urlscan.io logo urlscan.io
SecurityTrails logo

benefitsbycertipay.com Open in urlscan Pro
2606:4700:3033::ac43:a755  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://benefitsbycertipay.com/
Effective URL: https://benefitsbycertipay.com/
Submission: On December 30 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3033::ac43:a755, located in United States and belongs to CLOUDFLARENET, US. The main domain is benefitsbycertipay.com.
TLS certificate: Issued by GTS CA 1P5 on December 30th 2023. Valid for: 3 months.
This is the only time benefitsbycertipay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 104.16.179.241 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.162.38.8 16509 (AMAZON-02)
1 65.9.66.56 16509 (AMAZON-02)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
7 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2001:4860:480... 15169 (GOOGLE)
1 13.32.27.107 16509 (AMAZON-02)
2 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 54.194.181.161 16509 (AMAZON-02)
3 2600:1f14:5db... 16509 (AMAZON-02)
1 18.239.36.55 16509 (AMAZON-02)
2 18.66.147.5 16509 (AMAZON-02)
1 44.216.68.47 14618 (AMAZON-AES)
42 16
1    2606:4700:3031::6815:5317 (United States)

ASN13335 (CLOUDFLARENET, US)
benefitsbycertipay.com
15    2606:4700:3033::ac43:a755 (United States)

ASN13335 (CLOUDFLARENET, US)
benefitsbycertipay.com
2    104.16.179.241 (None, )

ASN13335 (CLOUDFLARENET, US)
portalone.processonepayments.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.162.38.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-8.cdg52.r.cloudfront.net
static.hotjar.com
1    65.9.66.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-56.fra56.r.cloudfront.net
code.upscope.io
1    2a02:26f0:7100::1720:ef23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
7    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net
script.hotjar.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    54.194.181.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-181-161.eu-west-1.compute.amazonaws.com
content.hotjar.io
3    2600:1f14:5db:eb00:7c9e:17f6:e59e:9984 (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
1    18.239.36.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-55.ams58.r.cloudfront.net
widget.intercom.io
2    18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net
js.intercomcdn.com
1    44.216.68.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-68-47.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
16 benefitsbycertipay.com
benefitsbycertipay.com
2 MB
10 userway.org
cdn.userway.org — Cisco Umbrella Rank: 4271
api.userway.org — Cisco Umbrella Rank: 4071
74 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
www.linkedin.com — Cisco Umbrella Rank: 629
3 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2136
274 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1721
api-iam.intercom.io — Cisco Umbrella Rank: 2121
6 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
312 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700
script.hotjar.com — Cisco Umbrella Rank: 933
59 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
127 KB
2 processonepayments.com
portalone.processonepayments.com — Cisco Umbrella Rank: 138346
9 KB
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6459
161 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763
15 KB
1 upscope.io
code.upscope.io — Cisco Umbrella Rank: 31243
451 B
42 12
Domain Requested by
16 benefitsbycertipay.com 1 redirects benefitsbycertipay.com
7 cdn.userway.org benefitsbycertipay.com
cdn.userway.org
3 api.userway.org cdn.userway.org
3 px.ads.linkedin.com 2 redirects snap.licdn.com
2 js.intercomcdn.com widget.intercom.io
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com benefitsbycertipay.com
2 portalone.processonepayments.com 1 redirects benefitsbycertipay.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io benefitsbycertipay.com
1 content.hotjar.io script.hotjar.com
1 www.linkedin.com benefitsbycertipay.com
1 script.hotjar.com static.hotjar.com
1 snap.licdn.com benefitsbycertipay.com
1 code.upscope.io benefitsbycertipay.com
1 static.hotjar.com benefitsbycertipay.com
42 16

This site contains links to these domains. Also see Links.

Domain
pendella.com
Subject Issuer Validity Valid
benefitsbycertipay.com
GTS CA 1P5		 2023-12-30 -
2024-03-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
upscope.io
Amazon RSA 2048 M03		 2023-10-23 -
2024-11-20		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
1667503734.rsc.cdn77.org
R3		 2023-12-19 -
2024-03-18		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2023-03-02 -
2024-03-30		 a year crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://benefitsbycertipay.com/
Frame ID: F8CCB3998578867ECAFC9C9AA7048921
Requests: 38 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.a7088e03.js
Frame ID: C890E2B5DEA87C96D55ACA7349167E8B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CertiPay

Page URL History Show full URLs

  1. http://benefitsbycertipay.com/ HTTP 301
    https://benefitsbycertipay.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

93 %
HTTPS

50 %
IPv6

12
Domains

16
Subdomains

16
IPs

4
Countries

2340 kB
Transfer

5908 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://benefitsbycertipay.com/ HTTP 301
    https://benefitsbycertipay.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://portalone.processonepayments.com/Api/Api/Cdn/GenericModalV2/assets/js/PortalOne.js?purejs HTTP 301
  • https://portalone.processonepayments.com/GenericModalV2/PortalOne.js?purejs
Request Chain 13
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3242348&time=1703947837820&url=https%3A%2F%2Fbenefitsbycertipay.com%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3242348&time=1703947837820&url=https%3A%2F%2Fbenefitsbycertipay.com%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3242348%26time%3D1703947837820%26url%3Dhttps%253A%252F%252Fbenefitsbycertipay.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
benefitsbycertipay.com/
Redirect Chain
  • http://benefitsbycertipay.com/
  • https://benefitsbycertipay.com/
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc1f102e4605fb273077200171577d24defa2aa5be72ad959cad0af44808a8f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
benefitsbycertipay.com
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
83db1895da3a654f-LHR
content-encoding
br
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
same-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="default"
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
cross-origin-window-policy
Deny
date
Sat, 30 Dec 2023 14:50:36 GMT
feature-policy
document-domain
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
gyroscope=(), magnetometer=(), payment=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9T2FwwY%2FAdhJ4CuD7hh9xJK9VD6vicy9VQMZ67zY0erkzCIOUMqge5qPHAAbtj8JTCP%2BwFjdMnS%2BWEft6vV2Iy%2BNKZvjYgnpqk3kENZO6EAIYWxukjsMp3Vw0%2BsX8rOjLcNqf59lp%2B7lkLP7hz8bImpk5pL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
HIT
x-cf-worker
true
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce
x-xss-pwnage
<script>alert('XSS');</script>

