benefitsinc.com Open in urlscan Pro
160.153.0.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.benepac.co/api/LinkHandler/getaction?redirectParam2=K09weU5vMDBKWXBmVlFCTm41OERGWGx4MHJIN2QzUDU5TmROL2xJaDd...
Effective URL:
https://benefitsinc.com/benepac/
Submission: On January 17 via api (January 17th 2024, 5:32:18 pm UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 83 HTTP transactions. The main IP is 160.153.0.76, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is benefitsinc.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 6th 2023. Valid for: a year.

This is the only time benefitsinc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.199.157.31 34.199.157.31	14618 (AMAZON-AES) (AMAZON-AES)
1 6	3.209.50.202 3.209.50.202	14618 (AMAZON-AES) (AMAZON-AES)
55	160.153.0.76 160.153.0.76	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:230... 2600:9000:2304:e400:1f:7a16:c640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	51.11.20.152 51.11.20.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2.16.100.27 2.16.100.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:890f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	194.145.183.49 194.145.183.49	24971 (MASTER-AS...) (MASTER-AS Czech Republic www.master.cz)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2	2a02:26f0:480... 2a02:26f0:480:d::210:f149	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
83	16

1 34.199.157.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-157-31.compute-1.amazonaws.com

link.benepac.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.209.50.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-50-202.compute-1.amazonaws.com

hjsiguzdmmy.hatchbuck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hatchbuck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 160.153.0.76 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: 76.0.153.160.host.secureserver.net

benefitsinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:e400:1f:7a16:c640:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.hatchbuck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.scan6show.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.100.27 (Düsseldorf, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-100-27.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.145.183.49 (Czech Republic)

ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ)
PTR: chewie.imper.cz

t.leady.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:d::210:f149 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	benefitsinc.com benefitsinc.com	630 KB
7	hatchbuck.com 1 redirects hjsiguzdmmy.hatchbuck.com cdn.hatchbuck.com — Cisco Umbrella Rank: 377783 app.hatchbuck.com — Cisco Umbrella Rank: 103294	136 KB
4	wsimg.com 2 redirects img1.wsimg.com — Cisco Umbrella Rank: 7508	22 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
3	gstatic.com fonts.gstatic.com	59 KB
3	leady.com t.leady.com — Cisco Umbrella Rank: 230415	4 KB
2	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 8665	562 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	149 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 236	490 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 600	15 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	345 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4371	2 KB
1	scan6show.com secure.scan6show.com — Cisco Umbrella Rank: 533140	321 B
1	benepac.co 1 redirects link.benepac.co	304 B
83	15

	Domain	Requested by
55	benefitsinc.com	benefitsinc.com
5	app.hatchbuck.com	benefitsinc.com app.hatchbuck.com
4	img1.wsimg.com	2 redirects benefitsinc.com
3	fonts.gstatic.com	fonts.googleapis.com
3	t.leady.com	benefitsinc.com t.leady.com
2	events.api.secureserver.net	img1.wsimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	benefitsinc.com www.googletagmanager.com
2	fonts.googleapis.com	benefitsinc.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	app.hatchbuck.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ws.zoominfo.com	benefitsinc.com
1	secure.scan6show.com	benefitsinc.com
1	cdn.hatchbuck.com	benefitsinc.com
1	hjsiguzdmmy.hatchbuck.com	1 redirects
1	link.benepac.co	1 redirects
83	18

This site contains links to these domains. Also see Links.

Domain
connectandsimplify.com
www.linkedin.com
maps.google.com
www.onlineemployer.com
payroll.benechex.com
www.sgc02.com
www.proveit2.com
hrsource.myhrsupportcenter.com
benhrcompanycollege.bizlibrary.com

Subject Issuer	Validity	Valid
benefitsinc.com Cloudflare Inc ECC CA-3	`2023-11-06` - `2024-11-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.hatchbuck.com Amazon RSA 2048 M02	`2023-11-23` - `2024-12-20`	a year	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-07-06`	7 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
t.leady.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2023-07-10` - `2024-08-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://benefitsinc.com/benepac/
Frame ID: 81E92187DE2971F1D2F7D5EFFE1BF60A
Requests: 77 HTTP requests in this frame

Frame: https://app.hatchbuck.com/OnlineForm/83044414130
Frame ID: B584BF120AF35DE3B249335192C988B7
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BenePac – The Benefit Companies, Inc.

Page URL History Show full URLs

http://link.benepac.co/api/LinkHandler/getaction?redirectParam2=K09weU5vMDBKWXBmVlFCTm41OERGWGx4MHJ... HTTP 301
https://hjsiguzdmmy.hatchbuck.com/TrackLinkClick?ID2=IgfwYSDb6ZwW3pXhgpKZBLecg62XmKxRHZSHBBuznWLmWpmCtZ8_zU34b... HTTP 302
https://benefitsinc.com/benepac/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery\.prettyPhoto\.js

Page Statistics

83
Requests

98 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

16
IPs

5
Countries

1041 kB
Transfer

2715 kB
Size

13
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://connectandsimplify.com/
Title: Connect & Simplify

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/8116139?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A8116139%2Cidx%3A1-1-1%2CtarId%3A1466450397110%2Ctas%3Athe%20benefit%20companies
Title: Linkedin

Search URL Search Domain Scan URL

URL: http://maps.google.com/maps?ll=43.033389,-88.13416&z=15&t=m&hl=en-US&gl=US&mapclient=embed&q=250%20Patrick%20Blvd%20Brookfield%2C%20WI%2053045
Title: 250 N. Patrick Blvd. Brookfield, WI 53045

Search URL Search Domain Scan URL

URL: https://www.onlineemployer.com/start.asp
Title: Payroll Online

Search URL Search Domain Scan URL

URL: https://payroll.benechex.com/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
Title: ChexPlus™

Search URL Search Domain Scan URL

URL: https://www.sgc02.com/5500Client/Login.aspx?Id=393638-66FD67F71AD981D0
Title: 5500 E-File Services

