go.hellobenefex.com Open in urlscan Pro
18.232.28.189 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&...
Submission: On April 06 via api (April 6th 2022, 8:47:38 am UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 29 domains to perform 89 HTTP transactions. The main IP is 18.232.28.189, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is go.hellobenefex.com.
TLS certificate: Issued by R3 on February 16th 2022. Valid for: 3 months.

This is the only time go.hellobenefex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	18.232.28.189 18.232.28.189	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	104.92.88.226 104.92.88.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:224... 2600:9000:224a:5400:d:7e9b:1200:93a1	16509 (AMAZON-02) (AMAZON-02)
18	185.152.64.17 185.152.64.17	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e024	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:802::2010	15169 (GOOGLE) (GOOGLE)
1	65.9.66.34 65.9.66.34	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.47 108.157.4.47	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.66 143.204.98.66	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.9.64 23.111.9.64	33438 (STACKPATH) (STACKPATH)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	108.157.4.45 108.157.4.45	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	34.192.95.69 34.192.95.69	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2014	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	185.19.40.106 185.19.40.106	61001 (RTAP10010...) (RTAP100100-RIPE)
3	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.74.116.255 54.74.116.255	16509 (AMAZON-02) (AMAZON-02)
8	52.34.133.113 52.34.133.113	16509 (AMAZON-02) (AMAZON-02)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	104.16.139.31 104.16.139.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:110:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1 2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
89	41

7 18.232.28.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-6-ue1.aws.pardot.com

go.hellobenefex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.88.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-88-226.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:5400:d:7e9b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)

storage.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.152.64.17 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com

load.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-47.dus51.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-66.fra50.r.cloudfront.net

static-ssl.responsetap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.64 (United States)

ASN33438 (STACKPATH, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-45.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.95.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-95-69.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

moneypennychat.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.19.40.106 (United Kingdom)

ASN61001 (RTAP100100-RIPE, GB)
PTR: 185-19-40-106.rdns.rtap.net

metrics.responsetap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.116.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.34.133.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-133-113.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.139.31 (None, )

ASN13335 (CLOUDFLARENET, US)

api.bufferapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:110:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (United States) 1 redirects

ASN54113 (FASTLY, US)

reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	sumo.com load.sumo.com — Cisco Umbrella Rank: 10870 sumo.com — Cisco Umbrella Rank: 9679	635 KB
5	clarity.ms 1 redirects j.clarity.ms — Cisco Umbrella Rank: 2104 c.clarity.ms — Cisco Umbrella Rank: 644	24 KB
5	hellobenefex.com 1 redirects go.hellobenefex.com	16 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 99 graph.facebook.com — Cisco Umbrella Rank: 112 api.facebook.com — Cisco Umbrella Rank: 862	2 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 624 script.hotjar.com — Cisco Umbrella Rank: 958 vars.hotjar.com — Cisco Umbrella Rank: 1008 in.hotjar.com — Cisco Umbrella Rank: 1743	66 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 390 c.bing.com — Cisco Umbrella Rank: 230	13 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	60 KB
3	google.com www.google.com — Cisco Umbrella Rank: 7 clients6.google.com — Cisco Umbrella Rank: 97	655 B
3	appspot.com moneypennychat.appspot.com — Cisco Umbrella Rank: 155075	15 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 15521 scout.salesloft.com — Cisco Umbrella Rank: 16214	4 KB
3	responsetap.com static-ssl.responsetap.com — Cisco Umbrella Rank: 31213 metrics.responsetap.com — Cisco Umbrella Rank: 37179	9 KB
3	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 494 fonts.googleapis.com — Cisco Umbrella Rank: 45	137 KB
3	pardot.com storage.pardot.com — Cisco Umbrella Rank: 10739 pi.pardot.com — Cisco Umbrella Rank: 4281	10 KB
3	linkedin.com 1 redirects platform.linkedin.com — Cisco Umbrella Rank: 3722 px.ads.linkedin.com — Cisco Umbrella Rank: 385 px4.ads.linkedin.com — Cisco Umbrella Rank: 4868	1 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 579 syndication.twitter.com — Cisco Umbrella Rank: 828	133 KB
2	reddit.com 1 redirects reddit.com — Cisco Umbrella Rank: 928 www.reddit.com — Cisco Umbrella Rank: 2470	951 B
2	google.de www.google.de — Cisco Umbrella Rank: 5640	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	114 KB
1	pinterest.com widgets.pinterest.com — Cisco Umbrella Rank: 6713	448 B
1	bufferapp.com api.bufferapp.com — Cisco Umbrella Rank: 42868	441 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 7967	1008 B
1	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3073	356 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 938	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105	15 KB
1	sumome.com load.sumome.com — Cisco Umbrella Rank: 35560	2 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 6414	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	78 KB
0	benefex.co.uk Failed www.benefex.co.uk Failed
89	29