Redirect headers

CF-RAY
83db1894ec833d94-LHR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 30 Dec 2023 14:50:35 GMT
Expires
Sat, 30 Dec 2023 15:50:35 GMT
Location
https://benefitsbycertipay.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT8CT3Yg8H1cd8OrtwH5sWO1AA2Fcrf6XT7N4dSWQxyYWW3j3EtUw40m%2BEA7PYEIX0xK1FeKwzCWZPMxKjd15WZh%2BTTgijHd4JMD6vBrqhon188TbtFsJcMxI21cMgXLT%2Fs%2BFp4RKnwQy%2BERRk4rUPRp%2FY9y"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
jquery-libs.min.js
benefitsbycertipay.com/app/libs/ 		115 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/app/libs/jquery-libs.min.js
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b959c168df99fe1b7c93b161eb3915cd4a7f051e2af43e72d9a29285628887d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:00:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658ac05e-1cc5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hk%2BK1Sx6uWt8KeqiS86VhQPjkeo5%2FZ0n16lsruqBwmnyqc3nJZC8eE9DN0B6tFOL%2FW1i37KrTSKts61WgRL1visAF%2FyZPFvd2eJJ2QgP5TeWhhoIYPJJ7q0%2Fq0qklu6oZBHfUYX3F9%2FieaNBIu4due2WCzqC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
83db18996ee0654f-LHR
alt-svc
h3=":443"; ma=86400
PortalOne.js
portalone.processonepayments.com/GenericModalV2/
Redirect Chain
  • https://portalone.processonepayments.com/Api/Api/Cdn/GenericModalV2/assets/js/PortalOne.js?purejs
  • https://portalone.processonepayments.com/GenericModalV2/PortalOne.js?purejs
25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portalone.processonepayments.com/GenericModalV2/PortalOne.js?purejs
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Server
104.16.179.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
44734e809360b75bafad71e4073e5347ee88b2bba61d0c078443245ffb088885
Security Headers
Name Value
Content-Security-Policy default-src * data: gap: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: gap: 'unsafe-inline' 'unsafe-eval'
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
ASP.NET
x-web-farm-node-number
1
content-length
8233
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 06:40:39 GMT
server
cloudflare
etag
"743b66f78e22da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83db189d6b5176f3-LHR
expires
Sat, 30 Dec 2023 18:50:37 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:50:36 GMT
content-security-policy
default-src * data: gap: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://portalone.processonepayments.com/GenericModalV2/PortalOne.js?purejs
cache-control
public, max-age=14400
x-web-farm-node-number
3
cf-ray
83db189a4f5976f3-LHR
x-xss-protection
1; mode=block
expires
Sat, 30 Dec 2023 18:50:36 GMT
vue.min.css
benefitsbycertipay.com/vue/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/vue/css/vue.min.css?id=64652ba98869071f55b2d1d2d160df15
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876250bf89fe47efc0459dc7cf47cbe13e13426922afb57a0bdc820634314dc7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658ac28e-5cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTT0Mt7%2BfhnKRVPEvuO4yBhXX91htT%2FewRCUQ2MHMX6COpYITs5mPzFlMD8BXTo%2FXOMK53LWRU%2BSgkb1H%2FY9WZ9%2BRoDL0h%2FrqQUlYBv6iEkS47E%2FDRf3iJshO2%2FNm%2FFKi3VsxcpRWLnHbUlVP0ed4%2Fmvl2FA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83db18996edf654f-LHR
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CK8VMLEHSS
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc4f2c9c85feece4827cd2b562c574ef13aea11044712169466fb72cfff894d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85390
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Dec 2023 14:50:37 GMT
vue.min.js
benefitsbycertipay.com/vue/js/ 		2 MB
437 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/vue/js/vue.min.js?id=04926ae656401d3db308dd05aa05d5b4
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad6ca090607b8ba815bd3d4673479e4e24f0f17756759bfd832a45152267d30

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658ac28e-224d88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YK0KDHeSdLghpeoEGUjiZuq3Dxjm3jKQKiiCmWYu4NAMuWylpe7XPixnOYCXzCUSmeofurGzqrmUiUHF5Lvgg67E9nh0tinfaHd0hN6NCvyncTfv5dr9Jiof%2FhwloTlMzaJ3fCCG%2FOmYlF0kMxXwgBsu4w30"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
83db18996ee2654f-LHR
alt-svc
h3=":443"; ma=86400
hotjar-2241454.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2241454.js?sv=6
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.38.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-38-8.cdg52.r.cloudfront.net
Software
/
Resource Hash
3679326d19ef03aa7364576d2dc604b4a27bb7f756b3366fdef36399d8968112
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 32897e16f12947ed04abba8acbbf32dc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P6
etag
W/dd72b68ff8948a5ae93c78c3aba254fe
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
2cAQ20BbBmQcvXVihTQJjlnrbgab4gCBthCmY01hqTig72BCJf7UsQ==
gtm.js
www.googletagmanager.com/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NCG6FTP4
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4afc8065928d18ab00d491f1e7514f7ebf865bdc84f42946c2ee300fbb0e3b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44470
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Dec 2023 14:50:37 GMT
2wgcXfiY9b.js
code.upscope.io/ 		159 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://code.upscope.io/2wgcXfiY9b.js
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-56.fra56.r.cloudfront.net
Software
/
Resource Hash
79437ab24636ee377766773786c3e0a0a34c3bf3ecab5a3ef92fc901eb052eb3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:37 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60,public
content-length
159
x-amz-cf-id
fxfl6Xe_94F_7pxnoJXQxA6wWdwy5KrBXZFUjeuUHsnd6xCE5ChMuQ==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=21499
accept-ranges
bytes
content-length
15541
86.js
benefitsbycertipay.com/vue/js/vue.min/ 		623 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/vue/js/vue.min/86.js
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/vue/js/vue.min.js?id=04926ae656401d3db308dd05aa05d5b4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a827400ed9f87ef539f0630c9f393a3f728cecf1d9dc667fde14a66dd57c4e84

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658ac28e-9bbc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QEmngl73G4HGUrw8oPPOrh5moEq98bqsJ%2BybwdjHPQi2uWIh8VXhbRheb5WDq3MCO2aZhmiYlwaOWONQ5AmQu%2BXk3lbKVFB7bsL%2FIDk0UCLFaEhTkwMD6U0mZy4NwOm3fa0B7fQOtApOBP7ntdg%2Btq1yhDZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
83db18a1aafc8895-LHR
alt-svc
h3=":443"; ma=86400
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
eb6398a0114471edabc6249e08a1bee85f0df4c7176b379912020b2cda9ad577