Search URL Search Domain Scan URL

URL: http://www.proveit2.com/assessment/
Title: HR Skills Assessment

Search URL Search Domain Scan URL

URL: https://hrsource.myhrsupportcenter.com/users/sign_in
Title: HR Answer Link

Search URL Search Domain Scan URL

URL: https://benhrcompanycollege.bizlibrary.com/
Title: BenHR Company College

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.benepac.co/api/LinkHandler/getaction?redirectParam2=K09weU5vMDBKWXBmVlFCTm41OERGWGx4MHJIN2QzUDU5TmROL2xJaDdnMHQ5eDUvc2U2M2VQTTEvTDYzMC9yOW9wZFQ1RDc3TzladGhNRWY1WlVQYUlKcGJhVTVmTWh3UW1NeTNKbnhqWXZhUGJRdUw3WWh1WmhwWDZFTzVFcnN5dkhuYW1DbmVleFAzRDQ1VnR1WXdQWE8vaUJseGRlUnJxTndDMStJclpkR2NVRjNSRDQveHMrdVNUQnJ1bUZUYVlReDJwR25WeXJBNXZrTFhzMFg1QT09 HTTP 301
https://hjsiguzdmmy.hatchbuck.com/TrackLinkClick?ID2=IgfwYSDb6ZwW3pXhgpKZBLecg62XmKxRHZSHBBuznWLmWpmCtZ8_zU34bWIPIGTx0 HTTP 302
https://benefitsinc.com/benepac/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

Request Chain 50

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
benefitsinc.com/benepac/
Redirect Chain

http://link.benepac.co/api/LinkHandler/getaction?redirectParam2=K09weU5vMDBKWXBmVlFCTm41OERGWGx4MHJIN2QzUDU5TmROL2xJaDdnMHQ5eDUvc2U2M2VQTTEvTDYzMC9yOW9wZFQ1RDc3TzladGhNRWY1WlVQYUlKcGJhVTVmTWh3UW1Ne...
https://hjsiguzdmmy.hatchbuck.com/TrackLinkClick?ID2=IgfwYSDb6ZwW3pXhgpKZBLecg62XmKxRHZSHBBuznWLmWpmCtZ8_zU34bWIPIGTx0
https://benefitsinc.com/benepac/

53 KB
13 KB

248ms
210ms

Document
text/html

160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

9e025d9aad21557cf71709e284207dfba1b026a3661c9cc124232873983e3de0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: MISS
cf-ray: 847056084b730410-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 17 Jan 2024 17:32:11 GMT
expires: Sat, 17 Feb 2024 17:32:11 GMT
last-modified: Wed, 17 Jan 2024 17:32:11 GMT
server: cloudflare
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: varnish_ssl
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 8.0
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: private
content-length: 149
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 17:32:10 GMT
location: https://benefitsinc.com/benepac/
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 79ms
24ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Lato

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

802496dc198a0e03f6e10051f54d494ed7dd46fd456a6578f458022c5e5a0b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 17:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 17:32:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 17:32:11 GMT

GET
H2 200 tcp.css
benefitsinc.com/wp-content/plugins/the-countdown/css/ 879 B
525 B 36ms
30ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/the-countdown/css/tcp.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

bbe357072bd56a44e29cca81f3f67302f1f629fa9dddfab9c8f47c3d951ad7c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Mar 2018 19:24:09 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"36f-5676451b8a840-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609ad9c0410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 style.min.css
benefitsinc.com/wp-includes/css/dist/block-library/ 107 KB
14 KB 41ms
35ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:49 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"1add3-60cc49bef28b7-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609ad9f0410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 styles.css
benefitsinc.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 48ms
42ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Jan 2024 19:14:16 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"b4e-60ec478615dc7-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609ada40410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 thickbox.css
benefitsinc.com/wp-includes/js/thickbox/ 3 KB
1010 B 47ms
41ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/js/thickbox/thickbox.css?ver=1.0

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:49 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"a63-60cc49bf5eb37-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609ada50410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 dashicons.min.css
benefitsinc.com/wp-includes/css/ 58 KB
34 KB 32ms
26ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/css/dashicons.min.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:51 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"e688-60cc49c0a7242-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609ada90410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 thickbox.css
benefitsinc.com/wp-includes/js/thickbox/ 3 KB
1 KB 30ms
25ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/js/thickbox/thickbox.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:51 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"a63-60cc49c11966d-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adab0410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 wpcf7-redirect-frontend.min.css
benefitsinc.com/wp-content/plugins/wpcf7-redirect/build/css/ 316 B
220 B 48ms
43ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Dec 2023 21:52:36 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"13c-60d84d12ead5b-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adae0410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 style.css
benefitsinc.com/wp-content/themes/karma/ 239 KB
40 KB 37ms
32ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/style.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

e92917321396ecbb01c71317b4132509ec0f284c4b4f18faa3d2336ef69de9ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"3bcd2-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adb10410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 gutenberg.min.css
benefitsinc.com/wp-content/themes/karma/css// 10 KB
5 KB 45ms
40ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/css//gutenberg.min.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

4a2fcb7287d0f841825d426560d8e8ae74dc70319d29a368c3cdf4283137dc86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"2633-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adb20410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 karma-cherry.css
benefitsinc.com/wp-content/themes/karma/css/ 17 KB
3 KB 209ms
205ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/css/karma-cherry.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

004386554b88064df58a7d7bd124e0223d27500643efd0527ab7bdfe9be08b04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"456e-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adb70410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 _font-awesome.css
benefitsinc.com/wp-content/themes/karma/css/ 30 KB
7 KB 57ms
53ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/css/_font-awesome.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

5cfcdebf8f38725bebe6f58ff39a6d044806bca0220a1e0b7e3257f9ad7392d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"7906-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adbd0410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 _mobile.css
benefitsinc.com/wp-content/themes/karma/css/ 55 KB
10 KB 41ms
37ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/css/_mobile.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

7affe6ee9f5599e0f8b745791f1666d834a2c2a76eada64a7e3c54afe1c1614c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"dc1e-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adbf0410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 jquery.min.js Show response
benefitsinc.com/wp-includes/js/jquery/ 86 KB
31 KB 49ms
45ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:49 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"15601-60cc49bf5a8ce-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adc00410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 jquery-migrate.min.js Show response
benefitsinc.com/wp-includes/js/jquery/ 13 KB
5 KB 43ms
39ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:49 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"3509-60cc49bf5992e-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adc20410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 jquery.countdown.min.js Show response
benefitsinc.com/wp-content/plugins/the-countdown/js/ 14 KB
5 KB 42ms
38ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/the-countdown/js/jquery.countdown.min.js?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

ca59b55f25c3d00e20acabbbae0e5f13afb811c03c18f05070f58aa9fab54c55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Mar 2018 19:24:09 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"38a7-5676451b8a840-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adc30410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 calendar.js Show response
benefitsinc.com/wp-content/plugins/spider-event-calendar/elements/ 36 KB
11 KB 35ms
32ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/spider-event-calendar/elements/calendar.js?ver=1.5.65

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

a8fb9d7aa199fec02e7bdec83c70721be8ea1bcb60ab2c060d66f9dd1bb636ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 15:59:42 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"8edc-5d27c584ab533-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adc50410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 calendar-setup.js Show response
benefitsinc.com/wp-content/plugins/spider-event-calendar/elements/ 5 KB
2 KB 34ms
31ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/spider-event-calendar/elements/calendar-setup.js?ver=1.5.65

