urlscan.io logo urlscan.io
SecurityTrails logo

www.benefitter.com Open in urlscan Pro
141.193.213.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://benefitter.com/
Effective URL: https://www.benefitter.com/
Submission: On March 24 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 51 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.benefitter.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 24th 2023. Valid for: a year.
This is the only time www.benefitter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 141.193.213.10 209242 (CLOUDFLAR...)
39 141.193.213.11 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
51 8
2    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
benefitter.com
39    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.benefitter.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
41 benefitter.com
benefitter.com
www.benefitter.com
3 MB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1728
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
304 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
349 B
1 gstatic.com
fonts.gstatic.com
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
787 B
51 6
Domain Requested by
39 www.benefitter.com www.benefitter.com
4 www.googletagmanager.com www.benefitter.com
www.googletagmanager.com
www.google-analytics.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 benefitter.com 2 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.benefitter.com
51 8

This site contains links to these domains. Also see Links.

Domain
ei.benefitter.com
www.healthmarkets.com
Subject Issuer Validity Valid
www.benefitter.com
Cloudflare Inc ECC CA-3		 2023-07-24 -
2024-07-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.benefitter.com/
Frame ID: 6882A146579AC58337ECCD83A4CC99FD
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Benefitter | Health Insurance Quoting Software for Agents

Page URL History Show full URLs

  1. http://benefitter.com/ HTTP 301
    https://benefitter.com/ HTTP 301
    https://www.benefitter.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

51
Requests

98 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

3896 kB
Transfer

5078 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://benefitter.com/ HTTP 301
    https://benefitter.com/ HTTP 301
    https://www.benefitter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.benefitter.com/
Redirect Chain
  • http://benefitter.com/
  • https://benefitter.com/
  • https://www.benefitter.com/
282 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
612abb0f57a84c094ab52f8f9343e325d944ee86cb579a78144f66c441df9b9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
869832722d9d4516-TXL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 16:56:53 GMT
link
<https://www.benefitter.com/wp-json/>; rel="https://api.w.org/" <https://www.benefitter.com/wp-json/wp/v2/pages/12244>; rel="alternate"; type="application/json" <https://www.benefitter.com/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 4
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8698326cc9a958ea-TXL
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 16:56:52 GMT
location
https://www.benefitter.com/
server
cloudflare
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
bundle.min.css
www.benefitter.com/wp-content/uploads/visualcomposer-assets/addons/themeEditor/themeEditor/public/layouts/css/ 		218 B
193 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/addons/themeEditor/themeEditor/public/layouts/css/bundle.min.css?ver=9f8f928b2d5fe921587fc00ff38942ab
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f02f6bce2814e091e6b13d2ae7bc0e05f97edf52e6a8ff45a91a82ec232b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
W/"63000018-da"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ec04516-TXL
alt-svc
h3=":443"; ma=86400
vcv-header-footer-layout.min.css
www.benefitter.com/wp-content/uploads/visualcomposer-assets/addons/themeEditor/themeEditor/public/layouts/css/ 		1 KB
345 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/addons/themeEditor/themeEditor/public/layouts/css/vcv-header-footer-layout.min.css?ver=9f8f928b2d5fe921587fc00ff38942ab
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32355957f88b34f35005a4b8b6256e344d10f47ff318ddd941a81dd4ecd90d06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
W/"63000018-42b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ec34516-TXL
alt-svc
h3=":443"; ma=86400
style.min.css
www.benefitter.com/wp-includes/css/dist/block-library/ 		108 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-includes/css/dist/block-library/style.min.css?ver=9f8f928b2d5fe921587fc00ff38942ab
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 19:02:28 GMT
server
cloudflare
etag
W/"65b15ec4-1ae43"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ec64516-TXL
alt-svc
h3=":443"; ma=86400
visual-composer-starter-font.min.css
www.benefitter.com/wp-content/themes/visual-composer-starter/css/vc-font/ 		2 KB
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/themes/visual-composer-starter/css/vc-font/visual-composer-starter-font.min.css?ver=3.3
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c6fead34f0a3a6d6ad2c2189aea1d6d4a08e65d0b89ac3f81b3398025b7bfc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:50 GMT
server
cloudflare
etag
W/"6300001a-7b0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ec94516-TXL
alt-svc
h3=":443"; ma=86400
style.min.css
www.benefitter.com/wp-content/themes/visual-composer-starter/css/styles/ 		74 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/themes/visual-composer-starter/css/styles/style.min.css?ver=3.3
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c741774d517b77b927783da3b8a73eb1fe3cfd19ff511efd00518848e624eb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:50 GMT
server
cloudflare
etag
W/"6300001a-12988"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ecb4516-TXL
alt-svc
h3=":443"; ma=86400
responsive.min.css
www.benefitter.com/wp-content/themes/visual-composer-starter/css/styles/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/themes/visual-composer-starter/css/styles/responsive.min.css?ver=3.3
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57005de30a6ed89b978aa6e5744f18a94f290bfe199e10f98c412b31a829add