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-77-pop
frankfurtDE
date
Sat, 30 Dec 2023 14:50:37 GMT
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
1338
x-amz-cf-pop
FRA60-P3
age
492
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1703946499
x-77-nzt
EgwBw7WqEQH3OgUAAAwBJRPCLgH3CwAAAA
x-accel-expires
@1703950099
x-77-age
1349
x-cache-lb
HIT
last-modified
Wed, 27 Dec 2023 13:17:39 GMT
server
CDN77-Turbo
etag
W/"b9c3898b29dc13b93eb75f9925d043ea"
x-77-nzt-ray
4c156224d75a483d3d2e90657d30273a
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
content-type
application/javascript
x-amz-cf-id
WvVI8t2ga6qK14w2w1nRup7W2ykZSF4v61DRCZ6lyPk3Riswn7UvFQ==
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CK8VMLEHSS&gtm=45je3bt0v877393544&_p=1703947837522&gcd=11l1l1l1l1&dma=0&cid=1271811972.1703947838&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703947837&sct=1&seg=0&dl=https%3A%2F%2Fbenefitsbycertipay.com%2F&dt=CertiPay&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2216
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CK8VMLEHSS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:50:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://benefitsbycertipay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.618aa075c4d9b6424e07.js
script.hotjar.com/ 		220 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.618aa075c4d9b6424e07.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2241454.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
/
Resource Hash
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Dec 2023 10:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
794432
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55689
last-modified
Thu, 21 Dec 2023 10:09:33 GMT
etag
"6ed2c6300d63320c76677ced187741fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
DXcrZhgG73L4I9PGD4RCfMLdlI9YdLnXezfn4YbAcIcGg7ZSeVpnTQ==
li_sync
www.linkedin.com/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3242348&time=1703947837820&url=https%3A%2F%2Fbenefitsbycertipay.com%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3242348&time=1703947837820&url=https%3A%2F%2Fbenefitsbycertipay.com%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3242348%26time%3D1703947837820%26url%3Dhttps%253A%252F%252Fbenefitsbycertipay.com...
871 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3242348%26time%3D1703947837820%26url%3Dhttps%253A%252F%252Fbenefitsbycertipay.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
01dbf90d927d105a88ee00b02958ebbe87daa5c3e33d21f603b484d7f8e065cd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-msedge-ref
Ref A: 048E3D6199704028B4B927F050CC69BA Ref B: LTSEDGE1714 Ref C: 2023-12-30T14:50:38Z
date
Sat, 30 Dec 2023 14:50:37 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:50:37 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 629E336DEAE14C99B328F0E11E9BD66C Ref B: LTSEDGE1714 Ref C: 2023-12-30T14:50:38Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3242348%26time%3D1703947837820%26url%3Dhttps%253A%252F%252Fbenefitsbycertipay.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNu0WdSB1arPoK4HxApw==
widget_app_base_1703682904009.js
cdn.userway.org/widgetapp/2023-12-27-13-15-04/ 		137 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fef48719eaa745024d0b801254bd0fc8907d2eae226fb77b8550bce864ebd33b

Request headers

Referer
https://benefitsbycertipay.com/
Origin
https://benefitsbycertipay.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-77-pop
frankfurtDE
date
Sat, 30 Dec 2023 14:50:38 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
264200
x-amz-cf-pop
FRA60-P3
age
490
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1703683638
x-77-nzt
EgwBw7WqEQH3CAgEAAwBJRPCKAH3DQAAAA
x-accel-expires
@1729603625
x-77-age
264213
x-cache-lb
HIT
last-modified
Wed, 27 Dec 2023 13:17:34 GMT
server
CDN77-Turbo
etag
W/"eb0a361513cfc3cde5aea3a3fe34989f"
x-77-nzt-ray
4c156224655bfc423e2e90659d7d2d0c
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
PcHnDQhh0EHFRu14yTbQGzTkgxJmvsSV78MWi7WXTShhHtDfo4TfgQ==
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.618aa075c4d9b6424e07.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.194.181.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-181-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1a876caf71b8a509670c150a4607353add3f0f906cf3d2656109be8526a2d568

Request headers

Referer
https://benefitsbycertipay.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 30 Dec 2023 14:50:38 GMT
content-length
56
vary
Origin
content-type
application/json
VA9i0ZMUW4
api.userway.org/api/tunings/ 		755 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/VA9i0ZMUW4
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:7c9e:17f6:e59e:9984 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d5023236724be9babfcf31b22f827c9ad8f16d270a3329a5ad9f37406f735aff

Request headers

Referer
https://benefitsbycertipay.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 30 Dec 2023 14:50:38 GMT
etag
W/"2f3-X/aT0ypAe4IQEvXrEp2qA+qyPt4"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr11cc2eaaf73f448
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
755
x-service-version
uw-pr
/
px.ads.linkedin.com/wa/ 		0
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://benefitsbycertipay.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 30 Dec 2023 14:50:38 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: FF13F99093E94304B123D6F3DBF9015F Ref B: LTSEDGE1020 Ref C: 2023-12-30T14:50:38Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://benefitsbycertipay.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYNu0WjYzew9aXvtLZHvA==
company-data
benefitsbycertipay.com/global/ 		737 B
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/global/company-data
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/vue/js/vue.min.js?id=04926ae656401d3db308dd05aa05d5b4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ab64ccd474d3baba8d064ec00ea85327eb6c490bf632d9a6f5ea54d82eef4a3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://benefitsbycertipay.com/
X-XSRF-TOKEN
H6taRcHqYz6sxJKlXaVXPgh15eGXTdoQUzq9b051
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
H6taRcHqYz6sxJKlXaVXPgh15eGXTdoQUzq9b051
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-cf-worker
true
date
Sat, 30 Dec 2023 14:50:39 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cross-origin-embedder-policy
same-origin
cross-origin-window-policy
Deny
x-cache
HIT
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce
cross-origin-embedder-policy-report-only
require-corp; report-to="default"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7Gn9kLpSourNBw2ZuQX0eZdU6tMyPgTRv5x9dJ%2FNuZ6YtvvhJ1KBolA9HxY7lKQ40Dcr2afpopHWRFac2Tn7ktEYGINZJuAsn%2FbJ6Xkm4%2FNCIx7mVVXjymDIRpsASw12QTeoCX39gY%2FM6lgwX4DZXjh1H%2B7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
benefitsbycertipay.com
cache-control
no-cache, private
feature-policy
document-domain
permissions-policy
gyroscope=(), magnetometer=(), payment=()
x-xss-pwnage
<script>alert('XSS');</script>
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
83db18a7ccd48895-LHR
Inter-SemiBold.ttf
benefitsbycertipay.com/vue/fonts/Inter/ 		308 KB
309 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/vue/fonts/Inter/Inter-SemiBold.ttf
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/vue/css/vue.min.css?id=64652ba98869071f55b2d1d2d160df15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8

