benefic.md Open in urlscan Pro
195.178.106.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://benefic.md/
Effective URL:
https://benefic.md/
Submission: On November 14 via api (November 14th 2022, 9:09:12 am UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 195.178.106.125, located in Chisinau, Moldova and belongs to CTC-ALFA-AS, MD. The main domain is benefic.md.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 27th 2022. Valid for: 3 months.

This is the only time benefic.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 22	195.178.106.125 195.178.106.125		50138 (CTC-ALFA-AS) (CTC-ALFA-AS)
4	2a00:1450:400... 2a00:1450:4001:82f::2003		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008		15169 (GOOGLE) (GOOGLE)
28	5

22 195.178.106.125 (Chisinau, Moldova) 1 redirects

ASN50138 (CTC-ALFA-AS, MD)
PTR: host5.tophost.md

benefic.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	benefic.md 1 redirects benefic.md	584 KB
4	gstatic.com fonts.gstatic.com	105 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	37 KB
28	4

	Domain	Requested by
22	benefic.md	1 redirects benefic.md
4	fonts.gstatic.com	benefic.md
2	www.google-analytics.com	benefic.md www.google-analytics.com
1	www.googletagmanager.com	benefic.md
28	4

This site contains links to these domains. Also see Links.

Domain
bit.ly
klever.md

Subject Issuer	Validity	Valid
benefic.md cPanel, Inc. Certification Authority	`2022-09-27` - `2022-12-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://benefic.md/
Frame ID: E6A332BC67BD8A49FB82F4EC39A0FB48
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BENEFIC CREDIT — CREDITE PENTRU TOTI

Page URL History Show full URLs

http://benefic.md/ HTTP 301
https://benefic.md/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

746 kB
Transfer

2301 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/3mGXCh1

Search URL Search Domain Scan URL

URL: http://klever.md/
Title: KLEVER MEDIA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://benefic.md/ HTTP 301
https://benefic.md/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
benefic.md/
Redirect Chain

http://benefic.md/
https://benefic.md/

165 KB
27 KB

743ms
535ms

Document
text/html

195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 91ca2c3c2e9a68da51d551f78755145bb5d4b9d01f7b0872436271e4a74ad3a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: max-age=3600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 09:09:07 GMT
etag: "487-1668416947;br"
hummingbird-cache: Served
link: <https://benefic.md/wp-json/>; rel="https://api.w.org/", <https://benefic.md/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://benefic.md/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: miss
x-powered-by: PHP/7.3.33

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 09:09:06 GMT
location: https://benefic.md/
server: LiteSpeed
x-powered-by: PHP/7.3.33
x-redirect-by: WordPress

GET
H2 200 be7dd327496f356d1ffbe3a76e6e5c09.css
benefic.md/wp-content/uploads/hummingbird-assets/ 22 KB
4 KB 109ms
103ms Stylesheet
text/css 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/uploads/hummingbird-assets/be7dd327496f356d1ffbe3a76e6e5c09.css
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 678ca5cfe2a44ae0a69b54ad6f94b92ded5f65fd7925fae72b22dd40d4383552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 19:28:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4232
expires: Mon, 21 Nov 2022 09:09:07 GMT

GET
H2 200 148b36152279d8cfd782a5ee05ee6e5a.css
benefic.md/wp-content/uploads/hummingbird-assets/ 920 KB
108 KB 108ms
102ms Stylesheet
text/css 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/uploads/hummingbird-assets/148b36152279d8cfd782a5ee05ee6e5a.css
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 832b1baa315e24d493c25b6daf178341eaeb3cf951743ecf9e0ea11cb090b7e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Tue, 11 Oct 2022 11:47:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 110120
expires: Mon, 21 Nov 2022 09:09:07 GMT

GET
H2 200 jquery.min.js Show response
benefic.md/wp-includes/js/jquery/ 88 KB
30 KB 56ms
51ms Script
application/javascript 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 10:04:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 30324