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:50 GMT
server
cloudflare
etag
W/"6300001a-1185"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ece4516-TXL
alt-svc
h3=":443"; ma=86400
style.css
www.benefitter.com/wp-content/themes/visual-composer-starter/ 		747 B
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/themes/visual-composer-starter/style.css?ver=9f8f928b2d5fe921587fc00ff38942ab
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2012b2cc33d983ff43ae5a64ac2bb4d504acb32737e04ad17fb58d003d805a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:50 GMT
server
cloudflare
etag
W/"6300001a-2eb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ed14516-TXL
alt-svc
h3=":443"; ma=86400
front.bundle.css
www.benefitter.com/wp-content/plugins/visualcomposer/public/dist/ 		18 KB
827 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/plugins/visualcomposer/public/dist/front.bundle.css?ver=45.8.0
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56f7cbb2036deb9f54d3ed504fb3c2c029c046ecf9d540314434ac216de2bfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2024 01:41:40 GMT
server
cloudflare
etag
W/"65fb9054-4850"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ed34516-TXL
alt-svc
h3=":443"; ma=86400
stickyElement.bundle.css
www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/stickyElement/dist/ 		447 B
259 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/stickyElement/dist/stickyElement.bundle.css?ver=2.52-12141
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6d961b34b5230819642446676584c1c21e7e6f56014bb4e57cfc97e46e70e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Aug 2022 21:26:47 GMT
server
cloudflare
etag
W/"63000017-1bf"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ed54516-TXL
alt-svc
h3=":443"; ma=86400
bf0be0226b8a1850c04ead88c8cc7c96.source.css
www.benefitter.com/wp-content/uploads/visualcomposer-assets/assets-bundles/ 		28 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/assets-bundles/bf0be0226b8a1850c04ead88c8cc7c96.source.css?ver=45.8.0.bf0be0226b8a1850c04ead88c8cc7c96
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
640a586899beae820606c5326350bffe78fd42ea4c0e06dae20a3a02e37d3442