Request headers

Referer
https://benefitsbycertipay.com/vue/css/vue.min.css?id=64652ba98869071f55b2d1d2d160df15
Origin
https://benefitsbycertipay.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:39 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"658ac064-4d16c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUI44AoOYMDwFljmklguDJO6lFgEfU6ScL22jz3pqYcMuRvDmJ0GHpgZx1mx1tNaAh1cNP9Owx7So2n%2FAoWojZcjsU%2BfNsnHdS1Qk6d%2BOxFHFJKOxKVFRZLDAZpzNBqpS3hx4Up3djYPiTlwoQYtIP9zrvON"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83db18a7dcf48895-LHR
alt-svc
h3=":443"; ma=86400
content-length
315756
Inter-Regular.ttf
benefitsbycertipay.com/vue/fonts/Inter/ 		303 KB
303 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/vue/fonts/Inter/Inter-Regular.ttf
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/vue/css/vue.min.css?id=64652ba98869071f55b2d1d2d160df15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a

Request headers

Referer
https://benefitsbycertipay.com/vue/css/vue.min.css?id=64652ba98869071f55b2d1d2d160df15
Origin
https://benefitsbycertipay.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:39 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"658ac064-4ba44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bOOI5GW0gNOaNuur02eLq3avx0F1Y8YL4o%2B8Y1s06JRUeG53hv7Vuxgtl5GF2krwW4VWEGEBC83UEzsgJXuGZMm4enSeY5HVB0qp4sxsTw00vrqUmGb2O9fmkxyOc6wvSTQyZbe1L6bz0Bgo9gE1D3Zp%2Bv2"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83db18a7dcf78895-LHR
alt-svc
h3=":443"; ma=86400
content-length
309828
en-US.json
cdn.userway.org/widgetapp/2023-12-27-13-15-04/locales/ 		500 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-77-pop
frankfurtDE
date
Sat, 30 Dec 2023 14:50:39 GMT
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
264197
x-amz-cf-pop
FRA60-P3
age
487
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1703683642
x-77-nzt
EgwBw7WqEQH3BQgEAAwB1GY4nAH3EAAAAA
x-accel-expires
@1729603626
x-77-age
264213
x-cache-lb
HIT
last-modified
Wed, 27 Dec 2023 13:17:33 GMT
server
CDN77-Turbo
etag
W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray
4c156224655bfc423f2e9065ed034c03
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
BwRWek_memvl-WuyC_WpTPqfRRLEwG46_Ddem12vDUhlkB3lG8Anvw==
availability
benefitsbycertipay.com/agent/ 		219 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/agent/availability
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/vue/js/vue.min.js?id=04926ae656401d3db308dd05aa05d5b4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90c92e75af6620a7a29a0cd2e9235544915bdbe96ba1048f5f1f280ee524907
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://benefitsbycertipay.com/
X-XSRF-TOKEN
H6taRcHqYz6sxJKlXaVXPgh15eGXTdoQUzq9b051
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
H6taRcHqYz6sxJKlXaVXPgh15eGXTdoQUzq9b051
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-cf-worker
true
date
Sat, 30 Dec 2023 14:50:39 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cross-origin-embedder-policy
same-origin
cross-origin-window-policy
Deny
x-cache
HIT
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce
cross-origin-embedder-policy-report-only
require-corp; report-to="default"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYkgPbnj2s2Oux3unWI3XyTOuFinzo0pi5NbqwizMvvxqj4qHGBrQ%2BcsUS10jMklW5kb%2B06b29zKm8VmmMBrativ46ZVlErZGqPY6%2BRyT61XjUe8oynpCon2TmHCasTfD%2BDnTCjK9pTy6x2WOZszZhHAQVK%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
benefitsbycertipay.com
cache-control
no-cache, private
feature-policy
document-domain
permissions-policy
gyroscope=(), magnetometer=(), payment=()
x-xss-pwnage
<script>alert('XSS');</script>
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
83db18ab794f8895-LHR
remediation-tool-free.js
cdn.userway.org/remediation/free/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1703682904009
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e4412b67eb8c67e19774da629f747a1cca29d89af2d93b30ca50dc7e3106437b

