www.rethinkbenefits.com Open in urlscan Pro
2620:1ec:48::44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rethinkbenefits.com/
Effective URL:
https://www.rethinkbenefits.com/eb/
Submission: On November 13 via api (November 13th 2021, 1:04:11 pm UTC) from CH — Scanned from DE

Summary HTTP 44 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 44 HTTP transactions. The main IP is 2620:1ec:48::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.rethinkbenefits.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 5th 2021. Valid for: a year.

This is the only time www.rethinkbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.107.246.67 13.107.246.67	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 25	2620:1ec:48::44 2620:1ec:48::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
1 2	161.35.15.77 161.35.15.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	206.189.191.180 206.189.191.180	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	35.174.150.168 35.174.150.168	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
44	14

1 13.107.246.67 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rethinkbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2620:1ec:48::44 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.rethinkbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.35.15.77 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn101.acsbapp.com

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.189.191.180 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn102.acsbapp.com

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.174.150.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-3-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.rethinkfirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

rethink-cdn-edu.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	rethinkbenefits.com 2 redirects rethinkbenefits.com www.rethinkbenefits.com	1 MB
4	acsbapp.com 1 redirects acsbapp.com cdn.acsbapp.com	159 KB
4	gstatic.com fonts.gstatic.com	87 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	pardot.com pi.pardot.com	4 KB
1	azureedge.net rethink-cdn-edu.azureedge.net	6 KB
1	rethinkfirst.com go.rethinkfirst.com	1 KB
1	hubspot.com track.hubspot.com	1000 B
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hs-scripts.com js.hs-scripts.com	911 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	googleapis.com fonts.googleapis.com	2 KB
44	13

	Domain	Requested by
25	www.rethinkbenefits.com	1 redirects www.rethinkbenefits.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pi.pardot.com	www.rethinkbenefits.com pi.pardot.com
2	cdn.acsbapp.com	acsbapp.com
2	acsbapp.com	1 redirects www.rethinkbenefits.com
1	rethink-cdn-edu.azureedge.net	www.rethinkbenefits.com
1	go.rethinkfirst.com	pi.pardot.com
1	track.hubspot.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-scripts.com	www.rethinkbenefits.com
1	www.googletagmanager.com	www.rethinkbenefits.com
1	fonts.googleapis.com	www.rethinkbenefits.com
1	rethinkbenefits.com	1 redirects
44	15

This site contains links to these domains. Also see Links.

Domain
www.whil.com
www.rethinkfirst.com
www.google.com
accessibe.com

Subject Issuer	Validity	Valid
www.rethinkbenefits.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-05` - `2022-06-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-23` - `2022-10-05`	a year	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2020-12-05` - `2021-12-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
go.rethinkfirst.com R3	`2021-09-24` - `2021-12-23`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.rethinkbenefits.com/eb/
Frame ID: E7C515020D4AF9E76321F16DC881CCF0
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rethink Benefits

Page URL History Show full URLs

http://rethinkbenefits.com/ HTTP 301
https://www.rethinkbenefits.com/ HTTP 302
https://www.rethinkbenefits.com/eb/ Page URL

Page Statistics

44
Requests

98 %
HTTPS

50 %
IPv6

13
Domains

15
Subdomains

14
IPs

2
Countries

1379 kB
Transfer

3695 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.whil.com/?__hstc=142051885.9779ec32ac696aa00cd8cf756dbebb2e.1636808644698.1636808644698.1636808644698.1&__hssc=142051885.1.1636808644698&__hsfp=2427650321
Title: Experience the Platform

Search URL Search Domain Scan URL

URL: https://www.rethinkfirst.com/?__hstc=142051885.9779ec32ac696aa00cd8cf756dbebb2e.1636808644698.1636808644698.1636808644698.1&__hssc=142051885.1.1636808644698&__hsfp=2427650321
Title: Rethink First Company

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Rethink,+49+W+27th+St,+New+York,+NY+10001/@40.7454023,-73.9905152,20z/data=!4m13!1m7!3m6!1s0x89c259a5ec84b6a5:0x72c660ce2d104046!2s49+W+27th+St,+New+York,+NY+10001!3b1!8m2!3d40.7453144!4d-73.9902255!3m4!1s0x89c259a5ec84b6a5:0x72c660ce2d104046!8m2!3d40.7453144!4d-73.9902255
Title: Rethink 49 West 27th Street, 8th Floor, New York, NY 10001