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
W/"63000018-6f31"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832767ed74516-TXL
alt-svc
h3=":443"; ma=86400
c956616a3842d18cc722f5b3650e3094.source.css
www.benefitter.com/wp-content/uploads/visualcomposer-assets/assets-bundles/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/assets-bundles/c956616a3842d18cc722f5b3650e3094.source.css?ver=45.8.0.c956616a3842d18cc722f5b3650e3094
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06cc43a9b6eb66789807e48c1ebe1e5cbf7e5c8fa71fcfe994205f5d7dd6d312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
W/"63000018-3fcf"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86983276af334516-TXL
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		725 B
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A700&ver=2.52-12244
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
181332276dd0c0bd527c598cbc42dc34a6d0be9120b37e615d3b9202e25f95e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 15:33:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Mar 2024 16:56:53 GMT
backgroundSimple.bundle.css
www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/backgroundSimple/dist/ 		3 KB
560 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/backgroundSimple/dist/backgroundSimple.bundle.css?ver=2.52-12244
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5719fdc4d4b3870f096134fdcd6a29d5e1e75b28a2fbd111e1f140daf74f49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:47 GMT
server
cloudflare
etag
W/"63000017-be0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86983276af384516-TXL
alt-svc
h3=":443"; ma=86400
jquery.min.js
www.benefitter.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
cloudflare
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86983276af3b4516-TXL
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
www.benefitter.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86983276af404516-TXL
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		219 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-WR936Z
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2a75ba16122c626b772cb1234036592de941b899978d2147a41022c65ae13af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81632
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Mar 2024 16:56:54 GMT
logo-206x38.png
www.benefitter.com/wp-content/uploads/2021/03/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitter.com/wp-content/uploads/2021/03/logo-206x38.png
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29fd22d3d4d0cfc946865df3a8e694e5c4033bd836171b56ad0954e1a696fd2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
cf-cache-status
MISS
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
"63000018-15bb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86983276af434516-TXL
alt-svc
h3=":443"; ma=86400
content-length
5563
QUOTE-960x640.jpg
www.benefitter.com/wp-content/uploads/2021/03/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitter.com/wp-content/uploads/2021/03/QUOTE-960x640.jpg
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04a126f60deb64ed5f1023ab018cde9833f738b4b65b18a35311312b850cfa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
cf-polished
origSize=115451
etag
"63000018-1c2fb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86983276af454516-TXL
alt-svc
h3=":443"; ma=86400
content-length
111342
UNDERWRITE-960x640.jpg
www.benefitter.com/wp-content/uploads/2021/03/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitter.com/wp-content/uploads/2021/03/UNDERWRITE-960x640.jpg
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6930e7f8a30d452b483df5e6cfa11bea094da68ac968a14ff0d3f61068da12c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
cf-polished
origSize=80576
etag
"63000018-13ac0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8698327758cc4516-TXL
alt-svc
h3=":443"; ma=86400
content-length
78622
ENROLL-960x640.jpg
www.benefitter.com/wp-content/uploads/2021/03/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitter.com/wp-content/uploads/2021/03/ENROLL-960x640.jpg
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
05f5ea9241968c8044c81e64886aa17ce8fbde793c56806f0c7261239d6ea870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
cf-polished
origSize=74661
etag
"63000018-123a5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86983277bfc76a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
72692
Icon_Save-Time-21-196x194.png
www.benefitter.com/wp-content/uploads/2021/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitter.com/wp-content/uploads/2021/03/Icon_Save-Time-21-196x194.png
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
172c8688dd8b9bb471f3f979c2f3b7905019849013ca7d5b9b9e50a608b658ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2484
content-disposition
inline; filename="Icon_Save-Time-21-196x194.webp"
alt-svc
h3=":443"; ma=86400
content-length
1790
cf-bgj
imgq:100,h2pri
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
"63000018-9b4"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8698327879b86a75-TXL
Icon_Sell-More-196x194.png
www.benefitter.com/wp-content/uploads/2021/03/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitter.com/wp-content/uploads/2021/03/Icon_Sell-More-196x194.png
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a092f302a62e137e006d88e6bd2442bf3867ea07f51fb097c4f5efdb80fd67ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2058
content-disposition