Request headers

Referer
https://benefitsbycertipay.com/
Origin
https://benefitsbycertipay.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-77-pop
frankfurtDE
date
Sat, 30 Dec 2023 14:50:39 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
264198
x-amz-cf-pop
FRA60-P3
age
488
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1703683641
x-77-nzt
EgwBw7WqEQH3BggEAAwBJRPCKAH3EAAAAA
x-accel-expires
@1729603625
x-77-age
264214
x-cache-lb
HIT
last-modified
Wed, 27 Dec 2023 13:17:38 GMT
server
CDN77-Turbo
etag
W/"29cb57a634f3d6ed3e17dfdec2e09c32"
x-77-nzt-ray
4c156224655bfc423f2e9065dbd69a1e
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
ka4ll7FxuM4Iy-igtlK4m2xCuND3Z8tTfNDq8HzVOfObv6k2dJ2vvg==
wheel_right_bl.svg
cdn.userway.org/widgetapp/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/wheel_right_bl.svg
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1c81f80d3878013d5dc66616ca3c21f085d4af6b0b076b0b149acef05da7a14e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-77-pop
frankfurtDE
date
Sat, 30 Dec 2023 14:50:39 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
264098
x-amz-cf-pop
FRA60-P3
age
6
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1703683741
x-77-nzt
EgwBw7WqEQH3ogcEAAwBJRPCNAH3cAAAAA
x-accel-expires
@1729603629
x-77-age
264210
x-cache-lb
HIT
last-modified
Wed, 27 Dec 2023 13:17:34 GMT
server
CDN77-Turbo
etag
W/"66e207a98020ce81d086e97f22a4833c"
x-77-nzt-ray
4c156224d75a483d3f2e9065e046a61f
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
bf84YDC3nO3pIo6ZamTrDRYG4V7Ox9NfvWlqHUcIzK8PP3q-07V3_A==
spin_bl.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_bl.svg
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-77-pop
frankfurtDE
date
Sat, 30 Dec 2023 14:50:39 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
264195
x-amz-cf-pop
FRA60-P3
age
6
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1703683644
x-77-nzt
EgwBw7WqEQH3AwgEAAwBJRPCMQH3DwAAAA
x-accel-expires
@1729603629
x-77-age
264210
x-cache-lb
HIT
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"f1006e80919a554a181eeffcb6b3e381"
x-77-nzt-ray
4c156224d75a483d3f2e90658240ae1f
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
VjmVWoUs8mNLBo3bDmg7pOjFoMFz241_58zSwfHLLyAuNrUIfywYiQ==
rec-engine
benefitsbycertipay.com/global/app-data/ 		1 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/global/app-data/rec-engine
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/vue/js/vue.min.js?id=04926ae656401d3db308dd05aa05d5b4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03abb3b0152d4910b1f47c44a95796bcab93fd2c1e78de373e5661576de215af
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://benefitsbycertipay.com/
X-XSRF-TOKEN
H6taRcHqYz6sxJKlXaVXPgh15eGXTdoQUzq9b051
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
H6taRcHqYz6sxJKlXaVXPgh15eGXTdoQUzq9b051
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-cf-worker
true
date
Sat, 30 Dec 2023 14:50:39 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cross-origin-embedder-policy
same-origin
cross-origin-window-policy
Deny
x-cache
HIT
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce
cross-origin-embedder-policy-report-only
require-corp; report-to="default"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APY7%2By9viV9D%2ByG69sBES7YP7DENo%2FAxSJXtdDlsevLkRJje8TN%2BZDDU8vN2h6xRGhdZ2lHKo7SZ3a0TZsVg1rkvdMOQFZoJrgEV5atAp1YVQARQJJYtsuV3UNa9gGKgbxAUIAU8TLsIuC%2BWuicoJa7V1efl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
benefitsbycertipay.com
cache-control
no-cache, private
feature-policy
document-domain
permissions-policy
gyroscope=(), magnetometer=(), payment=()
x-xss-pwnage
<script>alert('XSS');</script>
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
83db18ad5b278895-LHR
nurvkrxn
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/nurvkrxn
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-55.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbf5a3b1c578c3c0a520daf59bfc6c8b9db9d51372373c0aaadc4c6f35f583b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id
o3HrZ3dpgDzNVlo7tDjp5ufzVVvApiiU
content-encoding
gzip
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
date
Sat, 30 Dec 2023 14:45:57 GMT
x-amz-cf-pop
AMS58-P2
age
286
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2703
last-modified
Tue, 26 Dec 2023 08:20:22 GMT
server
AmazonS3
etag
"922adf1f05d80536d149e246f05cc635"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
6cUpj2SIDr0weeteIZS6TV8lvnm9VOfyBsqF5QbQoh-WFweENKzVFg==
session-data
benefitsbycertipay.com/global/ 		2 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/global/session-data
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/vue/js/vue.min.js?id=04926ae656401d3db308dd05aa05d5b4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://benefitsbycertipay.com/
X-XSRF-TOKEN
H6taRcHqYz6sxJKlXaVXPgh15eGXTdoQUzq9b051
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
H6taRcHqYz6sxJKlXaVXPgh15eGXTdoQUzq9b051
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-cf-worker
true
date
Sat, 30 Dec 2023 14:50:40 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cross-origin-embedder-policy
same-origin
cross-origin-window-policy
Deny
x-cache
HIT
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce
cross-origin-embedder-policy-report-only
require-corp; report-to="default"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfhqIRkif1mt1GDlLzgtDw6few5Z2Wy5XbC8Ag96uD6xxSHUp4V3WnhOtqWqw%2FsVmr4GNBJ0sEDt45BXidShj2nw6ZiwZcOFKAk9lSPG2QdjDlbUQlvQq98qnnAiJ9AksQMsJSWIH1Qxb%2FSM4BKBDzarR1Iv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
benefitsbycertipay.com
cache-control
no-cache, private
feature-policy
document-domain
permissions-policy
gyroscope=(), magnetometer=(), payment=()
x-xss-pwnage
<script>alert('XSS');</script>
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
83db18af8d768895-LHR
certipay.png
benefitsbycertipay.com/app/companies/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefitsbycertipay.com/app/companies/img/certipay.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116808b8e9b9380c5f4d7fcfeea75389d2249dec73901a03178ab6aa6eec55ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:40 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"658ac064-2d53"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXnrGUryck%2FUaStyjx1YSRH3BVYq%2FCNq1EDPuMD7k9hmKztIispuWnAmMzkCh3IhXHS8uHd6Dz3DYGY66dYKPPDel8QGMpu57H8jNbX3Yz6y568qLKA%2FXFzwZ%2BgjTt4orOvhd%2FkOsM4%2BKw%2F6WCZJeB2zpQwn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83db18b1d87c8895-LHR
alt-svc
h3=":443"; ma=86400
content-length
11603
family-bg.webp
benefitsbycertipay.com/images/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefitsbycertipay.com/images/family-bg.webp?83bb5ce22548e43eac2f001223157666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77ef07be7d1a4f1c446736798e150a6c6aa9fa495193cca85266863fb4eb229

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:40 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:00:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"658ac05e-1d8c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGglw%2FsJsT0NF0anjlvsBwoKcjr20OpY1DdSPW2b6hBFX6CxVzbS202IiNS%2F6OGHuF9RwaSwK5fACYl8%2FCaiF7fTHN6dknt1wa5BsR1hz3tq3oKYQkMEjC25rrnI2NIRuDcDNQ3Z5mHybI%2BKYwPhuBfkV%2B6l"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83db18b1d87e8895-LHR
alt-svc
h3=":443"; ma=86400
content-length
121032
landing-family.webp
benefitsbycertipay.com/images/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefitsbycertipay.com/images/landing-family.webp?56938ec0798bd8b16876b61b50ae5d5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0adaa9561056d4c5aa90c264781c222b5ee587add20c76fee0ac822e9630bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:40 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:00:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"658ac05e-10bca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oBS5T7Mv%2BGMTB2hPedmy%2BmaP%2FTGTrKyjxkH3DkIBHVaPJOua4cLfQBsKVNgP9g8%2Bg26gQ6h27T7%2F%2FXC5JEYB1sfDWYLHeM4dijtwgf7VjJpotL8ImOJ97bF6boO84WxAUM7hfE%2FSa0tOKqL4twehuhRojMo"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83db18b1d87f8895-LHR
alt-svc
h3=":443"; ma=86400
content-length
68554
Inter-Bold.ttf
benefitsbycertipay.com/vue/fonts/Inter/ 		309 KB
309 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://benefitsbycertipay.com/vue/fonts/Inter/Inter-Bold.ttf
Requested by
Host: benefitsbycertipay.com
URL: https://benefitsbycertipay.com/vue/css/vue.min.css?id=64652ba98869071f55b2d1d2d160df15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470