Search URL Search Domain Scan URL

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rethinkbenefits.com/ HTTP 301
https://www.rethinkbenefits.com/ HTTP 302
https://www.rethinkbenefits.com/eb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://acsbapp.com/apps/app/assets/js/acsb.js HTTP 301
https://acsbapp.com/apps/app/dist/js/app.js

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rethinkbenefits.com/eb/
Redirect Chain

http://rethinkbenefits.com/
https://www.rethinkbenefits.com/
https://www.rethinkbenefits.com/eb/

57 KB
18 KB

895ms
895ms

Document
text/html

2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7f8f433190fdc265336bee4b79d8f461e62f99fcc87efbc3a1bc6a6116132d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-length: 18096
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-powered-by
strict-transport-security: max-age=31536000;includeSubDomains;
x-content-type-options: nosniff
link: <https://www.rethinkbenefits.com/eb/wp-json/>; rel="https://api.w.org/" <https://www.rethinkbenefits.com/eb/wp-json/wp/v2/pages/3731>; rel="alternate"; type="application/json" <https://www.rethinkbenefits.com/eb/>; rel=shortlink
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wbePYQAAAAB8gS5OZLkoRqlorwcsIcBTTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
date: Sat, 13 Nov 2021 13:04:02 GMT

Redirect headers

cache-control: private
content-length: 121
content-type: text/html; charset=utf-8
location: /eb/
request-context: appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
access-control-expose-headers: Request-Context
access-control-allow-origin: *
backend-pool: East
strict-transport-security: max-age=31536000;includeSubDomains;
x-frame-options: SAMEORIGIN
x-xssprotection: 1; mode=block
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wbePYQAAAACW6JOwLovFQ5lCG9b6lZFmTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
date: Sat, 13 Nov 2021 13:04:01 GMT

GET
H2 200 style.min.css
www.rethinkbenefits.com/eb/wp-includes/css/dist/block-library/ 57 KB
12 KB 359ms
358ms Stylesheet
text/css 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-includes/css/dist/block-library/style.min.css?ver=5.7.4

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Sat, 26 Jun 2021 01:12:28 GMT
x-frame-options: SAMEORIGIN
etag: "d25b8e54286ad71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/css
access-control-allow-origin: *
x-azure-ref: 0wrePYQAAAAAbheClVFZvQay96PaXfr9YTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 11934

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 809ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alike%3Aregular%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic&ver=2.3.5

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33f4664bbf94cc1c4524b3469ba4c25aeb1bab2636ffc061adfc1ffedc4dafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 13:04:03 GMT
server: ESF
date: Sat, 13 Nov 2021 13:04:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 13:04:03 GMT

GET
H2 200 style.css
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/ 488 KB
98 KB 395ms
394ms Stylesheet
text/css 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/style.css?ver=1242413017

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d4102bbe4cbf20ecf50ed31f75606465a4576ef2c0765fbf6e5d0d1a2a5084c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:33:35 GMT
x-frame-options: SAMEORIGIN
etag: "e1116923f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/css
access-control-allow-origin: *
x-azure-ref: 0wrePYQAAAACvq4dC2E39TqSDVsvM4zb8TE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes

GET
H2 200 style-custom.css
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/ 213 KB
33 KB 386ms
385ms Stylesheet
text/css 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/style-custom.css?ver=836613515

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a5e3d92515571781e7a0cde874ec6b137ae496da4d29a4361fe1d35629e199c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 10:49:00 GMT
x-frame-options: SAMEORIGIN
etag: "9a80b86b32c7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/css
access-control-allow-origin: *
x-azure-ref: 0wrePYQAAAADaSO0d9JNqTZro+bVZ0ca3TE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 33257

GET
H2 200 style.css
www.rethinkbenefits.com/eb/wp-content/themes/uncode-child/ 184 B
429 B 352ms
351ms Stylesheet
text/css 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-content/themes/uncode-child/style.css?ver=1242413017