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

5b9df46139eba41bc2c21cb822843449801f7028d5b4eca034b08ca26cffd8af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 15:59:42 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"1337-5d27c584a2774-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adc70410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 calendar_function.js Show response
benefitsinc.com/wp-content/plugins/spider-event-calendar/elements/ 15 KB
5 KB 33ms
30ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/spider-event-calendar/elements/calendar_function.js?ver=1.5.65

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

425e34a46ae58dce82ac595e7866dc0771ac023cc0850e7dcf77fc86a4780480

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 15:59:42 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"3abf-5d27c584a40c9-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 84705609adc80410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 96ms
28ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128744636-2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a813f26b7e33d54a7f970ff705628071b187818ad798476692225d2ab8541a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jan 2024 17:32:11 GMT

GET
H2 200 webPageTrackingAgreement.min.js Show response
cdn.hatchbuck.com/ 3 KB
4 KB 212ms
21ms Script
application/javascript 2600:9000:2304:e400:1f:7a16:c640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hatchbuck.com/webPageTrackingAgreement.min.js
Requested by: Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:e400:1f:7a16:c640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27f8afc20229eb2668f9bee4845cf5ee6018436edc274581404b18b8c95a5b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 04:48:16 GMT
via: 1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
last-modified: Fri, 21 Feb 2020 20:51:58 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 45835
etag: "2ce3af1eb9e2e79ba025d14ec7155cfb"
x-amz-meta-sha256: 27f8afc20229eb2668f9bee4845cf5ee6018436edc274581404b18b8c95a5b2f
content-type: application/javascript
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3309
x-amz-cf-id: bANcjVXWFbQ1yXqFpxL_O9cI7S_YTbyM8Fl511iycLZKlcp3hVhj4Q==
x-amz-meta-s3b-last-modified: 20200221T205120Z

GET
H/1.1 200
OK 206627.js Show response
secure.scan6show.com/js/ 16 B
321 B 424ms
29ms Script
text/javascript 51.11.20.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.scan6show.com/js/206627.js
Requested by: Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 49739e94573de5afc74a9a27ceecbff1dcf5126c6535d6d2d8839f25c86a7eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 17:32:11 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=86400
Connection: keep-alive
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

GET
H2 200 css
fonts.googleapis.com/ 1 KB
897 B 72ms
22ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d02c1c9690c99d45f0dd028edf456c825a003e05f86c44259a6ec8aa46510286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 17:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 17:01:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 17:32:11 GMT

GET
H2 200 logo_retina2.png
benefitsinc.com/wp-content/uploads/ 3 KB
3 KB 46ms
44ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/uploads/logo_retina2.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

864ffdb1924ebe7100da9bceae6b4449231bfbf435b80b9e601b6e9089b2c8de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: HIT
age: 113262
cf-polished: origSize=18797
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 3024
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Aug 2015 20:17:01 GMT
server: cloudflare
x-php-version: 8.0
etag: "496d-51e50a65ec940"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 84705609adcc0410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 benepac.jpg
benefitsinc.com/wp-content/uploads/ 57 KB
57 KB 230ms
228ms Image
image/jpeg 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/uploads/benepac.jpg

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

662323430fe4001b93863e101435c7625192bf98f0d248baa74dde47beb0ce20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 58187
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Aug 2015 20:17:00 GMT
x-php-version: 8.0
server: cloudflare
etag: "e34b-51e50a64f8700"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 84705609adc90410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 logo_BenePac.png
benefitsinc.com/wp-content/uploads/ 37 KB
37 KB 217ms
215ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/uploads/logo_BenePac.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

df53c8cb675c88abb02ddea657fce08621ca36c81530424d50a8bfe08542a35c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 38128
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Aug 2015 20:16:49 GMT
x-php-version: 8.0
server: cloudflare
etag: "94f0-51e50a5a7ae40"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 84705609adce0410-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 CSWheel_empty.png
benefitsinc.com/wp-content/uploads/ 58 KB
58 KB 227ms
226ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/uploads/CSWheel_empty.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

9b5f16d88f16dcdd6e37fe3330caa4d2db43e350d8373a32257e314ce01653e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 59019
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Aug 2015 20:17:03 GMT
x-php-version: 8.0
server: cloudflare
etag: "e68b-51e50a67d4dc0"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 84705609fa36bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 email-decode.min.js Show response
benefitsinc.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
871 B 12ms
11ms Script
application/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 17:29:47 GMT
server: cloudflare
etag: W/"65983c8b-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8470560b0bc2bb32-FRA
expires: Fri, 19 Jan 2024 17:32:11 GMT

GET
H3 200 calendar-jos.css
benefitsinc.com/wp-content/plugins/spider-event-calendar/elements/ 8 KB
3 KB 199ms
198ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/spider-event-calendar/elements/calendar-jos.css?ver=1.5.65

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

44c2faf3fd81fa40d8e787562c753cef19190bfa07ba6caa33166610c5d6ab86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 15:59:42 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"216a-5d27c5849ef4c-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560b1bdbbb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 color-picker.min.css
benefitsinc.com/wp-admin/css/ 3 KB
1 KB 195ms
195ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-admin/css/color-picker.min.css?ver=6.4.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

4aa1f650fe19f5b6d21c8d9e5128a66ba0144be4833b4ca32d52d53d77bf8cfb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: DYNAMIC
age: 339272
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:51 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"c36-60cc49c080526-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cf-ray: 8470560b7c72bb32-FRA

GET
H3 200 flexslider.css
benefitsinc.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/ 4 KB
1 KB 474ms
473ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.60.1

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

195182403b2e9d2a0779903fdd87cf7b9047f6a8253d9d12f12e991e2714ca36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:12 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Dec 2023 00:59:16 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"ea3-60c6dcaf3824e-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c4dd0bb32-FRA
expires: Sat, 17 Feb 2024 17:32:12 GMT

GET
H3 200 public.css
benefitsinc.com/wp-content/plugins/ml-slider/assets/metaslider/ 9 KB
3 KB 310ms
305ms Stylesheet
text/css 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.60.1

