspro.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_right_rail&iq=na&tt=na&tu=1&tc=0&fs=189020&na=724349017&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Mar 2021 20:10:09 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1981 37 KB
14 KB 63ms
63ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67193
Expires: Wed, 03 Mar 2021 14:50:02 GMT
Date: Tue, 02 Mar 2021 20:10:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1981 0
75 B 53ms
53ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=65838296&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 20:10:09 GMT
Content-Length: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 139ms
139ms Image
image/gif 34.207.42.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=benefitspro.com&p=%2F&u=Ctzn0xDKZktAB33bpY&d=benefitspro.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=8564&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=2077&t=HayEiBmc92PCCvvh4Cry7O5DUT54C&V=122&tz=-60&sn=2&sv=DjUeu6DyQFHZCYVXjpCOluq3psdQ3&sd=1&im=067b2ef3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.42.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-42-216.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.benefitspro.com/?slreturn=20210202150955
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 20:10:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: geoip.alm.com
URL: https://geoip.alm.com/json/

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 20:51:07	Name: demdex Value: 47868995846565577133644298701196842549
.benefitspro.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_ppvl%3Dbpro%25253Ahome%252C18%252C18%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B%20s_ppv%3Dbpro%25253Ahome%252C14%252C14%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B
.benefitspro.com/	1970-01-20 10:03:07	Name: AMCV_96C4370453295E4C0A490D44%40AdobeOrg Value: -1303530583%7CMCIDTS%7C18689%7CMCMID%7C54895006477272537134383060519882676341%7CMCAAMLH-1615320597%7C6%7CMCAAMB-1615320597%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1614722997s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18696%7CvVersion%7C3.3.0
www.benefitspro.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 1.067
.benefitspro.com/	1969-12-31 23:59:59	Name: AMCVS_96C4370453295E4C0A490D44%40AdobeOrg Value: 1
www.benefitspro.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
www.benefitspro.com/	1970-01-19 16:31:57	Name: _cb_svref Value: null
www.benefitspro.com/	1970-01-20 02:00:43	Name: _chartbeat2 Value: .1614715797284.1614715797284.1.DjUeu6DyQFHZCYVXjpCOluq3psdQ3.1
www.benefitspro.com/	1970-01-23 08:07:55	Name: _ccmsi Value: 1614715797932_q2sq332bg\|1614715797932
www.benefitspro.com/	1970-01-20 02:00:43	Name: _cb Value: Ctzn0xDKZktAB33bpY
.benefitspro.com/	1970-01-20 01:56:24	Name: __qca Value: P0-1751066377-1614715797632
.benefitspro.com/	1970-01-20 01:17:31	Name: utag_main Value: v_id:0177f48fbe97005e0f9378f8fe8800078003407000b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1614717597143$ses_id:1614715797143%3Bexp-session$vapi_domain:benefitspro.com$dcsyncran:1%3Bexp-session$_prevpage:bpro%3Ahome%3Bexp-1614719397258
www.benefitspro.com/	1970-01-20 02:00:43	Name: _cb_ls Value: 1
.benefitspro.com/	1969-12-31 23:59:59	Name: hbx_lt Value: none
www.benefitspro.com/	1970-01-20 01:17:31	Name: ssoCompliant Value:
www.benefitspro.com/	1970-01-19 16:31:56	Name: NSC_wbsojti!5_ttm_10.0.254.204 Value: ffffffff0908e00a45525d5f4f58455e445a4a423660
.benefitspro.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.benefitspro.com/	1970-01-19 16:31:57	Name: s_pers Value: %20qpv_v40%3Dbpro%253Ahome%7C1614717597892%3B
.benefitspro.com/	1970-01-30 15:30:00	Name: UCID Value: 163be74d-a6d4-42ef-9e6f-8ee9add04372
.benefitspro.com/	1970-01-20 01:53:31	Name: __gads Value: ID=ff2502e8f18ceddc:T=1614715797:S=ALNI_MYNpXJ4yLQw0i5eVsH_3rjSdxMy-Q
.benefitspro.com/	1970-01-19 16:32:39	Name: ipAddress Value: 5lw5ac9dCIoroGM5uQ%3d%3d
www.benefitspro.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.benefitspro.com/	1970-01-19 17:15:07	Name: __cfduid Value: d618ebd7b5a946988796aaa872b1557261614715795