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7b999ad5a53f20d5432a997640c8e6466a4f8fbd4d754b91e0fd102f5a5301b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Fri, 05 Jun 2020 02:09:41 GMT
x-frame-options: SAMEORIGIN
etag: "49d1c55fde3ad61:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/css
access-control-allow-origin: *
x-azure-ref: 0wrePYQAAAAD6V9RLw72GQqu7Ish81D8lTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 249

GET
H2 200 uncode-icons.css
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/ 58 KB
14 KB 360ms
359ms Stylesheet
text/css 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/uncode-icons.css?ver=836613515

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8cc76357bd40603ec5e4006a86598180f96ebd603aa32682e6f8da895e02fab2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:33:35 GMT
x-frame-options: SAMEORIGIN
etag: "79e26c23f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/css
access-control-allow-origin: *
x-azure-ref: 0wrePYQAAAAAV0CEVmFCuT78bj+7Dx9ZPTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 14208

GET
H2 200 jquery.min.js Show response
www.rethinkbenefits.com/eb/wp-includes/js/jquery/ 87 KB
39 KB 365ms
365ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:38:08 GMT
x-frame-options: SAMEORIGIN
etag: "c75efac5f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0wrePYQAAAACHn7jMeRrFTIDrLnVNuseITE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 39745

GET
H2 200 jquery-migrate.min.js Show response
www.rethinkbenefits.com/eb/wp-includes/js/jquery/ 11 KB
5 KB 355ms
354ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:38:08 GMT
x-frame-options: SAMEORIGIN
etag: "4bd2e8c5f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0wrePYQAAAAD9ZlJUeJz8Soe/zA+7b92ETE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 4994

GET
H2 200 init.js Show response
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/ 167 KB
49 KB 371ms
371ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/init.js?ver=836613515

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2d5f7f551cca52ad439af9e3f54b7103ad31587084ad121361d8e319210b9f5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:33:40 GMT
x-frame-options: SAMEORIGIN
etag: "af8e3026f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0wrePYQAAAAA1LDy9HG9XTag3jqsoG6G3TE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 50229

GET
H2 200 Rethink-Benefits-.svg
www.rethinkbenefits.com/eb/wp-content/uploads/2019/12/ 8 KB
8 KB 104ms
101ms Image
image/svg+xml 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rethinkbenefits.com/eb/wp-content/uploads/2019/12/Rethink-Benefits-.svg

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e0d9d3c9034dde0af57d0b444fa033f9223ce92dbe904ce0236cbcec842bbb04

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
last-modified: Fri, 05 Jun 2020 02:10:25 GMT
etag: "21d9d879de3ad61:0"
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAADwb894Rj7tSKHsBUVPv+fDTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 7899

GET
H2 200 Hitrust-1.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 49 KB
49 KB 105ms
102ms Image
image/png 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/Hitrust-1.png

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8cea5efbe16230f5a4726ea5d2172c4c8d38a080dba3a4e105d07f3d77af6748

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
last-modified: Fri, 05 Jun 2020 02:10:42 GMT
etag: "a0e6b883de3ad61:0"
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
content-type: image/png
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAADV1HvbXDWJQqnFeS26b6sPTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 49696

GET
H2 200 hipaa.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 40 KB
41 KB 104ms
101ms Image
image/png 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/hipaa.png

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d048e58fc4c11acd0d6814e6514b4253b25dae91b51093501c297408f2ddff2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
last-modified: Fri, 05 Jun 2020 02:10:41 GMT
etag: "3ec27383de3ad61:0"
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
content-type: image/png
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAADEoV0ra9mTTbjmD7LFPiKoTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 41338

GET
H2 200 cobit-1.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 41 KB
41 KB 359ms
356ms Image
image/png 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/cobit-1.png

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

68e86b7f45d9e6f39ec522458a4d0973c25745485188bad6d680e70b953a9bec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
last-modified: Fri, 05 Jun 2020 02:10:32 GMT
etag: "2011d37dde3ad61:0"
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
content-type: image/png
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAACFTYE/BTZyQ68gzRMh8wANTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 42135

GET
H2 200 ISO.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 57 KB
57 KB 104ms
101ms Image
image/png 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ISO.png