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

3bcfdd7744510709c2ad03fdea9654599aabd916570abf95a5866bb284342339

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Dec 2023 00:59:16 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"22e0-60c6dcaf36ade-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5ddfbb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 index.js Show response
benefitsinc.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 302ms
297ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Jan 2024 19:14:16 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"2b6d-60ec478619478-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5de0bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 index.js Show response
benefitsinc.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 308ms
303ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Jan 2024 19:14:16 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"337e-60ec47861697f-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5de1bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 thickbox.js Show response
benefitsinc.com/wp-includes/js/thickbox/ 13 KB
4 KB 302ms
297ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

c0e09e793fb79507dc97ed702a4c2c9c00ab4d1677bd45bcd112e203c96dd661

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:51 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"33ba-60cc49c11966d-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5de3bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 wpcf7r-fe.js Show response
benefitsinc.com/wp-content/plugins/wpcf7-redirect/build/js/ 8 KB
2 KB 303ms
298ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Dec 2023 21:52:36 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"1f8a-60d84d12ee7f4-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5de5bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 custom-main.js Show response
benefitsinc.com/wp-content/themes/karma/js/ 26 KB
8 KB 304ms
299ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/js/custom-main.js

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

8c7c2ec37e571233f2233d7dcc4cc84c8bf53dbbb0105888fcabff4d36817f15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"6902-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5de6bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 superfish.js Show response
benefitsinc.com/wp-content/themes/karma/js/ 8 KB
3 KB 301ms
296ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/js/superfish.js

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

38b539327b093831cca19eea5dceada5091378b89929f5b98d6653aab1d45685

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"20a1-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5de7bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 retina.js Show response
benefitsinc.com/wp-content/themes/karma/js/ 3 KB
2 KB 300ms
295ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/js/retina.js

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

a1b88e8859ba570034ead3c48bc6cae30af8fe445c59be647c6cfc8aa8b69cd9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"a59-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5de8bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 jquery.flexslider.js Show response
benefitsinc.com/wp-content/themes/karma/js/ 30 KB
8 KB 310ms
305ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/js/jquery.flexslider.js

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

970e0bf0ec0acedc3ba1a6e941aadcb14ef4c19a2319309889f317543585870a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"7604-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5decbb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 jquery.fitvids.js Show response
benefitsinc.com/wp-content/themes/karma/js/ 3 KB
2 KB 310ms
305ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/js/jquery.fitvids.js

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"d15-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5dedbb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 jquery.isotope.js Show response
benefitsinc.com/wp-content/themes/karma/js/ 34 KB
10 KB 302ms
297ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/js/jquery.isotope.js

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

7164985b21fde0171bbc6068285fcd32e7f33f0a25eb62b289a97100be17e1c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"8787-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5defbb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 core.min.js Show response
benefitsinc.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 326ms
321ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:51 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"53be-60cc49c115fbd-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5df0bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 tabs.min.js Show response
benefitsinc.com/wp-includes/js/jquery/ui/ 12 KB
4 KB 310ms
305ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:51 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"2ea1-60cc49c1157ed-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5df1bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 accordion.min.js Show response
benefitsinc.com/wp-includes/js/jquery/ui/ 9 KB
3 KB 1267ms
1262ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

3b0a04f5aa3291e26f44613add53e1bbd56a09147f6a0b390dc4c3369dd1731d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:12 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:51 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"226e-60cc49c117b15-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5df3bb32-FRA
expires: Sat, 17 Feb 2024 17:32:12 GMT

GET
H3 200 jquery.prettyPhoto.js Show response
benefitsinc.com/wp-content/themes/karma/js/ 21 KB
6 KB 477ms
472ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/js/jquery.prettyPhoto.js

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

c9ef05ffb575b4970131354960460c7ed1b097473c63fde0518f4a255ec367bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:12 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"540a-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5df4bb32-FRA
expires: Sat, 17 Feb 2024 17:32:12 GMT

GET
H3 200 jquery.flexslider.min.js Show response
benefitsinc.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/ 23 KB
7 KB 303ms
298ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.60.1

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

d9b23c627906fbd6695b4e09166cca785c433b8ea282d3a390283345164f3669

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Dec 2023 00:59:16 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"5daf-60c6dcaf39da6-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5df7bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 script.min.js Show response
benefitsinc.com/wp-content/plugins/ml-slider/assets/metaslider/ 402 B
628 B 310ms
305ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/plugins/ml-slider/assets/metaslider/script.min.js?ver=3.60.1

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

8eaa0105952a11648a1dd4e983dfa01b5c2f374cf14ff9815302a554fbb9e9d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Dec 2023 00:59:16 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"192-60c6dcaf36ade-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5df8bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 scrollWatch.js Show response
benefitsinc.com/wp-content/themes/karma/js/ 6 KB
2 KB 306ms
302ms Script
text/javascript 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/js/scrollWatch.js

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

7beb315e30c721a8a174df682a7d4c9825600d45d19a333deb18d33eb4f63529

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: W/"1765-5a22b6b4c28c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 8470560c5dfbbb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2

200

tccl.min.js Show response
img1.wsimg.com/signals/js/clients/tccl/
Redirect Chain

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

46 KB
13 KB

15ms
14ms

Script
text/javascript

2.16.100.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Requested by: Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/
Protocol: H2
Server: 2.16.100.27 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-100-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
content-encoding: gzip
date: Wed, 17 Jan 2024 17:32:11 GMT
x-amz-request-id: ZYFTT417S6A68TAS
x-amz-server-side-encryption: AES256
x-amz-meta-version: 2.0.2
content-length: 13404
x-amz-id-2: 5d8pp0UFbmtRDT0YO1R/luzkY29WEyEcx2pqH64XNLmdPB3sEAl/GttW+Ar0G3YSBosMg6tCpLo=
last-modified: Wed, 18 Oct 2023 16:44:03 GMT
etag: "8e70743bdf9b3d3adbb26471c84a006c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 18:02:11 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
access-control-allow-origin: *
date: Wed, 17 Jan 2024 17:32:11 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Thu, 16 Jan 2025 17:32:11 GMT

GET
H2

200

tti.min.js Show response
img1.wsimg.com/signals/js/clients/tti/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js

21 KB
8 KB

19ms
18ms

Script
text/javascript

2.16.100.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
Requested by: Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/
Protocol: H2
Server: 2.16.100.27 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-100-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 7jzjltvngWPxR10aGBgezMSyuI8q8r0u
content-encoding: gzip
date: Wed, 17 Jan 2024 17:32:11 GMT
x-amz-request-id: AEN4GRTQ230Z7BYZ
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.2.1
content-length: 7570
x-amz-id-2: gmJRgEHywYkWraQeF7akcvEy7ldB3vXbGfzimriDi4m1HaUVZNY49Ld1UG4xWUxuqbx8OJfc/TO6gHUTvOd0og==
last-modified: Wed, 18 Oct 2023 13:46:08 GMT
etag: "1c56940a864f144fae2eb40ee952cb94"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 18:02:11 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
access-control-allow-origin: *
date: Wed, 17 Jan 2024 17:32:11 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Thu, 16 Jan 2025 17:32:11 GMT