	Domain	Requested by
17	load.sumo.com	load.sumome.com
8	sumo.com	load.sumo.com
5	go.hellobenefex.com	1 redirects go.hellobenefex.com pi.pardot.com
4	www.google-analytics.com	www.googletagmanager.com go.hellobenefex.com www.google-analytics.com
3	j.clarity.ms	bat.bing.com j.clarity.ms
3	moneypennychat.appspot.com	go.hellobenefex.com storage.googleapis.com
3	bat.bing.com	go.hellobenefex.com bat.bing.com
2	fonts.googleapis.com	client
2	c.clarity.ms	1 redirects
2	pi.pardot.com	go.hellobenefex.com pi.pardot.com
2	www.facebook.com	go.hellobenefex.com
2	www.google.de	go.hellobenefex.com
2	www.google.com	go.hellobenefex.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	static-ssl.responsetap.com	go.hellobenefex.com static-ssl.responsetap.com
2	connect.facebook.net	go.hellobenefex.com connect.facebook.net
2	platform.twitter.com	go.hellobenefex.com platform.twitter.com
1	www.reddit.com
1	reddit.com	1 redirects
1	widgets.pinterest.com	load.sumo.com
1	api.facebook.com	load.sumo.com
1	graph.facebook.com	load.sumo.com
1	api.bufferapp.com	load.sumo.com
1	clients6.google.com	load.sumo.com
1	c.bing.com	1 redirects
1	in.hotjar.com	script.hotjar.com
1	metrics.responsetap.com	static-ssl.responsetap.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	go.hellobenefex.com
1	px.ads.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	script.hotjar.com	static.hotjar.com
1	syndication.twitter.com	platform.twitter.com
1	scout-cdn.salesloft.com	go.hellobenefex.com
1	ws.zoominfo.com	go.hellobenefex.com
1	consent.trustarc.com	www.googletagmanager.com
1	static.hotjar.com	go.hellobenefex.com
1	storage.googleapis.com	go.hellobenefex.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	load.sumome.com	www.googletagmanager.com
1	storage.pardot.com	go.hellobenefex.com
1	img.en25.com	go.hellobenefex.com
1	www.googletagmanager.com	go.hellobenefex.com
1	platform.linkedin.com	go.hellobenefex.com
0	www.benefex.co.uk Failed	go.hellobenefex.com
89	47

This site contains no links.

Subject Issuer	Validity	Valid
go.hellobenefex.com R3	`2022-02-16` - `2022-05-17`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.sumome.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-04-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-13` - `2022-04-13`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
script.infinity-tracking.com Amazon	`2022-01-11` - `2023-02-09`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-16` - `2023-04-14`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.responsetap.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-18` - `2023-02-18`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
api.bufferapp.com DigiCert SHA2 Secure Server CA	`2020-06-24` - `2022-08-16`	2 years	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Frame ID: 5137525976F3F2CF20C61D655F1D8942
Requests: 82 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fgo.hellobenefex.com
Frame ID: 04DCFF4854C8189B438882ABEE329E47
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: C47AEC48BF8FF092AAE305049633587E
Requests: 1 HTTP requests in this frame

Frame: https://moneypennychat.appspot.com/studio/images/png/img-powered-by.png
Frame ID: 0F2C97E01060D9D7C43372028056FE98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benefex

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

SumoMe (Widgets) Expand

Overall confidence: 100%
Detected patterns

load\.sumome\.com

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

93 %
HTTPS

49 %
IPv6

29
Domains

47
Subdomains

41
IPs

7
Countries

1346 kB
Transfer

5872 kB
Size

43
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://go.hellobenefex.com/l/103572/2020-04-16/4wd69v/103572/126191/BenefexLogo_131x57.png HTTP 302
https://storage.pardot.com/103572/126191/Benefex_Logo_AZellisCompany_137x57.png

Request Chain 30

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1878849%2C89384&time=1649234851754&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ%26email_id%3D534680337 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1878849%2C89384&time=1649234851754&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ%26email_id%3D534680337&e_ipv6=AQLJasXtU6tKHQAAAX_-DrhkwknPU3TBaHKihU3XrRxv_uulaHcWJyocTbbihVkw5CpvlMAx_A

Request Chain 51

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=B95C4D98BD74472FBE33ECBFCB847696&RedC=c.clarity.ms&MXFR=30533AF07E086F9A0D662B8E7A0861D5 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=B95C4D98BD74472FBE33ECBFCB847696&MUID=2A14D1523A8B63990D89C02C3B5962D0