Request headers

Referer
https://benefitsbycertipay.com/vue/css/vue.min.css?id=64652ba98869071f55b2d1d2d160df15
Origin
https://benefitsbycertipay.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:40 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Dec 2023 12:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"658ac064-4d2c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bo7VTTk7ri1%2BM0L5sYqNMhABc3LtNfaLWzouknz6jJZ7%2BpxrlKyPuRBruZgXrUV32GyvNsjHW9GT3PUvMohsI5i0GNGRlR2gsghhNMz%2F3tyhjdDWNt4TEXU3Py40eC8X3YxP0SY52wuVNvOaHdra9RvkTXg7"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83db18b1d8828895-LHR
alt-svc
h3=":443"; ma=86400
content-length
316100
frame-modern.a7088e03.js
js.intercomcdn.com/ Frame C890 		516 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.a7088e03.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nurvkrxn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0678515917f713df8348320a20d1a98315251825e1170c19da662eb8e4598c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id
PmHY72Gv1QJRxOdalBbAv6p2h3bWHyDD
content-encoding
gzip
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
date
Sat, 30 Dec 2023 14:34:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
978
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145529
last-modified
Tue, 26 Dec 2023 08:10:22 GMT
server
AmazonS3
etag
"7203bccb6f2f73ca8c533b971cf451b3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
NFa48XCyc5d-EX6eLx3RiSOYqQbNAC0qMreWDXl8G9LArJT_mXztxg==
vendor-modern.24a7e600.js
js.intercomcdn.com/ Frame C890 		426 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.24a7e600.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nurvkrxn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5b165425a66e40e336a34f4071017d588bdc1c91bdb5cc1c454332fa9094ca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id
pu3ezjJhWzFoGB7M5LeFZCwEfSxNpoCN
content-encoding
gzip
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
date
Sat, 30 Dec 2023 13:37:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
4378
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
133881
last-modified
Tue, 26 Dec 2023 08:10:22 GMT
server
AmazonS3
etag
"3e5d37f23d2efcf1e9baa9a48007ae20"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
pE45ZgjB4lLQ_5O1rTOUoZL1QAocptXYK8ndk_kcskQNituAJ8xsMQ==
ping
api-iam.intercom.io/messenger/web/ Frame C890 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.a7088e03.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.68.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-68-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ad8a94a581b2efab142b3ce88b5e3a4441803bec045e0d07080a28db8c2b7e7c
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 30 Dec 2023 14:50:41 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0c1d1d111220402c9
status
200 OK
x-xss-protection
1; mode=block
x-request-id
002ri1lilkq4hcgbi84g
x-runtime
0.315431
server
nginx
etag
W/"ad8a94a581b2efab142b3ce88b5e3a44"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://benefitsbycertipay.com
x-intercom-version
d1024b8887aeffd88c15715f3464730c3e6e7d38
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CK8VMLEHSS&gtm=45je3bt0v877393544&_p=1703947837522&gcd=11l1l1l1l1&dma=0&cid=1271811972.1703947838&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703947837&sct=1&seg=0&dl=https%3A%2F%2Fbenefitsbycertipay.com%2F&dt=CertiPay&en=scroll&epn.percent_scrolled=90&_et=14&tfd=7237
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CK8VMLEHSS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:50:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://benefitsbycertipay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fbenefitsbycertipay.com%2F/MOBILE/WIDGET_OFF/ 		77 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fbenefitsbycertipay.com%2F/MOBILE/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:7c9e:17f6:e59e:9984 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://benefitsbycertipay.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Dec 2023 14:50:44 GMT
etag
W/"4d-LFMdxGwYZe/xj6Qk5mJ4pvoM+ew"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-809f5266
scan_1703682904009.js
cdn.userway.org/widgetapp/2023-12-27-13-15-04/scan/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/scan/scan_1703682904009.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
771b265798b85ee594754f3c9ff0fc845c2e287b6742181a4855d891b3ef1ac4

Request headers

Referer
https://benefitsbycertipay.com/
Origin
https://benefitsbycertipay.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-77-pop
frankfurtDE
date
Sat, 30 Dec 2023 14:50:44 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
264148
x-amz-cf-pop
FRA60-P3
age
485
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1703683696
x-77-nzt
EgwBw7WqEQH31AcEAAwB1GY4AQH3PwAAAA
x-accel-expires
@1729603633
x-77-age
264211
x-cache-lb
HIT
last-modified
Wed, 27 Dec 2023 13:17:33 GMT
server
CDN77-Turbo
etag
W/"5f3ef1d42a27c5de1d1c341f70d833e7"
x-77-nzt-ray
4c156224655bfc42442e906552cfdb2a
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
ZnRmNABtBQHad9xQ5SwLff9FuBeRfvcaYTanU4o3zzyEFVUxEwj8Bg==
contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fbenefitsbycertipay.com%2F/MOBILE/ 		0
0
contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fbenefitsbycertipay.com%2F/MOBILE/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fbenefitsbycertipay.com%2F/MOBILE/contrib
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:7c9e:17f6:e59e:9984 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://benefitsbycertipay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
max-age=604800
date
Sat, 30 Dec 2023 14:50:44 GMT
x-service-version
seo-w-809f5266

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.userway.org
URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fbenefitsbycertipay.com%2F/MOBILE/contrib

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| $jscomp function| $ function| jQuery object| OneInc function| __assign string| csrfToken object| urlRoute function| gtag object| dataLayer function| hj object| _hjSettings object| intercomSettings number| intercomStatus function| Intercom function| Upscope string| _linkedin_partner_id object| _linkedin_data_partner_ids object| webpackChunk object| __VUE_INSTANCE_SETTERS__ object| __vueuse_ssr_handlers__ boolean| __VUE__ object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| lintrk boolean| _already_called_lintrk object| UserWayWidgetApp function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __rest object| messageStream object| _userway_config boolean| _userway object| ORIBILI function| _ object| gsapVersions object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async function| __intercomAssignLocation function| __intercomReloadLocation