GET
H2 200 c334874b77b5e41d7f47f22d3e0d06a3.js Show response
benefic.md/wp-content/uploads/hummingbird-assets/ 261 KB
86 KB 58ms
53ms Script
application/javascript 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/uploads/hummingbird-assets/c334874b77b5e41d7f47f22d3e0d06a3.js
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 9bb7983c1ec1db0e80196001a8af83d6bdf08ca25c5e2e4f696eac39b0b95890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Mon, 26 Sep 2022 11:02:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 88417

GET
H2 200 awb-icons.woff
benefic.md/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 18 KB
18 KB 107ms
103ms Font
font/woff 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 76eee1df4f77092b36dd5bb653611a145fa09f8e0ae8b0d13d7bf0deb9dd3b52

Request headers

Referer: https://benefic.md/
Origin: https://benefic.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
last-modified: Fri, 18 Jun 2021 14:19:47 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18364
expires: Mon, 21 Nov 2022 09:09:07 GMT

GET
H2 200 fa-brands-400.woff2
benefic.md/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 75 KB
75 KB 210ms
205ms Font
font/woff2 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99

Request headers

Referer: https://benefic.md/
Origin: https://benefic.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
last-modified: Fri, 18 Jun 2021 14:19:46 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 76736
expires: Mon, 21 Nov 2022 09:09:07 GMT

GET
H2 200 fa-regular-400.woff2
benefic.md/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 13 KB
13 KB 211ms
207ms Font
font/woff2 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d

Request headers

Referer: https://benefic.md/
Origin: https://benefic.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
last-modified: Fri, 18 Jun 2021 14:19:46 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13264
expires: Mon, 21 Nov 2022 09:09:07 GMT

GET
H2 200 fa-solid-900.woff2
benefic.md/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 76 KB
76 KB 212ms
209ms Font
font/woff2 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

Referer: https://benefic.md/
Origin: https://benefic.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
last-modified: Fri, 18 Jun 2021 14:19:46 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 78212
expires: Mon, 21 Nov 2022 09:09:07 GMT

GET
H2 200 financial-advisor.ttf
benefic.md/wp-content/uploads/fusion-icons/financial-advisor-v1.0-2/fonts/ 3 KB
3 KB 207ms
204ms Font
font/ttf 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/uploads/fusion-icons/financial-advisor-v1.0-2/fonts/financial-advisor.ttf?sbz7jy
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 33d1599a980f232baf332ebf3ed11396e3e7265d82ea33dea8c318639672f719

Request headers

Referer: https://benefic.md/
Origin: https://benefic.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
last-modified: Tue, 22 Jun 2021 08:03:32 GMT
server: LiteSpeed
content-type: font/ttf
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3312
expires: Mon, 21 Nov 2022 09:09:07 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 65ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: benefic.md
URL: https://benefic.md/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefic.md/
Origin: https://benefic.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 11:21:16 GMT
x-content-type-options: nosniff
age: 424071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 11:21:16 GMT

GET
H2 200 regenerator-runtime.min.js Show response
benefic.md/wp-includes/js/dist/vendor/ 6 KB
2 KB 208ms
205ms Script
application/javascript 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 10:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2354

GET
H2 200 wp-polyfill.min.js Show response
benefic.md/wp-includes/js/dist/vendor/ 17 KB
6 KB 205ms
202ms Script
application/javascript 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 10:04:07 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6335

GET
H2 200 27a0194c3fd38a34461fd0d24a1dd813.js Show response
benefic.md/wp-content/uploads/hummingbird-assets/ 13 KB
4 KB 206ms
203ms Script
application/javascript 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/uploads/hummingbird-assets/27a0194c3fd38a34461fd0d24a1dd813.js
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 0f87b74d6f37e4c7f075637477c88a8951d0e547d40128319475aafc60979f77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Mon, 26 Sep 2022 12:37:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3868