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d3acae6258d603740a17dbff03bec2004d36814f15082958c84a544d43e33b4d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
last-modified: Fri, 05 Jun 2020 02:10:54 GMT
etag: "70ce128bde3ad61:0"
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
content-type: image/png
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAACZ26SYp+rrTJz6DNfkF9PeTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 58219

GET
H2 200 ncsp.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 38 KB
38 KB 353ms
350ms Image
image/png 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ncsp.png

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8b9b7ad3b5c3fe6eb502079f3b955b165622b807d03ffcf954bd28e8e8a4cee0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
last-modified: Fri, 05 Jun 2020 02:11:00 GMT
etag: "6066668ede3ad61:0"
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
content-type: image/png
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAABwsb/srJM1TbKUILPKXXYFTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 38915

GET
H2 200 PCI-1.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 22 KB
22 KB 353ms
351ms Image
image/png 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/PCI-1.png

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b0e6f7ad3ea85c656db9e4e51c75fe79d503bfce28f8be62e2c03a80d20cf76d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
last-modified: Fri, 05 Jun 2020 02:11:03 GMT
etag: "f3c64c90de3ad61:0"
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
content-type: image/png
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAAC3dFKAP9OuTKQgaG4pspQiTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 22537

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 451ms
62ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-40561067-3

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3dc55d7d55a36fc49663e06e632221f517d669cad54a20aef6809f31f2dc964a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 36159
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Nov 2021 13:04:04 GMT

GET
H2 200 2900416.js Show response
js.hs-scripts.com/ 988 B
911 B 405ms
386ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2900416.js?integration=WordPress
Requested by: Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57237622bfe01f61bc6256b71642efa54394fdad96795a2bcdfb70f89d02a5fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 9be4a7be-d2e2-4e8d-b9a9-806598efc854
last-modified: Sat, 13 Nov 2021 12:38:22 GMT
server: cloudflare
x-trace: 2B25DB2DB7D4883AE66C81A24207C90349634C942E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.rethinkbenefits.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6ad834271a85c2ef-FRA
expires: Sat, 13 Nov 2021 13:05:04 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/ 154 KB
51 KB 133ms
133ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:38:10 GMT
x-frame-options: SAMEORIGIN
etag: "25b321c7f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAACoPrjobfhfRJNvIZFmOLPMTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 51982

GET
H2 200 mediaelement-migrate.min.js Show response
www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/ 1 KB
893 B 103ms
103ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.7.4

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:38:10 GMT
x-frame-options: SAMEORIGIN
etag: "51c024c7f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAAC5gtZ2QnAST4JObVIQi+EQTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 707

GET
H2 200 wp-mediaelement.min.js Show response
www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/ 906 B
813 B 103ms
103ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.7.4

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:38:10 GMT
x-frame-options: SAMEORIGIN
etag: "bba33bc7f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAAANfaa4dVcHSrlZTB1q3dC2TE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 646

GET
H2 200 plugins.js Show response
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/ 775 KB
251 KB 123ms
120ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/plugins.js?ver=836613515

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ac33ffd788e54cb4a00b31c9823744f840e1f1b5a5f6c94a5cdaa588a05c3ff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:33:40 GMT
x-frame-options: SAMEORIGIN
etag: "a6757426f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAADNtR1UY8n8S5BzxOeBOiXxTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes

GET
H2 200 app.js Show response
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/ 178 KB
54 KB 124ms
121ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/app.js?ver=836613515

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dff26b51cad388065c1fbe75ce5af23772a422909b70f7fca58f6cb6632caa8c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:33:40 GMT
x-frame-options: SAMEORIGIN
etag: "9cb12926f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAACiYnqsyROQSYdoZiti9zF8TE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 55272

GET
H2 200 wp-embed.min.js Show response
www.rethinkbenefits.com/eb/wp-includes/js/ 1 KB
1 KB 357ms
353ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-includes/js/wp-embed.min.js?ver=5.7.4

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:38:11 GMT
x-frame-options: SAMEORIGIN
etag: "8fe3cec7f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAAARX14rAJpQT7O1lzHA8xRsTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 966