Request Chain 83

https://reddit.com/button_info.json?url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&jsonp=jQuery110204617474764316607_1649234852049&_=1649234852050 HTTP 301
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&jsonp=jQuery110204617474764316607_1649234852049&_=1649234852050

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request email-preferences-centre Show response
go.hellobenefex.com/ 21 KB
6 KB 682ms
395ms Document
text/html 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 371b0d64495544fe9dd5f2cf2e3be9f0b4561950a6860360d3d249dfb594d5d6

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Server: PardotServer
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Route: aaac0c4aea543f8d4e69ceff646811f2
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 4978
content-type: text/html; charset=utf-8
date: Wed, 06 Apr 2022 08:47:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma: no-cache
referrer-policy: no-referrer
status: 404 Not Found
vary: Accept-Encoding,User-Agent
x-pardot-rsp: 0/0/1
x-robots-tag: nofollow, noindex

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 30ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 08:47:31 GMT
Content-Encoding: gzip
Age: 1257
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29457
x-tw-cdn: VZ
Last-Modified: Thu, 31 Mar 2022 19:50:29 GMT
Server: ECS (frb/6738)
Etag: "f763893db69b9ff52796c20ddfe2ac52+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 404 secureAnonymousFramework
platform.linkedin.com/js/ 0
0 569ms
356ms Script
text/html 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/js/secureAnonymousFramework?v=0.0.2000-RC8.49682-1428&
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H/1.1 200
OK form.css
go.hellobenefex.com/css/ 31 KB
8 KB 97ms
96ms Stylesheet
text/css 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.hellobenefex.com/css/form.css?ver=2021-09-20
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: gzip
X-Pardot-Route: 07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
last-modified: Tue, 05 Apr 2022 14:27:46 GMT
Server: PardotServer
etag: "7be2-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=63072000
accept-ranges: bytes
content-length: 7660
expires: Fri, 05 Apr 2024 08:47:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
78 KB 55ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KN2KT3

Requested by

Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f409a4041d79ca4f0ab55e7ce4dfe7ef88d18e0dee301fb601181e97c780f4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78894
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Apr 2022 08:47:31 GMT

GET
H/1.1 200
OK livevalidation_standalone.compressed.js Show response
img.en25.com/i/ 13 KB
4 KB 33ms
10ms Script
application/x-javascript 104.92.88.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/livevalidation_standalone.compressed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.92.88.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-88-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 3638
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 14 Jan 2022 15:05:19 GMT
Date: Wed, 06 Apr 2022 08:47:31 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "21101a25589d81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Wed, 06 Apr 2022 08:47:31 GMT

GET
H2

200

Benefex_Logo_AZellisCompany_137x57.png
storage.pardot.com/103572/126191/
Redirect Chain

https://go.hellobenefex.com/l/103572/2020-04-16/4wd69v/103572/126191/BenefexLogo_131x57.png
https://storage.pardot.com/103572/126191/Benefex_Logo_AZellisCompany_137x57.png

6 KB
6 KB

506ms
428ms

Image
image/png

2600:9000:224a:5400:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/103572/126191/Benefex_Logo_AZellisCompany_137x57.png
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: H2
Server: 2600:9000:224a:5400:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f7b3800ad750447170e7c0a9755bbdf298dee753d8b20c284c63b50c000475d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.hellobenefex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
via: 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
last-modified: Mon, 03 Aug 2020 13:32:43 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "c9aa9171041dcbeb790b792207ce749e"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
content-length: 5776
accept-ranges: bytes
x-robots-tag: none
x-amz-version-id: 3SzkXu0jQrBpWmR.OQVUMgnoNVLlUp2b
x-amz-cf-id: dKJQyuqeu4r-PNw0Zna3jgDqEUI9RHJ07LeY9FVuC_1fTzX-4vZ3BQ==

Redirect headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: gzip
X-Pardot-Route: 07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
Server: PardotServer
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
location: https://storage.pardot.com/103572/126191/Benefex_Logo_AZellisCompany_137x57.png
cache-control: max-age=600
x-robots-tag: none
content-length: 150
expires: Wed, 06 Apr 2022 08:57:31 GMT

GET
H/1.1 200
OK required.gif
go.hellobenefex.com/images/ 186 B
560 B 251ms
97ms Image
image/gif 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hellobenefex.com/images/required.gif
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/css/form.css?ver=2021-09-20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 79badf235e92fe69d052a2df85ddd8d5ea24e2378ea8c46d920f51f286a229d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.hellobenefex.com/css/form.css?ver=2021-09-20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
X-Pardot-Route: aaac0c4aea543f8d4e69ceff646811f2
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
last-modified: Tue, 05 Apr 2022 14:27:46 GMT
Server: PardotServer
etag: "ba"
content-type: image/gif
cache-control: max-age=63072000
accept-ranges: bytes
content-length: 186
expires: Fri, 05 Apr 2024 08:47:31 GMT