GET
H2 200 f53d9a1aaa030890963c5dbee050f358.min.js Show response
benefic.md/wp-content/uploads/fusion-scripts/ 310 KB
83 KB 211ms
209ms Script
application/javascript 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://benefic.md/wp-content/uploads/fusion-scripts/f53d9a1aaa030890963c5dbee050f358.min.js?ver=3.4.1
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: db28193607644d76a740bf5389e0e121f3bd7aa2d8a3aa641688d0be53c31179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Tue, 08 Mar 2022 04:54:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 84660

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
18ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: benefic.md
URL: https://benefic.md/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 07:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6258
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 14 Nov 2022 09:24:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
37 KB 74ms
35ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGVB45G

Requested by

Host: benefic.md
URL: https://benefic.md/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adbdf9b823d4b961becdffe5de1b01b2f148abda9ae98da4cfcb3d33fd9196f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 37708
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 09:09:07 GMT

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65bdd1fb621fd0516b8d6091f7c9cdb00b8e3e80b9ed1fa97bd09edde060e25a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 1Ptvg83HX_SGhgqk0QotcqA.woff2
fonts.gstatic.com/s/mulish/v10/ 24 KB
24 KB 64ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk0QotcqA.woff2

Requested by

Host: benefic.md
URL: https://benefic.md/wp-content/uploads/hummingbird-assets/148b36152279d8cfd782a5ee05ee6e5a.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a746c3cc68d9bded211dca3846c9570683fac875815d7b5eab21febf7c3d9793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefic.md/
Origin: https://benefic.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 12:51:43 GMT
x-content-type-options: nosniff
age: 159444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24156
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 12:51:43 GMT

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3580dfb8dbeadeb3a71fe1973e932e5aefd85df4222c244a0b651bc8c43488a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v10/ 28 KB
28 KB 46ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: benefic.md
URL: https://benefic.md/wp-content/uploads/hummingbird-assets/148b36152279d8cfd782a5ee05ee6e5a.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefic.md/
Origin: https://benefic.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 15:09:07 GMT
x-content-type-options: nosniff
age: 237600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29144
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 15:09:07 GMT

GET
DATA 200
OK truncated
/ 139 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb551d0fdb1b295608e54bde4cec4718b1031bb2189be782d31d4a166341960a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75ffc261576a9cae2dd98f4091edba9d7780791b44d7c4f304a83952826deee0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 139 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba9d8c8f86c5ba7a741d874945fe92d39af1ca7d87fd6a98bc9dc39e67054d00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 1Pttg83HX_SGhgqk2johaqRXBA.woff2
fonts.gstatic.com/s/mulish/v10/ 26 KB
26 KB 43ms
30ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Pttg83HX_SGhgqk2johaqRXBA.woff2

Requested by

Host: benefic.md
URL: https://benefic.md/wp-content/uploads/hummingbird-assets/148b36152279d8cfd782a5ee05ee6e5a.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1400d6c54154d0d802d293d5bfacec12e514b024cad14722118ac0e025ef99f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://benefic.md/
Origin: https://benefic.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 08:12:13 GMT
x-content-type-options: nosniff
age: 176214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26176
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 08:12:13 GMT

GET
H3 200 LOGO3-e1624351079543.png
benefic.md/wp-content/uploads/2021/06/ 36 KB
36 KB 109ms
108ms Image
image/png 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefic.md/wp-content/uploads/2021/06/LOGO3-e1624351079543.png
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 67e6a017bf9ec07bc0c89f555a0fa37600d17687e959a69950a45391f59d0bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 08:37:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 37175
expires: Tue, 14 Nov 2023 15:09:07 GMT

GET
H3 200 slant-separator4567-1-150x71.png
benefic.md/wp-content/uploads/2021/07/ 308 B
264 B 55ms
55ms Image
image/png 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefic.md/wp-content/uploads/2021/07/slant-separator4567-1-150x71.png
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: aad424318b0225790d7b1a01678eca49b65b492a9edf578f0166d8016bc8c66b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 07:40:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 171
expires: Tue, 14 Nov 2023 15:09:07 GMT