inline; filename="Icon_Sell-More-196x194.webp"
alt-svc
h3=":443"; ma=86400
content-length
1386
cf-bgj
imgq:100,h2pri
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
"63000018-80a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8698327b68c86a75-TXL
Icon_Increase-Prod-196x194.png
www.benefitter.com/wp-content/uploads/2021/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitter.com/wp-content/uploads/2021/03/Icon_Increase-Prod-196x194.png
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83074b06234687d595018060522fca64af73383fbd57920523f70f24a1d678d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2560
content-disposition
inline; filename="Icon_Increase-Prod-196x194.webp"
alt-svc
h3=":443"; ma=86400
content-length
1802
cf-bgj
imgq:100,h2pri
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
"63000018-a00"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8698327b68c96a75-TXL
runtime.bundle.js
www.benefitter.com/wp-content/plugins/visualcomposer/public/dist/ 		32 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/plugins/visualcomposer/public/dist/runtime.bundle.js?ver=45.8.0
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8804f2b7c575c7d53a77071bbae6116ff76e340248dcb51c7b7d82ac1b04f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2024 01:41:40 GMT
server
cloudflare
etag
W/"65fb9054-7e42"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86983278ea9f6a75-TXL
alt-svc
h3=":443"; ma=86400
front.bundle.js
www.benefitter.com/wp-content/plugins/visualcomposer/public/dist/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/plugins/visualcomposer/public/dist/front.bundle.js?ver=45.8.0
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9fbf2a3b634db67e60d505b9d32f168849493761d81b447db1b408f0859222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2024 01:41:40 GMT
server
cloudflare
etag
W/"65fb9054-1f76"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
869832796bf06a75-TXL
alt-svc
h3=":443"; ma=86400
stickyElement.bundle.js
www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/stickyElement/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/stickyElement/dist/stickyElement.bundle.js?ver=2.52-12141
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55fa42f365939ea3b57d9972377777cbaab52fc66ace3f36f97b613b322197d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:47 GMT
server
cloudflare
etag
W/"63000017-2495"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86983279dcf66a75-TXL
alt-svc
h3=":443"; ma=86400
basicMenu.min.js
www.benefitter.com/wp-content/uploads/visualcomposer-assets/elements/basicMenu/basicMenu/public/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/elements/basicMenu/basicMenu/public/dist/basicMenu.min.js?ver=2.52-12141
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35bc8af432b950660f6f64e84d75db3e8380269a7ac5bddc86f543cef826bdc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
W/"63000018-c07"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327a3dc66a75-TXL
alt-svc
h3=":443"; ma=86400
menuToggle.bundle.js
www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/menuToggle/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/menuToggle/dist/menuToggle.bundle.js?ver=2.52-12141
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96430a00211cf86f3907a7a3d7e3e528f09f8a6c5f4c7d5c0ad3af0db8a6b98c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:47 GMT
server
cloudflare
etag
W/"63000017-963"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327a9ea36a75-TXL
alt-svc
h3=":443"; ma=86400
menuToggle.bundle.js
www.benefitter.com/wp-content/plugins/visualcomposer/public/sources/assetsLibrary/menuToggle/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/plugins/visualcomposer/public/sources/assetsLibrary/menuToggle/dist/menuToggle.bundle.js?ver=45.8.0-12141
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6e279fddf5afb7905a1ce306a6859e3b4d88cfa5ad87d177f5bcddcbdd8ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2024 01:41:40 GMT
server
cloudflare
etag
W/"65fb9054-949"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327b18036a75-TXL
alt-svc
h3=":443"; ma=86400
sandwichMenu.min.js
www.benefitter.com/wp-content/uploads/visualcomposer-assets/elements/sandwichMenu/sandwichMenu/public/dist/ 		386 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/elements/sandwichMenu/sandwichMenu/public/dist/sandwichMenu.min.js?ver=2.52-12141
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adef0d9c0f2caa5089fa53ef7a540bed701a4e2871d7321b9e5d2b819f176ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
W/"63000018-182"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327b48706a75-TXL
alt-svc
h3=":443"; ma=86400
fullWidth.bundle.js
www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/fullWidth/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/sharedLibraries/fullWidth/dist/fullWidth.bundle.js?ver=2.52-12117
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf7b29f8d4de9673ddd000392d4e991211dfff233fde44298b3a324810aee162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:47 GMT
server
cloudflare
etag
W/"63000017-a5d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327b68c06a75-TXL
alt-svc
h3=":443"; ma=86400
page-scroll-to-id.min.js
www.benefitter.com/wp-content/plugins/page-scroll-to-id/js/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.9
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
683194a1ccdbff2ccb1d049dbead875f871f0916266d3cb01e92023303aba203