GET VisbyCF-Regular.woff2
www.benefex.co.uk/fonts/dist/VisbyCF/ 0
0

GET
H/1.1 200
OK widget_iframe.0af76c3310098d2f8f428367b62351b8.html Show response
platform.twitter.com/widgets/ Frame 04DC 319 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fgo.hellobenefex.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 17659
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Wed, 06 Apr 2022 08:47:31 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 31 Mar 2022 19:49:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D3)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 / Show response
load.sumome.com/ 2 KB
2 KB 96ms
22ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2KT3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: GATEW0S355SKPD8F
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:19
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 5tlOleJ/nlKmsXDpaGx366BhbaikceSmEQLZGaxZX22b3vtF//nR1dLLatFCL+Zg3z7FtoNLj7A=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:22:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 6fa8e866e6c51768ec6d9fb89e45dd52
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 108 KB
40 KB 43ms
19ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-MWLRT9B

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2KT3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da5cf14334f4bb2fc0dfd83816baa3af1cc45955ac1c43c20370c37aec872192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40222
x-xss-protection: 0
expires: Wed, 06 Apr 2022 08:47:31 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 52ms
28ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2KT3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

de2f7f8d7b163a0d422d2a426f84db938dbdae1a8fde621b123306a4a12652a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14881
x-xss-protection: 0
server: cafe
etag: 17469320936275902838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 08:47:31 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 77ms
19ms Script
application/x-javascript 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2KT3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 08:47:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Mar 2022 23:45:34 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=54267
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3104

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 62ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D6F4D4DE91448BABBCFA2E7F13E17FC Ref B: FRAEDGE1206 Ref C: 2022-04-06T08:47:31Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 06 Apr 2022 08:47:31 GMT
accept-ranges: bytes
content-length: 11347

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26313
x-xss-protection: 0
pragma: public
x-fb-debug: UcZbw/G//Gm/tBzZEwrdFnIj0qiyr8/oJV2atPOs7bteV15Bi87HXucVngA5sMtAC20DTRwpDjvo3CW9Sb7Eiw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 06 Apr 2022 08:47:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 364df376-b139-4e92-b975-04705305af57.js Show response
storage.googleapis.com/moneypennychat/js/ 533 KB
134 KB 58ms
37ms Script
text/javascript 2a00:1450:4001:802::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/moneypennychat/js/364df376-b139-4e92-b975-04705305af57.js
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e5a8cbb08275919bbc1cfd313899e946f15d6c94ca8eff57f56494b8f93fbe8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdubXg9_npXNuPw16O8Dq4_btYgMpUxjynxUFH5PbhOtA53cgnClXYobQmhxuEK2jkozDk6F-9hpnK1a14PRvDAt65q-4brB
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136969
last-modified: Fri, 25 Mar 2022 15:30:24 GMT
server: UploadServer
etag: "1a399e7a1552667fcaccd56121d3b2b9"
x-goog-hash: crc32c=trl2Ig==, md5=GjmeehVSZn/KzNVhIdOyuQ==
x-goog-generation: 1648222223945436
cache-control: public, max-age=120, no-transform
x-goog-stored-content-length: 136969
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Wed, 06 Apr 2022 08:49:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4361
date: Wed, 06 Apr 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Apr 2022 09:34:50 GMT

GET
H2 200 hotjar-1417247.js Show response
static.hotjar.com/c/ 5 KB
2 KB 37ms
14ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1417247.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-34.fra56.r.cloudfront.net

Software

Resource Hash

eb62b76097fd33bddb3ee0ad549e8306a52b80ad5479b769025b8dc59b75196c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 20
etag: W/bc074e309a3e6f7d3ccb910ddcd0be9e
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: nUmd7MTUokUNKX3EbKw01k9bsld9Bm9yfyDU4i_QkNj3XhkE9tnY1A==
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)

GET
H2 200 uce9cv Show response
consent.trustarc.com/v2/notice/ 38 B
356 B 75ms
45ms Script
text/javascript 108.157.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/v2/notice/uce9cv

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2KT3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-47.dus51.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

e8e894531255c262d9ae0aa6a8ea9466d9b0dad86cf5fdd4d2a7de4b64ce6f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
x-amz-cf-pop: DUS51-P2
vary: Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=ISO-8859-1
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 38
x-amz-cf-id: unmGv8dEIz5eSzXyExApSAoMzuksZl6QkaewlqbMcnZ4wDypMGQydw==