19 Cookies

Domain/Path Name / Value
benefitsbycertipay.com/ Name: XSRF-TOKEN
Value: H6taRcHqYz6sxJKlXaVXPgh15eGXTdoQUzq9b051
benefitsbycertipay.com/ Name: pendellaapp_ses
Value: jIfuNFYIiY4sgmEEBXVfn3CqNGzFNxOOcoqZV6xM
.benefitsbycertipay.com/ Name: _ga
Value: GA1.1.1271811972.1703947838
.benefitsbycertipay.com/ Name: _ga_CK8VMLEHSS
Value: GS1.1.1703947837.1.0.1703947837.0.0.0
.benefitsbycertipay.com/ Name: _hjFirstSeen
Value: 1
.benefitsbycertipay.com/ Name: _hjIncludedInSessionSample_2241454
Value: 1
.benefitsbycertipay.com/ Name: _hjSessionUser_2241454
Value: eyJpZCI6ImQyNDk5M2I5LTQzZWItNWFiOS1iMGNlLWVmZWI1ZjMzNTY4MSIsImNyZWF0ZWQiOjE3MDM5NDc4MzgxMDUsImV4aXN0aW5nIjp0cnVlfQ==
.benefitsbycertipay.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.benefitsbycertipay.com/ Name: _hjSession_2241454
Value: eyJpZCI6IjNlOWVhNjE4LTM4ZWYtNGZiOS05ZTNkLTViNDdlNmZjMjg3NiIsImMiOjE3MDM5NDc4MzgxMDksInMiOjEsInIiOjEsInNiIjoxfQ==
.linkedin.com/ Name: li_sugr
Value: 75613472-6fcf-4dd9-b23f-3976714fcbfc
.linkedin.com/ Name: bcookie
Value: "v=2&48bd4e16-0e7f-4592-8c23-6e52886d5b10"
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2922:u=1:x=1:i=1703947838:t=1704034238:v=2:sig=AQF32jTsmLwAZmOQTKVFQHHw2MFmBCt2"
.linkedin.com/ Name: UserMatchHistory
Value: AQKLprglbW4qigAAAYy7NKMs6VTrIenCPlIxAY2rKycy4ppnsSvsAaqBXKWcRkI1tIJGSH-A6DjFjg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIjQ1ExdDCnNAAAAYy7NKMsF5FNs6hmjCvm5nSscZc2PSiPVFyoQDYO-u-mTi5yEihXIk5snB9ZafH5VNMFhg
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDM5NDc4Mzg7MjswMjE1K7atzp1ehas0ePODAgjNGUFD724yXsgXFVVc3vBk5Q==
.benefitsbycertipay.com/ Name: mp_e8c7e12348397e639986f3ac5f85b662_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18cbb34ab071255-09ed1b7e3d81ff-3c2b380c-1d4c00-18cbb34ab071255%22%2C%22%24device_id%22%3A%20%2218cbb34ab071255-09ed1b7e3d81ff-3c2b380c-1d4c00-18cbb34ab071255%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22productName%22%3A%20%22Recommendation%20Engine%22%2C%22fromRecEngine%22%3A%20%22No%22%2C%22step%22%3A%20%22Welcome%22%2C%22initialSource%22%3A%20%22Direct%22%7D
.benefitsbycertipay.com/ Name: intercom-id-nurvkrxn
Value: e18138b7-b984-49f2-96e7-27177d96f29f
.benefitsbycertipay.com/ Name: intercom-session-nurvkrxn
Value:
.benefitsbycertipay.com/ Name: intercom-device-id-nurvkrxn
Value: e30383ac-1859-47be-a2f4-a1821d345baf