GET
H2 200 wp-emoji-release.min.js Show response
www.rethinkbenefits.com/eb/wp-includes/js/ 14 KB
6 KB 367ms
365ms Script
application/x-javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/eb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:38:11 GMT
x-frame-options: SAMEORIGIN
etag: "1d48d7c7f7fd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAACvSfB1k+dQSJtUN0eNbFDiTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 5993

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 488ms
98ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alike%3Aregular%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic&ver=2.3.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rethinkbenefits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 04:48:55 GMT
x-content-type-options: nosniff
age: 202509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 04:48:55 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 464ms
80ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rethinkbenefits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:18:02 GMT
x-content-type-options: nosniff
age: 85562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:18:02 GMT

GET
H2 200 HI_EiYEYI6BIoHjGQ5Q.woff2
fonts.gstatic.com/s/alike/v13/ 28 KB
28 KB 496ms
120ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alike/v13/HI_EiYEYI6BIoHjGQ5Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

d68e9b6ef66bf0113a643dbe47a31245ba5a9e13140dd8f75bd86cc7abfe0f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rethinkbenefits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 02:44:05 GMT
x-content-type-options: nosniff
age: 209999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 28648
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:39:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 02:44:05 GMT

GET
H2

200

app.js Show response
acsbapp.com/apps/app/dist/js/
Redirect Chain

https://acsbapp.com/apps/app/assets/js/acsb.js
https://acsbapp.com/apps/app/dist/js/app.js

422 KB
138 KB

94ms
94ms

Script
application/x-javascript

161.35.15.77
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol: H2
Server: 161.35.15.77 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn101.acsbapp.com
Software: /
Resource Hash: 0daa212f585390c130c10af17219c619da5688ef874853f89f746c2b97d42e01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:04 GMT
content-encoding: br
last-modified: Wed, 10 Nov 2021 19:43:06 GMT
etag: "69839-618c20ca-5cfe04e9e194f48a;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 141090
expires: Sun, 14 Nov 2021 13:04:04 GMT

Redirect headers

location: https://acsbapp.com/apps/app/dist/js/app.js
date: Sat, 13 Nov 2021 13:04:03 GMT
content-length: 707
content-type: text/html

GET
H2 200 uncode-icons.woff2
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/fonts/ 138 KB
138 KB 103ms
102ms Font
application/font-woff2 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/fonts/uncode-icons.woff2

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/uncode-icons.css?ver=836613515

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cb3bfa3f39f228b5e06fb6ee80aea986056d3253805a59581e6eff051050141d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/uncode-icons.css?ver=836613515
Origin: https://www.rethinkbenefits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:03 GMT
last-modified: Wed, 03 Mar 2021 06:33:36 GMT
etag: "4913c723f7fd71:0"
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
content-type: application/font-woff2
access-control-allow-origin: *
x-azure-ref: 0w7ePYQAAAACoJVm7mvZ9S6DX84ZfkliJTE9OMjFFREdFMTUxMgBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges: bytes
content-length: 141008

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 398ms
40ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rethinkbenefits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 21:50:41 GMT
x-content-type-options: nosniff
age: 141203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 19824
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 21:50:41 GMT

GET
H2 200 2900416.js Show response
js.hs-banner.com/ 62 KB
16 KB 457ms
439ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2900416.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2900416.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af163e6370aa13abac18245d6c0f786a5db66448abba499f506b4bd11414727c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: BVANRH9FYYENX48R
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: bKrpRXpC8JO9KHBIxNxwa7/z822DXfzR+4WZCoIjjA0nITUElL2J14lzrvNyiRj9QSiGokXDTeM=
timing-allow-origin: *
last-modified: Thu, 11 Nov 2021 21:33:22 GMT
server: cloudflare
etag: W/"bf9ce368d7d81c9674d952c65b4035ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: MFy7i6PeM1iHOSRkjCK3SxBrXTE0qJNi
access-control-allow-origin: https://www.rethinkbenefits.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6ad83429ad0e05b7-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Sat, 13 Nov 2021 13:09:04 GMT

GET
H2 200 2900416.js Show response
js.hs-analytics.net/analytics/1636808400000/ 62 KB
20 KB 172ms
152ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1636808400000/2900416.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2900416.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42329280b0cf83cd9362c2c18410b9a0e16571baa6d7b4877a59edfe4192c494