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.1
console-api	log	URL: https://store.law.com/Registration/js/overlayForm.js(Line 44) Message: Skip overlay, not logged in or using a shared account.
console-api	info	URL: https://cdn.ampproject.org/rtv/042011201932000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2011201932000 https://www.benefitspro.com/?slreturn=20210202150955

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
a.sportradarserving.com
acdn.adnxs.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
ajax.googleapis.com
alm.demdex.net
ams.creativecdn.com
ap.lijit.com
b.law.com
b1sync.zemanta.com
benefitspro.com
bh.contextweb.com
bidswitch-eu.splicky.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
colossusssp.com
creativecdn.com
cs.emxdgt.com
datacloud.tealiumiq.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.moatads.com
geoip.alm.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
images.benefitspro.com
in.ml314.com
match.adsrvr.org
mb.moatads.com
ml314.com
odr.mookie1.com
onetag-sys.com
owlcarousel2.github.io
p.rfihub.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.33across.com
pixel.quantserve.com
pool.admedo.com
pr-bh.ybp.yahoo.com
public.servenobid.com
px.moatads.com
rtb.gumgum.com
rules.quantcount.com
s.dpmsrv.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.chartbeat.com
store.benefitspro.com
store.law.com
sync-tm.everesttech.net
sync.1rx.io
sync.colossusssp.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tags.tiqcdn.com
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
use.typekit.net
users.api.jeeng.com
www.benefitspro.com
www.dianomi.com
www.google.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
geoip.alm.com
104.18.23.230
142.250.186.34
150.136.25.38
151.101.113.108
151.101.114.49
157.90.157.235
172.217.23.98
18.193.144.52
18.195.155.181
18.203.78.129
185.184.8.30
185.199.108.153
185.199.109.153
185.29.133.208
185.33.221.53
185.64.189.115
192.226.82.212
193.0.160.128
198.148.27.139
2.18.233.180
2.18.235.40
202.241.208.56
208.100.17.178
213.19.147.150
216.52.2.19
23.37.56.41
2600:9000:206f:6400:18:1fcd:34e:d2a1
2600:9000:20d7:f800:6:44e3:f8c0:93a1
2606:4700::6810:125e
2606:4700::6812:164b
2606:4700::6812:174b
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:46::19
2a00:1288:110:c305::8000
2a00:1450:4001:800::200a
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a02:26f0:6c00:285::19fd
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:bac0
2a0c:5c81:5142::2
3.124.226.36
3.220.90.167
34.120.207.148
34.192.142.95
34.192.210.97
34.207.42.216
34.235.235.184
34.250.153.194
34.251.167.52
34.98.67.61
35.158.172.137
35.181.18.61
35.210.53.219
35.244.159.8
51.89.9.254
52.17.73.77
52.208.225.81
52.212.194.196
52.215.241.211
52.51.160.138
54.246.70.54
64.202.112.95
65.9.58.13
70.42.32.159
88.214.193.99
88.214.207.207
92.123.150.214
012d0c64819924312107f6b87b10fe19d9e530862cccdabcfdfeeebf0180b56c
0306c18cbd0044eccb749b193f5ed42ba8935c088f79f6da36e5ed1fcd8da476
075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10
0b33a1f8a41b1c9eebdf7f5e67bdf51335e10a82523590816ef2ba892088ffbc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd2fcfda57a30312571ea7848d78f1417b201d930f8ecf2ddda937c64726773
0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657
104c308432386a1c5168f25c1d1779da8edf886f6cae438511c7d6a3557c8830
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
1a1c0dac3c389aa695f2e5b91cd8b396acc9894315eac254d797f514bf7daa39
1b676ab5137dd53fb543c752bb93e097bd3428d5c35af3040e8bf8930aef6362
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1ee45e8286273d02bbb90b2f361799f6f6e8a3f0d8589f5c5eb8633592e6a30a
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23420576b21bcc177885d26d7c92ea2aec52a82fe0ae33eea54524404c186469