GET
H2 200 kPtYfnXF9D9JBLZV5t9Q Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 296ms
269ms Script
text/javascript 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/kPtYfnXF9D9JBLZV5t9Q

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c9dbbd6ba33536392c7f71f27358cd2432c1034779c98b53deed8332cc959ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 8470560c8a9f1c11-FRA

GET
H/1.1 200
OK L.js Show response
t.leady.com/j3cwf23nmx16NyKT/ 8 KB
4 KB 106ms
22ms Script
application/javascript 194.145.183.49
MASTER-AS Czech R...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.leady.com/j3cwf23nmx16NyKT/L.js
Requested by: Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.145.183.49 , Czech Republic, ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ),
Reverse DNS: chewie.imper.cz
Software: nginx /
Resource Hash: 664a0182946378b7c444b51a7e10c3221f9bed90f3ca20d29fd79a6c1a55832f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 17:32:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Dec 2023 12:57:19 GMT
Server: nginx
ETag: W/"657858af-1fa1"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: keep-alive
Expires: Wed, 17 Jan 2024 23:32:11 GMT

GET
H2 200 83044414130 Show response
app.hatchbuck.com/OnlineForm/ Frame B584 34 KB
15 KB 398ms
380ms Document
text/html 3.209.50.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hatchbuck.com/OnlineForm/83044414130
Requested by: Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.50.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-50-202.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / PHP/5.3.28 ASP.NET
Resource Hash: bba29e2f721d401e5889eb5cee56f2f2b740f7c0bef7ade9de22be8442636657

Request headers

Referer: https://benefitsinc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
content-encoding: gzip
content-length: 14719
content-type: text/html
date: Wed, 17 Jan 2024 17:32:11 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: PHP/5.3.28 ASP.NET

GET
H3 200 pinstriped_suit.png
benefitsinc.com/wp-content/themes/karma/images/body-backgrounds/ 58 KB
59 KB 303ms
303ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/themes/karma/images/body-backgrounds/pinstriped_suit.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

085477913d62316f00c9a7a76121f546dd20e44ff2abebb59549ec4dee9f2caa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 59529
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:30 GMT
x-php-version: 8.0
server: cloudflare
etag: "e889-5a22b6b3ce680"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8470560c5dfdbb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 bg-div-main.png
benefitsinc.com/wp-content/themes/karma/images/_global/ 217 B
585 B 462ms
460ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/themes/karma/images/_global/bg-div-main.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/wp-content/themes/karma/style.css?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

280dfb6476ccbccb0f6389c221b648fadb6d464b6f7bce8865a576e3823c1281

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/wp-content/themes/karma/style.css?ver=6.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:12 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 217
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:30 GMT
x-php-version: 8.0
server: cloudflare
etag: "d9-5a22b6b3ce680"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8470560c6dffbb32-FRA
expires: Sat, 17 Feb 2024 17:32:12 GMT

GET
H3 200 shadow-2.png
benefitsinc.com/wp-content/themes/karma/images/_global/ 7 KB
7 KB 1122ms
1121ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/themes/karma/images/_global/shadow-2.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

b8281c0bee694650cfaf65a3576589ea953de99726c551f6fcde2f61ecf6eabe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:12 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 6833
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:29 GMT
x-php-version: 8.0
server: cloudflare
etag: "1ab1-5a22b6b2da440"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8470560c6e01bb32-FRA
expires: Sat, 17 Feb 2024 17:32:12 GMT

GET
H3 200 bg-div-footer-top.png
benefitsinc.com/wp-content/themes/karma/images/_global/ 222 B
590 B 300ms
300ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/themes/karma/images/_global/bg-div-footer-top.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/wp-content/themes/karma/style.css?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

5f15f3713ea55829b5fda830aa2ea14c60d81e8a78fd4794696a960ed8bcc317

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/wp-content/themes/karma/style.css?ver=6.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 222
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:30 GMT
x-php-version: 8.0
server: cloudflare
etag: "de-5a22b6b3ce680"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8470560c6e08bb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 shadow-3.png
benefitsinc.com/wp-content/themes/karma/images/_global/ 3 KB
4 KB 300ms
299ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/themes/karma/images/_global/shadow-3.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

bca747c5e427200a10200459c662f21c7a6283031e06b221962196c82bb4f6e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 3290
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:29 GMT
x-php-version: 8.0
server: cloudflare
etag: "cda-5a22b6b2da440"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8470560c6e0ebb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H3 200 global-sprite.png
benefitsinc.com/wp-content/themes/karma/images/_global/ 22 KB
22 KB 669ms
669ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/themes/karma/images/_global/global-sprite.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/wp-content/themes/karma/style.css?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

46df93fc6475002ee97ab405df80c3964a3ca5e73e0b90fec2317c3d694f1770

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/wp-content/themes/karma/style.css?ver=6.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:12 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 22139
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:29 GMT
x-php-version: 8.0
server: cloudflare
etag: "567b-5a22b6b2da440"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8470560c6e11bb32-FRA
expires: Sat, 17 Feb 2024 17:32:12 GMT

GET
H3 200 bg-footer-bottom-cherry.png
benefitsinc.com/wp-content/themes/karma/images/skins/ 5 KB
5 KB 300ms
298ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/themes/karma/images/skins/bg-footer-bottom-cherry.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/wp-content/themes/karma/css/karma-cherry.css?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

156037a37116ce78d3850e26f4434f1018d669d78ba5039b0400df639b5e9a89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/wp-content/themes/karma/css/karma-cherry.css?ver=6.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 4669
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:30 GMT
x-php-version: 8.0
server: cloudflare
etag: "123d-5a22b6b3ce680"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8470560c6e1abb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 65ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefitsinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 15:36:20 GMT
x-content-type-options: nosniff
age: 179751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 15:36:20 GMT

GET
H3 200 fontawesome-webfont.woff2
benefitsinc.com/wp-content/themes/karma/css/fonts/ 75 KB
76 KB 350ms
349ms Font
font/woff2 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://benefitsinc.com/wp-content/themes/karma/css/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/wp-content/themes/karma/css/_font-awesome.css?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefitsinc.com/wp-content/themes/karma/css/_font-awesome.css?ver=6.4.2
Origin: https://benefitsinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 19:17:31 GMT
x-php-version: 8.0
server: cloudflare
etag: "12d68-5a22b6b4c28c0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8470560c6e1dbb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