GET
H3 200 FON-MENU.svg
benefic.md/wp-content/uploads/2021/06/ 2 KB
961 B 54ms
54ms Image
image/svg+xml 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefic.md/wp-content/uploads/2021/06/FON-MENU.svg
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 2336c9a91e206b6485cb6e900cdeae71418fe2bc6799b17677cd86e60491fd64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Tue, 22 Jun 2021 08:44:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 905

GET
H3 200 hero_home2-3.svg
benefic.md/wp-content/uploads/2021/06/ 3 KB
2 KB 53ms
53ms Image
image/svg+xml 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefic.md/wp-content/uploads/2021/06/hero_home2-3.svg
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: addbabad827c3c3751d65841d99a5228926589d7164eb0c6ea46d6ca67802cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: br
last-modified: Tue, 22 Jun 2021 10:51:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1580

GET
H3 200 home-content-background-scaled-1.jpg
benefic.md/wp-content/uploads/2020/08/ 22 KB
7 KB 53ms
52ms Image
image/jpeg 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefic.md/wp-content/uploads/2020/08/home-content-background-scaled-1.jpg
Requested by: Host: benefic.md
URL: https://benefic.md/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: 9b3776b51b4440221d0171d0fbd4f523800727b1a0cf19fb24a83c9d646bb4d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:07 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 08:03:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
content-length: 6628

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 55ms
23ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=227773876&t=pageview&_s=1&dl=https%3A%2F%2Fbenefic.md%2F&ul=en-us&de=UTF-8&dt=BENEFIC%20CREDIT%20%E2%80%94%20CREDITE%20PENTRU%20TOTI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=307065493&gjid=1838390500&cid=237425991.1668416948&tid=G-R42L0029ET&_gid=1502161800.1668416948&_r=1&_slc=1&z=1179753785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefic.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 09:09:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefic.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 admin-ajax.php Show response
benefic.md/wp-admin/ 98 B
293 B 878ms
877ms XHR
text/html 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://benefic.md/wp-admin/admin-ajax.php

Requested by

Host: benefic.md
URL: https://benefic.md/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),

Reverse DNS

host5.tophost.md

Software

LiteSpeed / PHP/7.3.33

Resource Hash

5ff567188b9c9542ead12a6e9613380efb56902471ae7abf8a2edee7c2f64cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://benefic.md/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Nov 2022 09:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-powered-by: PHP/7.3.33
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://benefic.md
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 94
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 slant-separator4567-e1625579645652.png
benefic.md/wp-content/uploads/2021/07/ 2 KB
2 KB 52ms
52ms Image
image/png 195.178.106.125
CTC-ALFA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefic.md/wp-content/uploads/2021/07/slant-separator4567-e1625579645652.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.178.106.125 Chisinau, Moldova, ASN50138 (CTC-ALFA-AS, MD),
Reverse DNS: host5.tophost.md
Software: LiteSpeed /
Resource Hash: cd6a451a1c59742b112d9923510345bd13eaecf0087e1f220d23c7f94822ac33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefic.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:09:08 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 13:54:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1882
expires: Tue, 14 Nov 2023 15:09:08 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| gtm4wp_datalayer_name object| dataLayer undefined| $ function| jQuery object| LS_Meta function| _initLayerSlider undefined| LS_oldGS undefined| LS_oldGSQueue undefined| LS_oldGSDefine object| LS_GSAP object| _gsScope undefined| GreenSockGlobals undefined| _gsQueue undefined| _gsDefine object| _layerSlider object| _layerSliders object| layerSliderTransitions string| GoogleAnalyticsObject function| ga object| dataLayer_content object| doc function| close_custom_select function| calculate_values function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| cssua object| fusionJSVars object| fusion object| fusionLightboxVideoVars object| fusionEqualHeightVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers object| fusionVideoGeneralVars function| playVideoAndPauseOthers object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| fusionInitTooltips undefined| prevCallback object| fusionTimeout function| registerYoutubePlayers function| onPlayerReady function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| ytVidId function| insertParam function| fusionYouTubeTimeout function| onYouTubeIframeAPIReady function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| avadaLiveSearchVars function| avadaLiveSearch object| fusionMenuVars function| fusionNavClickExpandBtn function| fusionNavClickExpandSubmenuBtn function| fusionNavMobilePosition function| fusionNavSubmenuDirection function| fusionNavSearchOverlay function| fusionNavCloseFlyoutSub function| fusionNavAltArrowsClass function| fusionNavRunAll function| fusionAdjustNavMobilePosition object| fusionAnimationsVars function| fusionSetAnimationData object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider object| formCreatorConfig object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| moveSideHeaderStylingDivs function| fusionSideHeaderScroll function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| checkHoverTouchState object| fusionVideoVars object| Modernizr object| browserPrefixes object| _fusionImageParallaxImages object| avadaLightBox object| $ilInstances function| onYouTubePlayerAPIReady function| YTReady object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| lazySizes object| awbAnimationObservers object| fusionForms object| fusionFormLogics string| responsiveTypeElements object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| lastYPosition boolean| scrollDisabled object| google_tag_manager number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| fusionVimeoPlayers boolean| fusionAccordianClick