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:04 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: DSJVTQ6XZYF7HQ68
x-amz-server-side-encryption: AES256
cf-ray: 6ad83429acd34ab0-FRA
x-amz-id-2: alELP7+sBASgRMO1VVJK1UJeLgzYuZs7GNPiux8jz3fNq0iPeATZwN9eri01+58uFYAnbSNVwnY=
last-modified: Thu, 11 Nov 2021 21:33:20 GMT
server: cloudflare
etag: W/"c4b0df6b5d3243e66e8ccc00df82ac27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Sat, 13 Nov 2021 13:09:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 424ms
39ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40561067-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3778
date: Sat, 13 Nov 2021 12:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sat, 13 Nov 2021 14:01:06 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/rethinkbenefits.com/ 136 B
323 B 319ms
105ms Fetch
application/json 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/rethinkbenefits.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: 814a3668c2c6270b391a45b4ae2b293cbe713d87b89fd7e97a80d6dd0a35206c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:04 GMT
last-modified: Sat, 13 Nov 2021 07:08:15 GMT
etag: "88-618f645f-e29c609c2831e355;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 136
expires: Sun, 14 Nov 2021 13:04:04 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 43ms
43ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2060394165&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&ul=en-us&de=UTF-8&dt=Rethink%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1009111106&gjid=347433893&cid=1145569298.1636808645&tid=UA-40561067-3&_gid=1704870696.1636808645&_r=1&gtm=2ouba1&z=256293303

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rethinkbenefits.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 13:04:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rethinkbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 414ms
98ms Script
application/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 13:04:05 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
Last-Modified: Fri, 12 Nov 2021 05:15:08 GMT
Server: PardotServer
ETag: "1547-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1950
Expires: Mon, 13 Nov 2023 13:04:05 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1000 B 60ms
43ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2427650321&v=1.1&a=2900416&ct=standard-page&rcu=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&pu=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&t=Rethink+Benefits&cts=1636808644700&vi=9779ec32ac696aa00cd8cf756dbebb2e&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:04 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1abb5b6a-6d31-442e-a948-5f04f2a59e8a
cf-ray: 6ad8342d786d4ab5-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTt36vuE4Ke7%2BxsZ94sWpmocZsisNV5vZr2kPYcCkJo%2Bx6WjxeRfwC097iEKiAjAS4oiM6jkA%2F1L7TyOYEwmwnjp3abzQ1mQgjTlsE8W8g0LaVSIkZWxdjaFncgojqUzDaFIGmylQEOWMggA6%2Fjz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 216 KB
20 KB 105ms
105ms Fetch
application/json 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: 3ced5f8cdff53413385be72b52dc7aec3bc055c24684f76ae30a74664d0ef052

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:04:04 GMT
content-encoding: br
last-modified: Wed, 10 Nov 2021 19:39:03 GMT
etag: "35ea0-618c1fd7-9308222c1a65a329;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20740
expires: Sun, 14 Nov 2021 13:04:04 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 500ms
500ms Script
text/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=19158&account_id=84952&title=Rethink%20Benefits&url=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-3-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

95073e811b771abc541cc4722bf5cd1d3f9a8bb5d3ca1f305d56b03f801aea99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 13:04:05 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp: 16/78/153
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 550
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 200
OK analytics Show response
go.rethinkfirst.com/ 50 B
1 KB 531ms
191ms Script
text/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rethinkfirst.com/analytics?conly=true&visitor_id=274679951&visitor_id_sign=a7d5658f2d66386ab42e4c3ec56555b97420ba089a05b0d90aaee4628df1ed731c6dfc9f66d1cf6d279909a3de4c9ed2720b9f25&pi_opt_in=&campaign_id=19158&account_id=84952&title=Rethink%20Benefits&url=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=19158&account_id=84952&title=Rethink%20Benefits&url=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&referrer=
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 13:04:06 GMT
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp: 16/78/153
Vary: User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 a350d5ad2adc9090bc0fd677c1285892_b4.js Show response
rethink-cdn-edu.azureedge.net/scripts/ 16 KB
6 KB 87ms
17ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://rethink-cdn-edu.azureedge.net/scripts/a350d5ad2adc9090bc0fd677c1285892_b4.js