GET
H2 200 u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
fonts.gstatic.com/s/cabin/v27/ 16 KB
17 KB 82ms
32ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v27/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c72abe1427dd4bb1fb8fda80f15d2232932864b05bba38e816f9885bd877a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefitsinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 16:49:15 GMT
x-content-type-options: nosniff
age: 175376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16888
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:14:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 16:49:15 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 80ms
30ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefitsinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:10:26 GMT
x-content-type-options: nosniff
age: 559305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 06:10:26 GMT

GET
H3 200 big-i-trusted-choice-logo-300x161.png
benefitsinc.com/wp-content/uploads/ 11 KB
11 KB 292ms
291ms Image
image/png 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-content/uploads/big-i-trusted-choice-logo-300x161.png

Requested by

Host: benefitsinc.com
URL: https://benefitsinc.com/benepac/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

644bdf23ac69f85857d0570f27770bc130412e5f646caf441f2010ec21d1a630

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 11199
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Sep 2021 20:20:34 GMT
x-php-version: 8.0
server: cloudflare
etag: "2bbf-5caf4cc7728b6"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8470560cae6abb32-FRA
expires: Sat, 17 Feb 2024 17:32:11 GMT

POST
H/1.1 204
No Content L
t.leady.com/ 0
211 B 190ms
189ms Ping
text/plain 194.145.183.49
MASTER-AS Czech R...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.leady.com/L?k=j3cwf23nmx16NyKT&d=i&s=08f853b9-87cc-4c17-a225-29beb05d0b91&l=https%3A%2F%2Fbenefitsinc.com%2Fbenepac%2F&r=&nc=0&15445
Requested by: Host: t.leady.com
URL: https://t.leady.com/j3cwf23nmx16NyKT/L.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.145.183.49 , Czech Republic, ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ),
Reverse DNS: chewie.imper.cz
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 17 Jan 2024 17:32:11 GMT
Server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FZ9TJT67VJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128744636-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0e70f07046793596a41f296ad4df72a5aeaa8abe7c7c6d8fa2104575a8f17de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jan 2024 17:32:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 83ms
23ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128744636-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6243
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 17 Jan 2024 17:48:09 GMT

GET
H2 200 jotform.css
app.hatchbuck.com/OnlineForm/css/ Frame B584 82 KB
11 KB 114ms
107ms Stylesheet
text/css 3.209.50.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hatchbuck.com/OnlineForm/css/jotform.css
Requested by: Host: app.hatchbuck.com
URL: https://app.hatchbuck.com/OnlineForm/83044414130
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.50.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-50-202.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e5c988a720d058778a2eaebbd2677c039798c84a9b7722a7ec5606ec28a3e5a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hatchbuck.com/OnlineForm/83044414130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:12 GMT
content-encoding: gzip
last-modified: Thu, 22 Aug 2019 22:05:40 GMT
server: Microsoft-IIS/10.0
etag: "0d26bc3559d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10713

GET
H2 200 jotform.js Show response
app.hatchbuck.com/OnlineForm/js/cdn/ Frame B584 579 KB
106 KB 115ms
108ms Script
application/javascript 3.209.50.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hatchbuck.com/OnlineForm/js/cdn/jotform.js?v=340
Requested by: Host: app.hatchbuck.com
URL: https://app.hatchbuck.com/OnlineForm/83044414130
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.50.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-50-202.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e0182f2bec432b2f29284aaa75061b4fc67667456a23f8fa0913894ea34121ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hatchbuck.com/OnlineForm/83044414130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:12 GMT
content-encoding: gzip
last-modified: Thu, 22 Aug 2019 22:05:41 GMT
server: Microsoft-IIS/10.0
etag: "80689fbc3559d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 108036

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 78ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FZ9TJT67VJ&gtm=45je41a0v9118109154&_p=1705512731367&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=4563878.1705512732&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705512732&sct=1&seg=0&dl=https%3A%2F%2Fbenefitsinc.com%2Fbenepac%2F&dt=BenePac%20%E2%80%93%20The%20Benefit%20Companies%2C%20Inc.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1830
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FZ9TJT67VJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 17:32:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefitsinc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 23ms
22ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1980762392&t=pageview&_s=1&dl=https%3A%2F%2Fbenefitsinc.com%2Fbenepac%2F&ul=en-us&de=UTF-8&dt=BenePac%20%E2%80%93%20The%20Benefit%20Companies%2C%20Inc.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=591933791&gjid=4236714&cid=4563878.1705512732&tid=UA-128744636-2&_gid=1955472787.1705512732&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=414634890

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefitsinc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 17:32:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefitsinc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 66ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-128744636-2&cid=4563878.1705512732&jid=591933791&gjid=4236714&_gid=1955472787.1705512732&_u=YADAAUAAAAAAACAAI~&z=1090223303

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefitsinc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 17 Jan 2024 17:32:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefitsinc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 counter.php Show response
app.hatchbuck.com/OnlineForm/ Frame B584 0
647 B 147ms
146ms Script
text/html 3.209.50.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hatchbuck.com/OnlineForm/counter.php?page=83044414130
Requested by: Host: app.hatchbuck.com
URL: https://app.hatchbuck.com/OnlineForm/83044414130
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.50.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-50-202.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / PHP/5.3.28, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hatchbuck.com/OnlineForm/83044414130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 17:32:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/5.3.28, ASP.NET
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: *
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ Frame B584 38 KB
15 KB 54ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1216.min.js

Requested by

Host: app.hatchbuck.com
URL: https://app.hatchbuck.com/OnlineForm/83044414130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hatchbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: ibRtDmp9QPDop46QbSE1xCN8MEKug8pl
content-encoding: br
via: 1.1 varnish
date: Wed, 17 Jan 2024 17:32:12 GMT
strict-transport-security: max-age=300
x-amz-request-id: 6X4PABDY3CNC5Y0K
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15095
x-amz-id-2: go53bp0sLZx8McuVFq4qbL9mXdhJnrf3rQFQ9hXdueHdtbyYa5k9Wm/9hkt1hj5wVbkEvDBP72Y=
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Wed, 18 Oct 2023 20:59:41 GMT
server: AmazonS3
x-timer: S1705512733.561859,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 17087

GET
H/1.1 200 f6d053e389 Show response
bam.nr-data.net/1/ Frame B584 56 B
490 B 270ms
136ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f6d053e389?a=683722&v=1216.487a282&to=NldTZxcHDUZYWkdcWw8dZEEMSSxbVVBdUHIOQFwcDAgHUEEXQ11E&rst=1017&ck=1&ref=https://app.hatchbuck.com/OnlineForm/83044414130&ap=39&be=428&fe=944&dc=794&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1705512731571,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:19,%22rp%22:399,%22rpe%22:400,%22dl%22:402,%22di%22:793,%22ds%22:793,%22de%22:795,%22dc%22:943,%22l%22:943,%22le%22:944%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hatchbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:12 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: close
Content-Length: 56
x-served-by: cache-fra-eddf8230133-FRA