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
network error URL: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3242348%26time%3D1703947837820%26url%3Dhttps%253A%252F%252Fbenefitsbycertipay.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1703682904009
Message:
Refused to connect to 'https://cdn77.api.userway.org/api/img-dscr/v2/VA9i0ZMUW4/2684956/OZwibxrzwKay6zul/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fbenefitsbycertipay.com%2Fapp%2Fcompanies%2Fimg%2Fcertipay.png%22%2C%22alt%22%3A%22Company%20logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fbenefitsbycertipay.com%2Fimages%2Flanding-family.png%22%2C%22alt%22%3A%22Family%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D' because it violates the following Content Security Policy directive: "connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com".
javascript error URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1703682904009
Message:
Refused to connect to 'https://cdn77.api.userway.org/api/img-dscr/v2/VA9i0ZMUW4/2684956/OZwibxrzwKay6zul/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fbenefitsbycertipay.com%2Fapp%2Fcompanies%2Fimg%2Fcertipay.png%22%2C%22alt%22%3A%22Company%20logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fbenefitsbycertipay.com%2Fimages%2Flanding-family.png%22%2C%22alt%22%3A%22Family%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' gap: ssl.gstatic.com *; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com snap.licdn.com px.ads.linkedin.com google-analytics.com facebook.net licdn.com *.stripe.com stripe.com cdn.jsdelivr.net code.jquery.com cdn.userway.org api-js.mixpanel.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com app.intercom.io js.intercomcdn.com widget.intercom.io *.upscope.io; style-src 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; style-src-elem 'self' 'report-sample' 'unsafe-inline' onlineerp.solution.quebec stripe.com *.stripe.com cdnjs.cloudflare.com *.pendella.com pendella.com www.google.com fonts.googleapis.com assets.calendly.com cdn.jsdelivr.net www.gstatic.com kit.fontawesome.com *.typekit.net *.processonepayments.com snap.licdn.com *.assurity.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.hotjar.com www.googletagmanager.com *.intercom.io js.intercomcdn.com cdn.userway.org; img-src 'self' data: *.linkedin.com p.adsymptotic.com use.typekit.net www.compulifeapi.com *.pendella.com pendella.com wq.ninjaquoter.com *.stripe.com cdn.userway.org havenlife.com *.googletagmanager.com *.google-analytics.com *.upscope.io *.intercomcdn.com static.intercomassets.com static.intercomassets.eu *.intercomcdn.eu *.intercomusercontent.com *.intercom.io *.intercom-attachments-1.com *.intercom-attachments.eu *.au.intercom-attachments.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-4.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-8.com *.intercom-attachments-9.com static.au.intercomassets.com *.hotjar.com; child-src 'self' *.google.com intercom-sheets.com www.intercom-reporting.com www.youtube.com player.vimeo.com fast.wistia.net; frame-src 'self' *.processonepayments.com *.stripe.com *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com testapi.assurity.com cdn.userway.org www.google.com calendly.com app.lifehappens.org *.pendella.com pendella.com intercom-sheets.com app.lifehappens.org *.upscope.io vars.hotjar.com; connect-src 'self' wss://*.intercom.io api-js.mixpanel.com ka-f.fontawesome.com *.stripe.com api.userway.org *.intercom.io *.intercomcdn.com *.intercomcdn.eu *.intercomusercontent.com *.google-analytics.com *.upscope.io wss://*.upscope.io cdn.userway.org/ cdn.linkedin.oribi.io px.ads.linkedin.com *.hotjar.io *.hotjar.com wss://*.hotjar.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com ka-f.fontawesome.com js.intercomcdn.com fonts.intercomcdn.com *.pendella.com pendella.com www.compulifeapi.com use.typekit.net *.hotjar.com; form-action 'self' calendly.com intercom.help *.intercom.io; frame-ancestors 'self' *.pendella.com pendella.com www.w3schools.com *.prismhr.com *.entertimeonline.com *.saashr.com *.britehr.app *.be-brite.com *.choosemylo.com *.risk-strategies-benefitoptions.com *.getpendella.com *.termprovider.com *.thewellingtongroupllc.com *.theinsuranceloft.com *.gethealthee.com *.employsource.net *.ownerschoicebenefits.com *.cbiz.com *.execupay.com *.affordacareinsurance.com *.advanstaff.com *.simployonline.com *.ichra.shop *.wentworthfp.com *.getbritehr.com *.spirithr.com *.craneagency.com *.partnerspeo.com *.csone.com *.therichardsgrp.com *.paydayes.com *.invst.com *.rtconsultingllc.com *.explainmybenefits.com *.enrollsolutions.com *.groupmgmt.com *.enrollwithbe.com *.multikrd.com *.theworksitegroup.com *.velocity-benefits.com *.respondershealth.org *.iafffc-insurance.com *.chimienti.com *.benechoice.com *.isolvedhcm.com *.thevoluntarybenefitsshop.com *.exphrpeo.com *.health365.co *.vensure.com *.mercer.com *.mercerindigo.com mercerindigo.com *.certipay.com certipay.com sites.brightfire.com usasportsbenefits.com *.usasportsbenefits.com; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://scotthelme.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.userway.org
benefitsbycertipay.com
cdn.userway.org
code.upscope.io
content.hotjar.io
js.intercomcdn.com
portalone.processonepayments.com
px.ads.linkedin.com
region1.google-analytics.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
widget.intercom.io
www.googletagmanager.com
www.linkedin.com
api.userway.org
104.16.179.241
13.32.27.107
18.239.36.55
18.66.147.5
2001:4860:4802:32::36
2600:1f14:5db:eb00:7c9e:17f6:e59e:9984
2606:4700:3031::6815:5317
2606:4700:3033::ac43:a755
2620:1ec:21::14
2a00:1450:4001:81c::2008
2a02:26f0:7100::1720:ef23
2a02:6ea0:c700::19
3.162.38.8
44.216.68.47
54.194.181.161
65.9.66.56
01dbf90d927d105a88ee00b02958ebbe87daa5c3e33d21f603b484d7f8e065cd
03abb3b0152d4910b1f47c44a95796bcab93fd2c1e78de373e5661576de215af
0678515917f713df8348320a20d1a98315251825e1170c19da662eb8e4598c08
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5
116808b8e9b9380c5f4d7fcfeea75389d2249dec73901a03178ab6aa6eec55ce
1a876caf71b8a509670c150a4607353add3f0f906cf3d2656109be8526a2d568
1ab64ccd474d3baba8d064ec00ea85327eb6c490bf632d9a6f5ea54d82eef4a3
1c81f80d3878013d5dc66616ca3c21f085d4af6b0b076b0b149acef05da7a14e
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
3679326d19ef03aa7364576d2dc604b4a27bb7f756b3366fdef36399d8968112
3ad6ca090607b8ba815bd3d4673479e4e24f0f17756759bfd832a45152267d30
44734e809360b75bafad71e4073e5347ee88b2bba61d0c078443245ffb088885
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
4afc8065928d18ab00d491f1e7514f7ebf865bdc84f42946c2ee300fbb0e3b1c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
5b959c168df99fe1b7c93b161eb3915cd4a7f051e2af43e72d9a29285628887d
5f0adaa9561056d4c5aa90c264781c222b5ee587add20c76fee0ac822e9630bc
771b265798b85ee594754f3c9ff0fc845c2e287b6742181a4855d891b3ef1ac4
79437ab24636ee377766773786c3e0a0a34c3bf3ecab5a3ef92fc901eb052eb3
876250bf89fe47efc0459dc7cf47cbe13e13426922afb57a0bdc820634314dc7
a827400ed9f87ef539f0630c9f393a3f728cecf1d9dc667fde14a66dd57c4e84
ad8a94a581b2efab142b3ce88b5e3a4441803bec045e0d07080a28db8c2b7e7c
b90c92e75af6620a7a29a0cd2e9235544915bdbe96ba1048f5f1f280ee524907
bbf5a3b1c578c3c0a520daf59bfc6c8b9db9d51372373c0aaadc4c6f35f583b1
bc4f2c9c85feece4827cd2b562c574ef13aea11044712169466fb72cfff894d2
cdc1f102e4605fb273077200171577d24defa2aa5be72ad959cad0af44808a8f
d5023236724be9babfcf31b22f827c9ad8f16d270a3329a5ad9f37406f735aff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4412b67eb8c67e19774da629f747a1cca29d89af2d93b30ca50dc7e3106437b
e77ef07be7d1a4f1c446736798e150a6c6aa9fa495193cca85266863fb4eb229
eb6398a0114471edabc6249e08a1bee85f0df4c7176b379912020b2cda9ad577
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f5b165425a66e40e336a34f4071017d588bdc1c91bdb5cc1c454332fa9094ca9
fef48719eaa745024d0b801254bd0fc8907d2eae226fb77b8550bce864ebd33b