Requested by

Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F54) /

Resource Hash

e79d81fa221aa8f47dfb5083fb1bd5baf2dfeee346efac6c39aaba529a24558c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "555b5cbea3d1d71:0"
age: 137872
x-cache: HIT
x-azure-ref: 0Np2NYQAAAACwLBwPo8V1TYWR9l9F0pMTRlJBRURHRTEwMTgAZDI3NWM5NTAtZTU0MC00NGE2LWE5NjgtMDg3MDBlYWZjYmZm
strict-transport-security: max-age=31536000;includeSubDomains;
content-length: 5453
request-context: appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
last-modified: Thu, 04 Nov 2021 17:45:23 GMT
server: ECAcc (frc/8F54)
x-frame-options: SAMEORIGIN
date: Sat, 13 Nov 2021 13:04:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
x-xssprotection: 1; mode=block
accept-ranges: bytes
x-content-type-options: nosniff
backend-pool: East

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 39ms
39ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2060394165&t=event&_s=2&dl=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&ul=en-us&de=UTF-8&dt=Rethink%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie-Script&ea=Show&_u=aEBAAUABAAAAAC~&jid=&gjid=&cid=1145569298.1636808645&tid=UA-40561067-3&_gid=1704870696.1636808645&gtm=2ouba1&z=1695134752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rethinkbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 14:11:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82354
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rethinkbenefits.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: en4ndexz4jgldvr3tzjnotyq
.rethinkbenefits.com/	1970-01-20 16:11:20	Name: _ga Value: GA1.2.1145569298.1636808645
.rethinkbenefits.com/	1970-01-19 22:41:35	Name: _gid Value: GA1.2.1704870696.1636808645
.rethinkbenefits.com/	1970-01-19 22:40:08	Name: _gat_gtag_UA_40561067_3 Value: 1
.rethinkbenefits.com/	1970-01-20 08:01:44	Name: __hstc Value: 142051885.9779ec32ac696aa00cd8cf756dbebb2e.1636808644698.1636808644698.1636808644698.1
.rethinkbenefits.com/	1970-01-20 08:01:44	Name: hubspotutk Value: 9779ec32ac696aa00cd8cf756dbebb2e
.rethinkbenefits.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.rethinkbenefits.com/	1970-01-19 22:40:10	Name: __hssc Value: 142051885.1.1636808644698
.hubspot.com/	1970-01-19 22:40:10	Name: __cf_bm Value: jvdZCbsSsk9GFdOYkT_YAfb4s2qgDObGowOINS2xkbQ-1636808644-0-AfwUtsgxxmrw0Em/L0bdw16yjHw4TZDqVIL5cNyFooeXY6zrEwEuCB23IXQgjyXmthDWIX4nsxekP+OCWD1e2uE=
.pardot.com/	1970-01-23 14:16:08	Name: visitor_id83952 Value: 274679951
.pardot.com/	1970-01-23 14:16:08	Name: visitor_id83952-hash Value: a7d5658f2d66386ab42e4c3ec56555b97420ba089a05b0d90aaee4628df1ed731c6dfc9f66d1cf6d279909a3de4c9ed2720b9f25
pi.pardot.com/	1970-01-19 22:40:10	Name: lpv83952 Value: aHR0cHM6Ly93d3cucmV0aGlua2JlbmVmaXRzLmNvbS9lYi8%3D
www.rethinkbenefits.com/	1970-01-23 14:16:08	Name: visitor_id83952 Value: 274679951
www.rethinkbenefits.com/	1970-01-23 14:16:08	Name: visitor_id83952-hash Value: a7d5658f2d66386ab42e4c3ec56555b97420ba089a05b0d90aaee4628df1ed731c6dfc9f66d1cf6d279909a3de4c9ed2720b9f25
go.rethinkfirst.com/	1970-01-23 14:16:08	Name: visitor_id83952 Value: 274679951
go.rethinkfirst.com/	1970-01-23 14:16:08	Name: visitor_id83952-hash Value: a7d5658f2d66386ab42e4c3ec56555b97420ba089a05b0d90aaee4628df1ed731c6dfc9f66d1cf6d279909a3de4c9ed2720b9f25