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
2a04c2730b40dd67549ee75f16cce1e3d7d7d6155bdf9dea401a70f100a80785
2c1ed60895f330d39c23375e17f26ed3d051e6d401f084b8fad926ade60b8ae8
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2efd23c27204865c189be299ff1a38b27605781f42c2ba4c3e72cdfa367bcf1f
2febbd1c397527c728072cd2732a774971fad65c922dcf5ebfaa997b4d657936
300908cbcb84903590648db1851fcb3c493af3aaab47d4109e0a9f8394e06fd7
32deb2c138b1676a6908454b1801ef130391f70bfac5680761b747158ba2fabd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36c9fc6051d4a3d870934f3f78edcc4acaeb2b289453123baaccceaf125f4456
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3821ba89b97c6b9e87e6fec83fd5a7bac9a02875598c00d728bf895e1bc0da2e
3cc4d52780a21eb51474c98c4693fd91cd8d2fc583e33a16dad087809f61cdc9
3e41d274d84180bb88caadfcf7aeb7bd7c186c11ee50aca6596727cbc2134f14
3e664b2e6e726a513565cc9f775143f55f92a3a6eb61b7026fa49cde77dcf238
4064b00bf5906ba8f528ef2785db8737adf0ffbf2452b0c81398d0c5be71e039
419d1ac6bf284bb6ce32ba1265427efd418bbdbc7e0bee2babc3c48fb9f39e40
4317150775184d7f83e6efb05dc17dbea771ddbe4faba1f5f492c8c6cce64841
435faf0889dacbfbfb8bce6658239f25480b329a09b6ba8268a43c595d90aafc
46a69b88df8dce5def5cf781098b96c0748ed4359bfe4e7e9047b4606ba91184
47eec74e03d32f736a7712c63ef2fba24fa8bf27e32d42455d3a3366768d69f4
484ed7a98c91dc00b55fea65cc9be99a62caf1cd4941efd361dc90d9de5aa2c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51b32b48dd2834d8f161c5b6325807967f73e6a55a7b4a0f33b0b231494d4457
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
547f2fe170e82e23fa050bbe83fb7e8eeb72b0dd297c882aee9af3f46f023956
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58a9f9a5cae4e7aa57717cefe966f85a4a59c791a77605475af04a6eef934176
593ee85d3edcd1c0f3b19750ef667f7fdc88c7f2ef235fe226ea8fec35432eae
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5c8ff57e618a0f47b8293a205ab9cd2a2620fffcb9913fbb0f96bea1ef9edf83
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6472e6da151b368c12e45ef0fe84152f62e2fc56de1e82c1527f679b98e67fda
648e79ebde6cf1350cfa7568f8f5a582d599281cb3245aeef278465cbe3ffeb3
654e11486d261cd7bdbf53ae5f57f82ff29e1f26af95378698e7fffed673cf83
681c704e441ca66bc59ce4e02a5209d7a2983a189e106e10a4b55d37bb403476
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
73bd86f3cb0add00357e8ae2f1305ef8afd47d9fbc9fc57287c6c3e11a4470d6
7981ee0bc2720fff266e8355726984deb89c9fa801b30d1903c812f398127835
7a944f315f19be02492bf8dee5e10fc19340474b0ea5f894f339fe43ae59f456
7aa9bcd77cde64d815c74a7bc2e22404db244960bad110dfc3368d92d763e586
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0
7e26d28ee2081b3a2fe478a03e4d49604256379a889fd195088d7a6551e1a2ad
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8035fb392745a641b99c825e5fae8fcc95b3fbd84d8a71879f46506dbe231119
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8175c58878a49b2e0f0e553ba8871ff5755aea874fa47ac6edaadc783e4e3c5b
8182715bda092b0d347f4994cf2661a956724e4ba5512bffe4ae0351855062d6
81ced3555ed8707bc46d5b05ce23b5309a0e7b4ed7a7803185209c069657884f
81fb18f0aec660394554e70ac7168c0561a3885ebb2dea308c50dd1af48d1eaf
843c1e5f3ae31552e3e6ee92834b6b6e4f36928c376deb603d93ffde5669b0e7
84de64a552a0268bb7f58bb642c20be55c60b48ec2357cc65e06510f528354a1
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
88401fdd953fb9b79ea9acfbafadf7becd2c5934a54eeedfe4e82169c32850f2
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
8e9971e6cf33eb3ae9da6caacebedea9df7332020441f41ebff53a1194b9f317
8f05ae16a0f9ef87d76bb4b1b0b5218ccd8c2b15ba60a75c354b61fcbea99207
91003ecf1942f98e41f2b840b7ba793af2c0f92786b76f27481709516233a9a2
914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01
933b31ae725eac27028e612a8faf7088d62d64cc53fcc2d39d495d9e3842f283