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
281 B 145ms
101ms Fetch
image/gif 2a02:26f0:480:d::210:f149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1705512732855&dh=benefitsinc.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=865573923&cv=2.0.2&z=1584457659&vg=ddb1057e-5838-5a6a-9d71-35265518b0df&vtg=ddb1057e-5838-5a6a-9d71-35265518b0df&dp=%2Fbenepac&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%220074c5b3-bb68-1d79-ad0c-b3eed33a8f24.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD11%22%2C%22storage%22%3A%22p3cephmah005pod11_data09%22%2C%22xid%22%3A%222788542%22%2C%22wp%22%3A%226.4.2%22%2C%22php%22%3A%228.0.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22karma%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22823%22%2C%22wp_alloptions_bytes%22%3A%22599281%22%7D&hit_id=2c8711c6-3936-5dc2-acf5-2bf2257a9d04&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:d::210:f149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Wed, 17 Jan 2024 17:32:12 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://benefitsinc.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 TrackWebPage
app.hatchbuck.com/ 0
265 B 219ms
218ms Image
text/plain 3.209.50.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.hatchbuck.com/TrackWebPage?ACID=5263&URL=https://benefitsinc.com/benepac/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.209.50.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-50-202.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:13 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: *
content-length: 0

POST
H/1.1 204
No Content L
t.leady.com/ 0
103 B 22ms
22ms Ping
text/plain 194.145.183.49
MASTER-AS Czech R...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.leady.com/L?k=j3cwf23nmx16NyKT&d=i&s=08f853b9-87cc-4c17-a225-29beb05d0b91&l=https%3A%2F%2Fbenefitsinc.com%2Fbenepac%2F&r=&g=4741312e322e343536333837382e31373035353132373332&nc=0&25445
Requested by: Host: t.leady.com
URL: https://t.leady.com/j3cwf23nmx16NyKT/L.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.145.183.49 , Czech Republic, ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ),
Reverse DNS: chewie.imper.cz
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 17 Jan 2024 17:32:12 GMT
Server: nginx

GET
H3 200 loadingAnimation.gif
benefitsinc.com/wp-includes/js/thickbox/ 15 KB
15 KB 222ms
221ms Image
image/gif 160.153.0.76
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefitsinc.com/wp-includes/js/thickbox/loadingAnimation.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.76 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

76.0.153.160.host.secureserver.net

Software

cloudflare /

Resource Hash

6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/benepac/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:32:13 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 15238
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 08:33:51 GMT
x-php-version: 8.0
server: cloudflare
etag: "3b86-60cc49c11966d"
vary: Accept-Encoding
content-type: image/gif
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 847056149920bb32-FRA
expires: Sat, 17 Feb 2024 17:32:13 GMT

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
281 B 97ms
96ms Fetch
image/gif 2a02:26f0:480:d::210:f149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1705512732909&dh=benefitsinc.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=865573923&cv=2.0.2&z=1107940249&vg=ddb1057e-5838-5a6a-9d71-35265518b0df&vtg=ddb1057e-5838-5a6a-9d71-35265518b0df&dp=%2Fbenepac&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%220074c5b3-bb68-1d79-ad0c-b3eed33a8f24.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD11%22%2C%22storage%22%3A%22p3cephmah005pod11_data09%22%2C%22xid%22%3A%222788542%22%2C%22wp%22%3A%226.4.2%22%2C%22php%22%3A%228.0.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22karma%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22823%22%2C%22wp_alloptions_bytes%22%3A%22599281%22%7D&hit_id=4872b985-1258-590f-96eb-8134849359f2&ht=perf&tce=1705512730921&tcs=1705512730901&tdc=1705512732864&tdclee=1705512732864&tdcles=1705512732863&tdi=1705512732863&tdl=1705512731134&tdle=1705512730901&tdls=1705512730901&tfs=1705512730882&tns=1705512730229&trqs=1705512730921&tre=1705512731132&trps=1705512731131&tles=1705512732864&tlee=0&nt=navigate&lcp=1451&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:d::210:f149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefitsinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Wed, 17 Jan 2024 17:32:12 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://benefitsinc.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hatchbuck.com/	1970-01-21 03:21:12	Name: SystematicCookie5263 Value: ContactID=133727290&AccountCompanyID=5263
benefitsinc.com/	1969-12-31 23:59:59	Name: leady_session_id Value: 08f853b9-87cc-4c17-a225-29beb05d0b91
.ws.zoominfo.com/	1970-01-21 02:30:48	Name: visitorId Value: 34dc5ce164074ddf90ddd4323f87106cfb24b7613825de2fef3d83cd81487817
.zoominfo.com/	1970-01-20 17:45:14	Name: __cf_bm Value: qcExNujTPofJxHB4Twavmp5LIUIfR3V7WdqE701ZmNI-1705512731-1-AXJjguHC8Vwn/JGmxexu+6Jc/HguUUA9fXVXCi+JECYFatidFaFtUKI/cfzBGz8dGoF6nefOhZ4aafCesWlGkao=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 4i2VJYIwxah1Qlzi2Rh_2gxVcdqVNlIVedhOQhBtc7w-1705512731832-0-604800000
t.leady.com/	1970-01-21 03:21:12	Name: c Value: AAAAAGWoDxty8YfPSUuLAg==
.benefitsinc.com/	1970-01-21 03:21:12	Name: _ga_FZ9TJT67VJ Value: GS1.1.1705512732.1.0.1705512732.0.0.0
.benefitsinc.com/	1970-01-21 03:21:12	Name: _ga Value: GA1.2.4563878.1705512732
.benefitsinc.com/	1970-01-20 17:46:39	Name: _gid Value: GA1.2.1955472787.1705512732
.benefitsinc.com/	1970-01-20 17:45:12	Name: _gat_gtag_UA_128744636_2 Value: 1
.benefitsinc.com/	1970-01-21 02:30:48	Name: _tccl_visitor Value: ddb1057e-5838-5a6a-9d71-35265518b0df
.benefitsinc.com/	1970-01-20 17:45:14	Name: _tccl_visit Value: ddb1057e-5838-5a6a-9d71-35265518b0df
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: f02f145d5a9f2830