GET
H2 200 rTapTrack.min.js Show response
static-ssl.responsetap.com/static/scripts/ 285 B
745 B 67ms
25ms Script
application/javascript 143.204.98.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-66.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dff8b2645a4475a00ffe4c9606c5adc3d669d288dd42e45e57ab0ed2ce40ec99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:49:40 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Tue, 22 Mar 2022 13:51:18 GMT
server: AmazonS3
age: 21472
etag: "4168ba4c36d8d5b0f7087afe3f194fa0"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache,max-age=0
content-length: 285
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-request-id: 6EZ7W31B34MN993H
x-amz-id-2: 6cM66cs6zZahxmAw1diXDM437a2AvAcnxlT+HVTf7tdr7q2aUFatzYcDe2gyUgeAbGZNn3DcXMs=
x-amz-cf-id: OfSs44bCyLzVirWqcOjXCo8gqI3Cl9x8sgZRue3YiPKxQEOUvRfHDg==

GET
H2 200 GAdmEpmbdWkz744FxPe4 Show response
ws.zoominfo.com/pixel/ 778 B
1008 B 212ms
183ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/GAdmEpmbdWkz744FxPe4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

932ea3b08269cff31a76195fd7e2f31ca0858f6121cdc63c3200592934bc51a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6f79425f4ad423af-ZRH
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via: 1.1 google

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 25ms
7ms Script
application/javascript 23.111.9.64
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://scout-cdn.salesloft.com/sl.js
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.64 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: NetDNA-cache/2.2
x-amz-request-id: EQEDHZ3NV8VWXKQ1
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
x-cache: HIT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
content-type: application/javascript
x-amz-id-2: B7Ul5VvhpLzuw31Ex7s6F9BqmZZSLpNWgvJkxKtnovTPW1epNbnsHMLTfnb4665qBc3RapEQACk=

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 04DC 230 B
445 B 138ms
117ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=955bda47dbca51417c76d2723035c334268c7599

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fgo.hellobenefex.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

5054a54db3ef08ce6320ae9a8d59ca6e4d6f0c66b5cd92a03caccf9d0448040a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 08:47:31 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 78e7de54ddd7c6a19309d52530baf7e300428eac042f54156ebc8b08b5c0f93f
content-length: 164

GET
H2 200 352583858672123 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 109ms
105ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/352583858672123?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28dc047c398815ac96b1b3cbf6415baa2bad0b7a4c9852148264164a9dbeb9d1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: su3/JH4ZlNQLDGwbZ6+StJ4788ogKAdvhcZXX9cINq+/fbSHdfNgz4ue0y9waIqlrVOeUEimxyPrN0ARejLhdw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 06 Apr 2022 08:47:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.9beafb9ca96c2f868fe2.js Show response
script.hotjar.com/ 236 KB
62 KB 46ms
12ms Script
application/javascript 108.157.4.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1417247.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-45.dus51.r.cloudfront.net

Software

Resource Hash

95f2a2d9bf981b3f923cc601270603e88c14767e7e29310eb2d8b6b1407457f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59245
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63051
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 16:20:05 GMT
etag: "74214ff5f7e679f43ba048194d7bf23c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Xtw6H-MSaaXtHrRlX0ExH-vW4y3UhWqOkGHyS8XIZXZ-bH4IYE2NTA==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 23ms
8ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 06 Apr 2022 09:32:27 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058946091/ 2 KB
2 KB 56ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058946091/?random=1649234851732&cv=9&fst=1649234851732&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&tiba=Benefex&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f520254e9ac563764238e9601253c9e901d2a8ebc5a86056bc8ec084547f5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1136
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
406 B 317ms
95ms XHR
application/json 34.192.95.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDI5NTd9.PTP3t21UjkdJJetSyIKhl6Fv_dnNcmYCTSAC8-Ocsm4

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.192.95.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-95-69.compute-1.amazonaws.com

Software

Resource Hash

aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.hellobenefex.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 27d24909be3656e05e3f3050a35b077e

GET
H2 200 5708220.js Show response
bat.bing.com/p/action/ 844 B
842 B 178ms
178ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5708220.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

980ef31d7572a82ab05618c15d294991800d65a973244e952d0b61b5104d5531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2974404152C14294A9A62ADD8F1D98F8 Ref B: FRAEDGE1206 Ref C: 2022-04-06T08:47:31Z
date: Wed, 06 Apr 2022 08:47:31 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
175 B 33ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5708220&Ver=2&mid=599f729c-371b-4f32-b154-852b9d50d0dd&sid=32671f50b58611ec9e9d777769507ae5&vid=32673040b58611ec85a3ddf65a98cd18&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Benefex&p=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&r=&lt=1319&evt=pageLoad&msclkid=N&sv=1&rn=805817

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC20EFD850F74055B4D52ACF91B7C0FB Ref B: FRAEDGE1206 Ref C: 2022-04-06T08:47:31Z
date: Wed, 06 Apr 2022 08:47:31 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1878849%2C89384&time=1649234851754&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1878849%2C89384&time=1649234851754&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b...