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab
9423431867316005a1c000237c6649870a2e388fa2e741fe6d8dbe09137f760c
943c47e42eff83d25675ef352e488d2e3aaf8c8af0f019a78d21339836a1f065
94ff1886b75337d9ecd8fd6c1ea51aee392e6013ac927b81a01fa62d7b79d08b
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
9f2a4eab4937097402dcc55d7926f03a0631f3e3107eeb38e4c039849801e26e
9f65c6ce5ab2d48ac6df269b9e62ee03cd929c357dec8c3dfc2590a39be44e44
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3232ce8d7fb10f3f28283e607fcfd2d84cf0eb186519b2a0644b84bd17dc2b7
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac0b1aeb55f43ad6eba45dbeec04d6544c3a072cc12f3a044f60c51f0a9fed75
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acf1c5f96a65087430a8279e927dc6dcaa6dd90a9fd11abbd28775feda1a8bd8
ad66282196417c4be6122180d7df5f4791ac8771b45be060e314a2062f4afdf7
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
af416120f43bfee84e300f2a0c359310087a64f1b4f19b39f1f8cd65ce0c84ab
afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6
b1191049bde29a917914bf622ee8fd9127ae6b334e5eb9a06f49e99ee727f478
b17794a71229f1e8eea700ae1720589558e2e0df9135d2460a09eeaf5d6c39c8
b4c82cd1a7be83bf80ba5fba38e1a1687d3766bfc012a46e71a1bbd8bc3eb7d1
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
b73c6b780727e1d0424a7dc44af81088c3034b02e5b52f118fd264d7d4a776d3
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a
b99bf3fe07ea79c10cda712e2aa1f9158b857066f47b3e882c418043c32587a8
b9f443ebb93b3859ec09bd563f08a59739850bcb06267c0d17373757e939b037
bb4e3c5ec8da50521db4145040e7e7e141c1b0d9fc03d40b4cb5b3d0d1a91364
bc76814375cda6e05e9627ab4de2c02b967e83fd61da79dc318f7852379f9fc1
bd8e7d239802c20d9aaebe7a1366bc11eab1d1310e295375fe0f41c02183c546
bea2c4ef34b2e29e9b8cbb174c8af18ae4f88b6beffe61f41ca0b4214aa4e488
c17fdaad5812bbe09392344ff867c218be6cfdae827182ea4d73c4cb3037f7f2
c414e0a23a1130f8205f172cc056b936f3673896c61bebbbd5655102c70034e0
c6362d61719a127124eaf05b311de224089876c65d19a0acfe1224ceb3d6540e
c6b857abd457ad8b2cc55c4fc5f1a29e27eb5ed979f08e24f32082a38d226628
c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d836affe5971294b1b43a2a39334836f2519478468c94e43545a9582e749e670
d901c0df0666d0ebe00231b25eef17879e714a2cf29d2f57bde706ac040e324b
da9d269863be3027b66a01567739fb543948f37e3f083659350e7e5783ac2e94
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
e163d9c5442d117b0fe92474f7724208091d09f146a9e7e872b72edf78e6d570
e1bf0f793f957d7a8a82b636c8fd8bb9d828db1dc0b701c9e93b69f7ee760e26
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4946cffdc22b21106cd64f99c5a1d001d59b745659b4ffb723aa04e8222808a
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
eab94bfcd230b07377dd03ee9f8e0deea86ac3b1d34494e43a9daa6f692c5202
ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5cfe7cbc5ac38d2afa001030f6cc285d1f79058ac750ac910ab6e1a476fe66a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fac0d475bc13db3c1ef9a4ec6ef6cfcfc516ffbc242a3282b91722b33899bfd9
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fc4727a062a4f5536f572bc595822e6c894c8d041af49e5952b8e31f40c4a8ae
fcf470918cdf64149fce46d045b601f5d393bc28d0662aa9791738a790da186e

www.benefitspro.com Open in urlscan Pro 2606:4700::6812:174b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

335 Requests

100 %HTTPS

30 %IPv6

57 Domains

84 Subdomains

56 IPs

8 Countries

2262 kBTransfer

6228 kBSize

23 Cookies

49 Outgoing links

Page URL History

Redirected requests

335 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.benefitspro.com Open in urlscan Pro
2606:4700::6812:174b Public Scan

Screenshot
Live screenshot

Full Image

335
Requests

100 %
HTTPS

30 %
IPv6

57
Domains

84
Subdomains

56
IPs

8
Countries

2262 kB
Transfer

6228 kB
Size

23
Cookies

335 HTTP transactions
3 data transactions