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 00:37:56 GMT
server
cloudflare
etag
W/"65cd5ce4-6658"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327b68c26a75-TXL
alt-svc
h3=":443"; ma=86400
gtm4wp-form-move-tracker.js
www.benefitter.com/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/ 		1 KB
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.1
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 02:53:03 GMT
server
cloudflare
etag
W/"65fcf28f-472"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327b68c66a75-TXL
alt-svc
h3=":443"; ma=86400
functions.min.js
www.benefitter.com/wp-content/themes/visual-composer-starter/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/themes/visual-composer-starter/js/functions.min.js?ver=3.3
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fee24303b243b627fcce901c0b20416ecb7fe312b5cdc270a991e34622e62ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:50 GMT
server
cloudflare
etag
W/"6300001a-11c4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327b68ca6a75-TXL
alt-svc
h3=":443"; ma=86400
element.bundle.js
www.benefitter.com/wp-content/uploads/visualcomposer-assets/addons/pluginVersionCheck/public/dist/ 		875 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/uploads/visualcomposer-assets/addons/pluginVersionCheck/public/dist/element.bundle.js?ver=45.8.0
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0fb1b2a42210633cb842f2edca54677cb8a36a3e8c14178e879fec91ac7f92c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
etag
W/"63000018-36b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327b68c76a75-TXL
alt-svc
h3=":443"; ma=86400
c0ceeb27-89dd-4eaf-a36c-ccdcc4698f67
https://www.benefitter.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.benefitter.com/c0ceeb27-89dd-4eaf-a36c-ccdcc4698f67
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		143 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBRV7DC
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27d503b135f43f6c5fcc2cc6886fcd1e5b3ca0aff702e4de954c7c4bba18176d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55811
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Mar 2024 16:56:54 GMT
Banner-Homepage2021.jpg
www.benefitter.com/wp-content/uploads/2021/03/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitter.com/wp-content/uploads/2021/03/Banner-Homepage2021.jpg
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e01e1685a2846e0cdef465e1c0463570a370ee2e1ae4e3c8f4161898f27da83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 19 Aug 2022 21:26:48 GMT
server
cloudflare
cf-polished
origSize=31452
etag
"63000018-7adc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8698327b68e46a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
29512
Roboto-Bold.ttf
www.benefitter.com/wp-content/themes/visual-composer-starter/fonts/default-fonts/Roboto/ 		163 KB
164 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/themes/visual-composer-starter/fonts/default-fonts/Roboto/Roboto-Bold.ttf
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/wp-content/themes/visual-composer-starter/css/styles/style.min.css?ver=3.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4