0
266 B

222ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1878849%2C89384&time=1649234851754&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ%26email_id%3D534680337&e_ipv6=AQLJasXtU6tKHQAAAX_-DrhkwknPU3TBaHKihU3XrRxv_uulaHcWJyocTbbihVkw5CpvlMAx_A
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: BA7C92E484B74C4CB7AC5B95393DC738 Ref B: FRAEDGE1513 Ref C: 2022-04-06T08:47:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXb+GmETd6YrKkmeJZasA==
x-li-fabric: prod-lor1

Redirect headers

date: Wed, 06 Apr 2022 08:47:31 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: EC2FD6B7B84E4E0DA8D3CD348671668F Ref B: VIEEDGE3313 Ref C: 2022-04-06T08:47:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1878849%2C89384&time=1649234851754&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ%26email_id%3D534680337&e_ipv6=AQLJasXtU6tKHQAAAX_-DrhkwknPU3TBaHKihU3XrRxv_uulaHcWJyocTbbihVkw5CpvlMAx_A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXb+GmAC7PQEtVV1S27lA==

GET
H2 200 72.0a035390359aab65eb82.js Show response
load.sumo.com/ 131 KB
44 KB 73ms
27ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 2XT97DT0C0GXK5KC
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:20
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: dCVi3ofsuXB8MuRfZt/N4Ei6Qxg1IfmVwy7PUtkHubvFxpQxIu7Op+8zccITo/BRb4qNpq/SuJA=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:22:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"a1c4ecc2ca5bc12d61068cd427f9729f"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: d22f18bc0e66d98d85b0ec346a9440f1
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 73.0a035390359aab65eb82.js Show response
load.sumo.com/ 289 KB
100 KB 101ms
55ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:31 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 2XT2994WWMS94BG0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:20
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: +XoJWvvKHD6sZhQMgfdGGNafTQAey9UenDDTRMlIQjNQbqlQB3KaR7KFmKuG+DxMh6OhN6SEoLU=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:22:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ad6f2454f01de902ffd473d51c1207bf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 799f86907d17186cf40a73744e0fb0bb
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 rTapTrack.min.js Show response
static-ssl.responsetap.com/static/scripts/ 21 KB
8 KB 130ms
126ms Script
application/javascript 143.204.98.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js?ref=https%3A%2F%2Fgo.hellobenefex.com
Requested by: Host: static-ssl.responsetap.com
URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-66.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eadb941997fc8c1acdb5f259bbc0000ba1a03f75e2235bd7740edb740c7c9bd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:32 GMT
content-encoding: br
last-modified: Tue, 22 Mar 2022 13:51:18 GMT
server: AmazonS3
x-amz-request-id: VQ30DZ943YCNCCRR
etag: W/"91fe6cd532cea48df20b13c35a8506a4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
cache-control: no-cache,max-age=0
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6U88VseRQO6XfjVzHU_LUcmSzPEpBgMZNy31uLCqHGzk0zUGEYnlSw==
x-amz-id-2: pEKAvFdmuPHTor4UBsOamuPBh/3vDjrVIG2ZKSxVON+7X6BmH2EIDSOBhjQoIcOKaadYGVIc87k=

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame C47A 2 KB
1 KB 56ms
8ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1417247.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 5270125
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Feb 2022 08:52:06 GMT
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
vary: Accept-Encoding
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
x-amz-cf-id: pVpfOQHWN_lu_jSxct0wfB8yaAOkGI_9g4IMHNFj40T1Dkqu4gKyfw==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 img-powered-by.png
moneypennychat.appspot.com/studio/images/png/ 7 KB
7 KB 73ms
11ms Image
image/png 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moneypennychat.appspot.com/studio/images/png/img-powered-by.png
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 671c2dfb4d674a0e57875402bd15e8b1f104d7682742be567a3dcedc8ed21788

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:44:00 GMT
server: Google Frontend
age: 211
etag: "IsqUJw"
content-type: image/png
x-cloud-trace-context: e5842a6b40cdd46cd66edd5cabdb21f6
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7186
expires: Wed, 06 Apr 2022 08:54:00 GMT

GET
H2 200 img-powered-by.png
moneypennychat.appspot.com/studio/images/png/ Frame 0F2C 7 KB
7 KB 74ms
12ms Image
image/png 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moneypennychat.appspot.com/studio/images/png/img-powered-by.png
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 671c2dfb4d674a0e57875402bd15e8b1f104d7682742be567a3dcedc8ed21788

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:44:00 GMT
server: Google Frontend
age: 211
etag: "IsqUJw"
content-type: image/png
x-cloud-trace-context: e5842a6b40cdd46cd66edd5cabdb21f6
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7186
expires: Wed, 06 Apr 2022 08:54:00 GMT