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://app.hatchbuck.com/OnlineForm/83044414130(Line 54) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
deprecation	warning	URL: https://app.hatchbuck.com/OnlineForm/83044414130(Line 2) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hatchbuck.com
bam.nr-data.net
benefitsinc.com
cdn.hatchbuck.com
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
hjsiguzdmmy.hatchbuck.com
img1.wsimg.com
js-agent.newrelic.com
link.benepac.co
region1.google-analytics.com
secure.scan6show.com
stats.g.doubleclick.net
t.leady.com
ws.zoominfo.com
www.google-analytics.com
www.googletagmanager.com
151.101.130.137
160.153.0.76
162.247.243.29
194.145.183.49
2.16.100.27
2001:4860:4802:34::36
2600:9000:2304:e400:1f:7a16:c640:93a1
2606:4700::6810:890f
2a00:1450:4001:806::2003
2a00:1450:4001:809::200a
2a00:1450:4001:829::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9b
2a02:26f0:480:d::210:f149
3.209.50.202
34.199.157.31
51.11.20.152
004386554b88064df58a7d7bd124e0223d27500643efd0527ab7bdfe9be08b04
085477913d62316f00c9a7a76121f546dd20e44ff2abebb59549ec4dee9f2caa
156037a37116ce78d3850e26f4434f1018d669d78ba5039b0400df639b5e9a89
195182403b2e9d2a0779903fdd87cf7b9047f6a8253d9d12f12e991e2714ca36
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27f8afc20229eb2668f9bee4845cf5ee6018436edc274581404b18b8c95a5b2f
280dfb6476ccbccb0f6389c221b648fadb6d464b6f7bce8865a576e3823c1281
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
38b539327b093831cca19eea5dceada5091378b89929f5b98d6653aab1d45685
3b0a04f5aa3291e26f44613add53e1bbd56a09147f6a0b390dc4c3369dd1731d
3bcfdd7744510709c2ad03fdea9654599aabd916570abf95a5866bb284342339
3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23
425e34a46ae58dce82ac595e7866dc0771ac023cc0850e7dcf77fc86a4780480
44c2faf3fd81fa40d8e787562c753cef19190bfa07ba6caa33166610c5d6ab86
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
46df93fc6475002ee97ab405df80c3964a3ca5e73e0b90fec2317c3d694f1770
49739e94573de5afc74a9a27ceecbff1dcf5126c6535d6d2d8839f25c86a7eca
4a2fcb7287d0f841825d426560d8e8ae74dc70319d29a368c3cdf4283137dc86
4aa1f650fe19f5b6d21c8d9e5128a66ba0144be4833b4ca32d52d53d77bf8cfb
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0
5b9df46139eba41bc2c21cb822843449801f7028d5b4eca034b08ca26cffd8af
5cfcdebf8f38725bebe6f58ff39a6d044806bca0220a1e0b7e3257f9ad7392d1
5f15f3713ea55829b5fda830aa2ea14c60d81e8a78fd4794696a960ed8bcc317
644bdf23ac69f85857d0570f27770bc130412e5f646caf441f2010ec21d1a630
662323430fe4001b93863e101435c7625192bf98f0d248baa74dde47beb0ce20
664a0182946378b7c444b51a7e10c3221f9bed90f3ca20d29fd79a6c1a55832f
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7164985b21fde0171bbc6068285fcd32e7f33f0a25eb62b289a97100be17e1c7
7affe6ee9f5599e0f8b745791f1666d834a2c2a76eada64a7e3c54afe1c1614c
7beb315e30c721a8a174df682a7d4c9825600d45d19a333deb18d33eb4f63529
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
802496dc198a0e03f6e10051f54d494ed7dd46fd456a6578f458022c5e5a0b78
864ffdb1924ebe7100da9bceae6b4449231bfbf435b80b9e601b6e9089b2c8de
8c7c2ec37e571233f2233d7dcc4cc84c8bf53dbbb0105888fcabff4d36817f15
8eaa0105952a11648a1dd4e983dfa01b5c2f374cf14ff9815302a554fbb9e9d3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
970e0bf0ec0acedc3ba1a6e941aadcb14ef4c19a2319309889f317543585870a
9b5f16d88f16dcdd6e37fe3330caa4d2db43e350d8373a32257e314ce01653e2
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9c72abe1427dd4bb1fb8fda80f15d2232932864b05bba38e816f9885bd877a74
9e025d9aad21557cf71709e284207dfba1b026a3661c9cc124232873983e3de0
a1b88e8859ba570034ead3c48bc6cae30af8fe445c59be647c6cfc8aa8b69cd9
a813f26b7e33d54a7f970ff705628071b187818ad798476692225d2ab8541a1f
a8fb9d7aa199fec02e7bdec83c70721be8ea1bcb60ab2c060d66f9dd1bb636ea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b8281c0bee694650cfaf65a3576589ea953de99726c551f6fcde2f61ecf6eabe
bba29e2f721d401e5889eb5cee56f2f2b740f7c0bef7ade9de22be8442636657
bbe357072bd56a44e29cca81f3f67302f1f629fa9dddfab9c8f47c3d951ad7c2
bca747c5e427200a10200459c662f21c7a6283031e06b221962196c82bb4f6e2
c0e09e793fb79507dc97ed702a4c2c9c00ab4d1677bd45bcd112e203c96dd661
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c9dbbd6ba33536392c7f71f27358cd2432c1034779c98b53deed8332cc959ba5
c9ef05ffb575b4970131354960460c7ed1b097473c63fde0518f4a255ec367bb
ca59b55f25c3d00e20acabbbae0e5f13afb811c03c18f05070f58aa9fab54c55
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d02c1c9690c99d45f0dd028edf456c825a003e05f86c44259a6ec8aa46510286
d9b23c627906fbd6695b4e09166cca785c433b8ea282d3a390283345164f3669
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df53c8cb675c88abb02ddea657fce08621ca36c81530424d50a8bfe08542a35c
e0182f2bec432b2f29284aaa75061b4fc67667456a23f8fa0913894ea34121ed
e0e70f07046793596a41f296ad4df72a5aeaa8abe7c7c6d8fa2104575a8f17de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c988a720d058778a2eaebbd2677c039798c84a9b7722a7ec5606ec28a3e5a8
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e92917321396ecbb01c71317b4132509ec0f284c4b4f18faa3d2336ef69de9ce
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

benefitsinc.com Open in urlscan Pro 160.153.0.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

98 %HTTPS

53 %IPv6

15 Domains

18 Subdomains

16 IPs

5 Countries

1041 kBTransfer

2715 kBSize

13 Cookies

9 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

benefitsinc.com Open in urlscan Pro
160.153.0.76 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

98 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

16
IPs

5
Countries

1041 kB
Transfer

2715 kB
Size

13
Cookies

83 HTTP transactions
0 data transactions