Request headers

Referer
https://www.benefitter.com/wp-content/themes/visual-composer-starter/css/styles/style.min.css?ver=3.3
Origin
https://www.benefitter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:50 GMT
server
cloudflare
etag
"6300001a-28da8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8698327b78ec6a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
167336
Roboto-Regular.ttf
www.benefitter.com/wp-content/themes/visual-composer-starter/fonts/default-fonts/Roboto/ 		164 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-content/themes/visual-composer-starter/fonts/default-fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/wp-content/themes/visual-composer-starter/css/styles/style.min.css?ver=3.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481

Request headers

Referer
https://www.benefitter.com/wp-content/themes/visual-composer-starter/css/styles/style.min.css?ver=3.3
Origin
https://www.benefitter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 21:26:50 GMT
server
cloudflare
etag
"6300001a-29144"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8698327b78ef6a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
168260
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A700&ver=2.52-12244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:54:13 GMT
x-content-type-options
nosniff
age
464561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:54:13 GMT
Davies-Emory.jpg
www.benefitter.com/wp-content/uploads/2018/10/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitter.com/wp-content/uploads/2018/10/Davies-Emory.jpg
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa39e238d4a702bd3bcff77ad2b3782ebc24ccf78cd7427ecf0435eb997abc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 19 Aug 2022 21:26:49 GMT
server
cloudflare
cf-polished
origSize=2982749
etag
"63000019-2d835d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8698327bea056a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
2862113
wp-emoji-release.min.js
www.benefitter.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitter.com/wp-includes/js/wp-emoji-release.min.js?ver=9f8f928b2d5fe921587fc00ff38942ab
Requested by
Host: www.benefitter.com
URL: https://www.benefitter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8698327bea0c6a75-TXL
alt-svc
h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBRV7DC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Mar 2024 15:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4692
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Mar 2024 17:38:42 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-WR936Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBRV7DC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8aee6034201ac99d097c98ae40d507a027271fbd1749b1424695487912da3d60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81670
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Mar 2024 16:56:54 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8JX89ZCNTM&gtm=45Pe43k0v892350753za200&_p=1711299414288&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1513433108.1711299415&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711299414&sct=1&seg=0&dl=https%3A%2F%2Fwww.benefitter.com%2F&dt=Benefitter%20%7C%20Health%20Insurance%20Quoting%20Software%20for%20Agents&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3152
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-WR936Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 16:56:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefitter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1351300925&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefitter.com%2F&ul=en-us&de=UTF-8&dt=Benefitter%20%7C%20Health%20Insurance%20Quoting%20Software%20for%20Agents&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2070296141&gjid=1805605760&cid=1513433108.1711299415&tid=UA-38646702-1&_gid=11224181.1711299415&_r=1&_slc=1&gtm=45He43k0n81WBRV7DCza200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2014805223
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5ea836214c28e6623c21777dc31460b90d52cbd9d48631552e47b59956f51f06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefitter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 16:56:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefitter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-38646702-1&cid=1513433108.1711299415&jid=2070296141&gjid=1805605760&_gid=11224181.1711299415&npa=1&_u=YADAAEAAAAAAACAAI~&z=1617131232
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefitter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 24 Mar 2024 16:56:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefitter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		257 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MGSJ89ZFSN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38c97db4a2476e42fad40d7bdb2eb0da99e96821e3e2822459a6c8e8e6b60ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 16:56:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91932
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Mar 2024 16:56:54 GMT
collect
region1.google-analytics.com/g/ 		0
46 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MGSJ89ZFSN&gtm=45je43k0v9135800670za200&_p=1711299414288&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&ul=en-us&sr=1600x1200&cid=1513433108.1711299415&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.benefitter.com%2F&dt=Benefitter%20%7C%20Health%20Insurance%20Quoting%20Software%20for%20Agents&sid=1711299414&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3452
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MGSJ89ZFSN&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 16:56:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefitter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer_content object| vcvWebpackJsonp4x function| vcSticky object| vcStickySettings function| vcvBasicMenu function| vcvSandwichModal function| vceResetFullWidthElements object| mPS2id_params object| visualcomposerstarter object| vcStickyElements object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| twemoji object| wp object| gaGlobal object| gaplugins object| gaData

6 Cookies

Domain/Path Name / Value
.benefitter.com/ Name: __cf_bm
Value: IfiLsJL17Msu71Drm02U7AEjC2yN.Cp4kKbvKyHztuI-1711299412-1.0.1.1-SpBmX0S2C04ZNZMrTUFYM6dpW7oOY4A6d.1NhnmwgZjv.SizamgFNyFfDe9weQYJrgH_WJnfhV_DVTZZO4mGlA
.benefitter.com/ Name: _ga_8JX89ZCNTM
Value: GS1.1.1711299414.1.0.1711299414.0.0.0
.benefitter.com/ Name: _ga
Value: GA1.2.1513433108.1711299415
.benefitter.com/ Name: _gid
Value: GA1.2.11224181.1711299415
.benefitter.com/ Name: _gat_UA-38646702-1
Value: 1
.benefitter.com/ Name: _ga_MGSJ89ZFSN
Value: GS1.2.1711299414.1.0.1711299414.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