GET
H2 200 ServiceGetConfig Show response
moneypennychat.appspot.com/chatjs/ 159 B
304 B 15ms
11ms Script
text/javascript 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypennychat.appspot.com/chatjs/ServiceGetConfig?w=364df376-b139-4e92-b975-04705305af57

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/moneypennychat/js/364df376-b139-4e92-b975-04705305af57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

cc8455efbde4eeff44140b369a09ee3e1c1a95a4cc7dfb965bb0ddfa13aea218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: Public
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: Google Frontend
age: 20
date: Wed, 06 Apr 2022 08:47:11 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: cfbff0ab19e39c9387dea23b980ba6ab
cache-control: public, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 63ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3401408-4&cid=155081530.1649234852&jid=351678278&gjid=1575768668&_gid=683305077.1649234852&_u=aGDAiEAjRAAAAE~&z=1842442313

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Apr 2022 08:47:31 GMT
content-type: text/plain
access-control-allow-origin: https://go.hellobenefex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=291734882&t=pageview&_s=1&dl=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&ul=en-us&de=UTF-8&dt=Benefex&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjR~&jid=351678278&gjid=1575768668&cid=155081530.1649234852&tid=UA-3401408-4&_gid=683305077.1649234852&gtm=2wg3u0KN2KT3&z=395470729

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 14:17:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66601
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1058946091/ 42 B
548 B 45ms
20ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1058946091/?random=1649234851732&cv=9&fst=1649232000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&tiba=Benefex&async=1&fmt=3&is_vtc=1&random=2365132156&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 08:47:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1058946091/ 42 B
548 B 43ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1058946091/?random=1649234851732&cv=9&fst=1649232000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&tiba=Benefex&async=1&fmt=3&is_vtc=1&random=2365132156&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 08:47:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=352583858672123&ev=PageView&dl=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&rl=&if=false&ts=1649234852004&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1649234852003.1357598490&it=1649234851703&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 06 Apr 2022 08:47:32 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 41ms
32ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3401408-4&cid=155081530.1649234852&jid=351678278&_u=aGDAiEAjRAAAAE~&z=1355396289

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 08:47:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 39ms
31ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3401408-4&cid=155081530.1649234852&jid=351678278&_u=aGDAiEAjRAAAAE~&z=1355396289

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 08:47:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK numberReplacement.json;jsessionid= Show response
metrics.responsetap.com/track/ 43 B
422 B 133ms
36ms Script
application/javascript 185.19.40.106
RTAP100100-RIPE

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/track/numberReplacement.json;jsessionid=?callback=json1&callbackFailure=json2&websiteId=67512&windowLocation=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&noCache=0.26867028887326105
Requested by: Host: static-ssl.responsetap.com
URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js?ref=https%3A%2F%2Fgo.hellobenefex.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.19.40.106 , United Kingdom, ASN61001 (RTAP100100-RIPE, GB),
Reverse DNS: 185-19-40-106.rdns.rtap.net
Software: Apache-Coyote/1.1 /
Resource Hash: bebd42f77601d03feff880ffffad638098868695bf0e61ecc9923d0fff045013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 08:47:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache-Coyote/1.1
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=ISO-8859-1

GET
H2 200 clarity.js Show response
j.clarity.ms/s/0.6.34/ 53 KB
23 KB 302ms
100ms Script
application/javascript 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5708220.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:32 GMT
content-encoding: br
etag: "1d84959b978c254"
last-modified: Wed, 06 Apr 2022 01:57:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
514 B 96ms
95ms XHR
application/json 34.192.95.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.192.95.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-95-69.compute-1.amazonaws.com

Software

Resource Hash

184ab7a951c52dbe1d7d2206e4b8327d105a2127ac14433a50b539a87900eaa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.hellobenefex.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: e8f8a3fdee0df5cdc5e308acfd3afea2

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1417247/ 147 B
323 B 112ms
37ms XHR
application/json 54.74.116.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1417247/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.116.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 06 Apr 2022 08:47:32 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 390ms
96ms Script
application/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: go.hellobenefex.com
URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:32 GMT
content-encoding: gzip
X-Pardot-Route: 8f46b7608980401223b1d0300f1fdf0e
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
last-modified: Tue, 05 Apr 2022 14:27:46 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=63072000
accept-ranges: bytes
content-length: 1950
expires: Fri, 05 Apr 2024 08:47:32 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 951 B
1 KB 509ms
160ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0b2949bf38998f4c0c38065653677cd3c8ad91e8086aab45696e9d5cce1b9eb1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Apr 2022 08:47:32 GMT
vary: Origin, Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.hellobenefex.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 951