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
cdn.acsbapp.com
fonts.googleapis.com
fonts.gstatic.com
go.rethinkfirst.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
pi.pardot.com
rethink-cdn-edu.azureedge.net
rethinkbenefits.com
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
www.rethinkbenefits.com
13.107.246.67
142.250.186.104
142.250.186.142
161.35.15.77
172.217.16.131
206.189.191.180
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:44b0
2606:4700::6811:d3cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2620:1ec:48::44
2a00:1450:4001:82a::200a
35.174.150.168
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0daa212f585390c130c10af17219c619da5688ef874853f89f746c2b97d42e01
1d048e58fc4c11acd0d6814e6514b4253b25dae91b51093501c297408f2ddff2
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d5f7f551cca52ad439af9e3f54b7103ad31587084ad121361d8e319210b9f5d
33f4664bbf94cc1c4524b3469ba4c25aeb1bab2636ffc061adfc1ffedc4dafde
3ced5f8cdff53413385be72b52dc7aec3bc055c24684f76ae30a74664d0ef052
3dc55d7d55a36fc49663e06e632221f517d669cad54a20aef6809f31f2dc964a
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
42329280b0cf83cd9362c2c18410b9a0e16571baa6d7b4877a59edfe4192c494
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
57237622bfe01f61bc6256b71642efa54394fdad96795a2bcdfb70f89d02a5fd
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
68e86b7f45d9e6f39ec522458a4d0973c25745485188bad6d680e70b953a9bec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b999ad5a53f20d5432a997640c8e6466a4f8fbd4d754b91e0fd102f5a5301b2
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
7f8f433190fdc265336bee4b79d8f461e62f99fcc87efbc3a1bc6a6116132d5c
814a3668c2c6270b391a45b4ae2b293cbe713d87b89fd7e97a80d6dd0a35206c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ac33ffd788e54cb4a00b31c9823744f840e1f1b5a5f6c94a5cdaa588a05c3ff
8b9b7ad3b5c3fe6eb502079f3b955b165622b807d03ffcf954bd28e8e8a4cee0
8cc76357bd40603ec5e4006a86598180f96ebd603aa32682e6f8da895e02fab2
8cea5efbe16230f5a4726ea5d2172c4c8d38a080dba3a4e105d07f3d77af6748
95073e811b771abc541cc4722bf5cd1d3f9a8bb5d3ca1f305d56b03f801aea99
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5e3d92515571781e7a0cde874ec6b137ae496da4d29a4361fe1d35629e199c5
af163e6370aa13abac18245d6c0f786a5db66448abba499f506b4bd11414727c
b0e6f7ad3ea85c656db9e4e51c75fe79d503bfce28f8be62e2c03a80d20cf76d
cb3bfa3f39f228b5e06fb6ee80aea986056d3253805a59581e6eff051050141d
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d3acae6258d603740a17dbff03bec2004d36814f15082958c84a544d43e33b4d
d4102bbe4cbf20ecf50ed31f75606465a4576ef2c0765fbf6e5d0d1a2a5084c0
d68e9b6ef66bf0113a643dbe47a31245ba5a9e13140dd8f75bd86cc7abfe0f60
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dff26b51cad388065c1fbe75ce5af23772a422909b70f7fca58f6cb6632caa8c
e0d9d3c9034dde0af57d0b444fa033f9223ce92dbe904ce0236cbcec842bbb04
e79d81fa221aa8f47dfb5083fb1bd5baf2dfeee346efac6c39aaba529a24558c
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

www.rethinkbenefits.com Open in urlscan Pro 2620:1ec:48::44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

44 Requests

98 %HTTPS

50 %IPv6

13 Domains

15 Subdomains

14 IPs

2 Countries

1379 kBTransfer

3695 kBSize

16 Cookies

4 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rethinkbenefits.com Open in urlscan Pro
2620:1ec:48::44 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

50 %
IPv6

13
Domains

15
Subdomains

14
IPs

2
Countries

1379 kB
Transfer

3695 kB
Size

16
Cookies

44 HTTP transactions
1 data transactions