benefitter.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
stats.g.doubleclick.net
www.benefitter.com
www.google-analytics.com
www.googletagmanager.com
141.193.213.10
141.193.213.11
2001:4860:4802:34::36
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:812::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9b
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
05f5ea9241968c8044c81e64886aa17ce8fbde793c56806f0c7261239d6ea870
06cc43a9b6eb66789807e48c1ebe1e5cbf7e5c8fa71fcfe994205f5d7dd6d312
07f02f6bce2814e091e6b13d2ae7bc0e05f97edf52e6a8ff45a91a82ec232b66
172c8688dd8b9bb471f3f979c2f3b7905019849013ca7d5b9b9e50a608b658ea
181332276dd0c0bd527c598cbc42dc34a6d0be9120b37e615d3b9202e25f95e9
1aa39e238d4a702bd3bcff77ad2b3782ebc24ccf78cd7427ecf0435eb997abc4
1e01e1685a2846e0cdef465e1c0463570a370ee2e1ae4e3c8f4161898f27da83
1f2012b2cc33d983ff43ae5a64ac2bb4d504acb32737e04ad17fb58d003d805a
1f5719fdc4d4b3870f096134fdcd6a29d5e1e75b28a2fbd111e1f140daf74f49
27d503b135f43f6c5fcc2cc6886fcd1e5b3ca0aff702e4de954c7c4bba18176d
29fd22d3d4d0cfc946865df3a8e694e5c4033bd836171b56ad0954e1a696fd2b
2c6fead34f0a3a6d6ad2c2189aea1d6d4a08e65d0b89ac3f81b3398025b7bfc6
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
32355957f88b34f35005a4b8b6256e344d10f47ff318ddd941a81dd4ecd90d06
35bc8af432b950660f6f64e84d75db3e8380269a7ac5bddc86f543cef826bdc9
38c97db4a2476e42fad40d7bdb2eb0da99e96821e3e2822459a6c8e8e6b60ac9
3c741774d517b77b927783da3b8a73eb1fe3cfd19ff511efd00518848e624eb6
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55fa42f365939ea3b57d9972377777cbaab52fc66ace3f36f97b613b322197d4
5e8804f2b7c575c7d53a77071bbae6116ff76e340248dcb51c7b7d82ac1b04f6
5ea836214c28e6623c21777dc31460b90d52cbd9d48631552e47b59956f51f06
612abb0f57a84c094ab52f8f9343e325d944ee86cb579a78144f66c441df9b9a
640a586899beae820606c5326350bffe78fd42ea4c0e06dae20a3a02e37d3442
683194a1ccdbff2ccb1d049dbead875f871f0916266d3cb01e92023303aba203
6930e7f8a30d452b483df5e6cfa11bea094da68ac968a14ff0d3f61068da12c8
6adef0d9c0f2caa5089fa53ef7a540bed701a4e2871d7321b9e5d2b819f176ae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fee24303b243b627fcce901c0b20416ecb7fe312b5cdc270a991e34622e62ac
83074b06234687d595018060522fca64af73383fbd57920523f70f24a1d678d4
8aee6034201ac99d097c98ae40d507a027271fbd1749b1424695487912da3d60
8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961
8f9fbf2a3b634db67e60d505b9d32f168849493761d81b447db1b408f0859222
96430a00211cf86f3907a7a3d7e3e528f09f8a6c5f4c7d5c0ad3af0db8a6b98c
9f6d961b34b5230819642446676584c1c21e7e6f56014bb4e57cfc97e46e70e9
a092f302a62e137e006d88e6bd2442bf3867ea07f51fb097c4f5efdb80fd67ca
a56f7cbb2036deb9f54d3ed504fb3c2c029c046ecf9d540314434ac216de2bfc
baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4
bc6e279fddf5afb7905a1ce306a6859e3b4d88cfa5ad87d177f5bcddcbdd8ee5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf7b29f8d4de9673ddd000392d4e991211dfff233fde44298b3a324810aee162
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0fb1b2a42210633cb842f2edca54677cb8a36a3e8c14178e879fec91ac7f92c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57005de30a6ed89b978aa6e5744f18a94f290bfe199e10f98c412b31a829add
f04a126f60deb64ed5f1023ab018cde9833f738b4b65b18a35311312b850cfa2
f2a75ba16122c626b772cb1234036592de941b899978d2147a41022c65ae13af