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.benefic.md/	1970-01-20 17:02:56	Name: _ga Value: GA1.2.237425991.1668416948
			.benefic.md/	1970-01-20 07:28:23	Name: _gid Value: GA1.2.1502161800.1668416948
			.benefic.md/	1970-01-20 07:26:57	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

benefic.md
fonts.gstatic.com
www.google-analytics.com
www.googletagmanager.com
195.178.106.125
2a00:1450:4001:800::200e
2a00:1450:4001:801::2008
2a00:1450:4001:82f::2003
056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
0f87b74d6f37e4c7f075637477c88a8951d0e547d40128319475aafc60979f77
1400d6c54154d0d802d293d5bfacec12e514b024cad14722118ac0e025ef99f2
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
2336c9a91e206b6485cb6e900cdeae71418fe2bc6799b17677cd86e60491fd64
33d1599a980f232baf332ebf3ed11396e3e7265d82ea33dea8c318639672f719
3580dfb8dbeadeb3a71fe1973e932e5aefd85df4222c244a0b651bc8c43488a8
5ff567188b9c9542ead12a6e9613380efb56902471ae7abf8a2edee7c2f64cae
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
65bdd1fb621fd0516b8d6091f7c9cdb00b8e3e80b9ed1fa97bd09edde060e25a
678ca5cfe2a44ae0a69b54ad6f94b92ded5f65fd7925fae72b22dd40d4383552
67e6a017bf9ec07bc0c89f555a0fa37600d17687e959a69950a45391f59d0bdd
75ffc261576a9cae2dd98f4091edba9d7780791b44d7c4f304a83952826deee0
76eee1df4f77092b36dd5bb653611a145fa09f8e0ae8b0d13d7bf0deb9dd3b52
83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99
832b1baa315e24d493c25b6daf178341eaeb3cf951743ecf9e0ea11cb090b7e4
91ca2c3c2e9a68da51d551f78755145bb5d4b9d01f7b0872436271e4a74ad3a0
9b3776b51b4440221d0171d0fbd4f523800727b1a0cf19fb24a83c9d646bb4d5
9bb7983c1ec1db0e80196001a8af83d6bdf08ca25c5e2e4f696eac39b0b95890
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a746c3cc68d9bded211dca3846c9570683fac875815d7b5eab21febf7c3d9793
aad424318b0225790d7b1a01678eca49b65b492a9edf578f0166d8016bc8c66b
adbdf9b823d4b961becdffe5de1b01b2f148abda9ae98da4cfcb3d33fd9196f7
addbabad827c3c3751d65841d99a5228926589d7164eb0c6ea46d6ca67802cb1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba9d8c8f86c5ba7a741d874945fe92d39af1ca7d87fd6a98bc9dc39e67054d00
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd6a451a1c59742b112d9923510345bd13eaecf0087e1f220d23c7f94822ac33
db28193607644d76a740bf5389e0e121f3bd7aa2d8a3aa641688d0be53c31179
eb551d0fdb1b295608e54bde4cec4718b1031bb2189be782d31d4a166341960a
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a