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=B95C4D98BD74472FBE33ECBFCB847696&RedC=c.clarity.ms&MXFR=30533AF07E086F9A0D662B8E7A0861D5
https://c.clarity.ms/c.gif?CtsSyncId=B95C4D98BD74472FBE33ECBFCB847696&MUID=2A14D1523A8B63990D89C02C3B5962D0

42 B
368 B

28ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=B95C4D98BD74472FBE33ECBFCB847696&MUID=2A14D1523A8B63990D89C02C3B5962D0
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 08:47:32 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 06 Apr 2022 08:47:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 27F089049DC247B0B4D58DFE3353C9DD Ref B: FRAEDGE1206 Ref C: 2022-04-06T08:47:32Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=B95C4D98BD74472FBE33ECBFCB847696&MUID=2A14D1523A8B63990D89C02C3B5962D0
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
j.clarity.ms/ 0
73 B 194ms
193ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://go.hellobenefex.com
date: Wed, 06 Apr 2022 08:47:32 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 339ms
338ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=225874632&visitor_id_sign=84562ab1f7a6352531ecd978999c23b5f2d249bb6d35ad23a40bd28f7ed05ccda507570b04043c79c3902793c89167898baf9e4d&pi_opt_in=&campaign_id=1057&account_id=104572&title=Benefex&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-6-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

7c0d04e8f2ad39c434a9719479a990d01d0aa1aafba4b09d8d0667dff833fa3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 08:47:32 GMT
content-encoding: gzip
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 552
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 160ms
160ms Preflight 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: POST
Origin: https://go.hellobenefex.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://go.hellobenefex.com
access-control-max-age: 2592000
date: Wed, 06 Apr 2022 08:47:33 GMT
server: nginx

POST
H2 200 services Show response
sumo.com/ 3 KB
1 KB 167ms
167ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8ba42d81bdd50ecf1a86b99282020d29a891703feb1a46ec96801b96f652384d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: RiQDpgmpHpdEqlvjbTFHlArL
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://go.hellobenefex.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK analytics Show response
go.hellobenefex.com/ 50 B
1022 B 209ms
208ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.hellobenefex.com/analytics?conly=true&visitor_id=225874632&visitor_id_sign=84562ab1f7a6352531ecd978999c23b5f2d249bb6d35ad23a40bd28f7ed05ccda507570b04043c79c3902793c89167898baf9e4d&pi_opt_in=&campaign_id=1057&account_id=104572&title=Benefex&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=225874632&visitor_id_sign=84562ab1f7a6352531ecd978999c23b5f2d249bb6d35ad23a40bd28f7ed05ccda507570b04043c79c3902793c89167898baf9e4d&pi_opt_in=&campaign_id=1057&account_id=104572&title=Benefex&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 08:47:33 GMT
X-Pardot-Route: eb06fc631066edc75188604bf4f20e9d
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
x-pardot-rsp: 0/0/1
vary: User-Agent
p3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 50
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 7.0a035390359aab65eb82.js Show response
load.sumo.com/ 97 KB
34 KB 19ms
18ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 7DYXE8BH00579X00
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: wAXIxBbXSDIOR79DARy+4aIIA6S6Tt4BmT9BSZKbGWO/xByZh20vbM+bU06UgSciqHK1kbmLWxk=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:22:30 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"3fa9c18f727d4b42fb894fda90a374e1"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 23785bf9c5cfd1a41cdcdc516e71e42d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 24ms
21ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 7DYVYZXW1WZS6677
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 19aEVmp7dLNwM/1L1r+WY94GmwxZn0XkLd94viHwxJumLVsdM3WPlERZH+C1dJfcQvyy5C5R1M8=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:22:05 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"a39d043b7c7bba70750cf288ee5ef71a"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: ac7b9721ac62a727b02fb36421a46420
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2.0a035390359aab65eb82.js Show response
load.sumo.com/ 3 KB
2 KB 24ms
22ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 7DYHZDNXAERXPJAN
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: NQ3cHWfwJubWdxx8Rd4YCM2hhME/pmoqqWA5EPbOy/sNYR/oLTe/b3U1C5Rqow5e5wHBmRfgQDg=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:48 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6bfdf1ae8492f107706ac037915be663"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 6a25844b70001151ff8dac18edeab2b8
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.0a035390359aab65eb82.js Show response
load.sumo.com/ 11 KB
5 KB 25ms
22ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 7DYPDQRG468TN8TQ
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: vTl/O7NxKeYNAo34wBPEaVRcGTtT2ilFAiLKLR17QdhjmAz9onYXwsmWnSYgXhmjR+BUrp4gpO4=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:34 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"fc263e7087822a0b00ff93677d6df4ea"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 6f8d5e039c49a806e60d856214dc8e3b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.0a035390359aab65eb82.js Show response
load.sumo.com/ 92 KB
25 KB 27ms
25ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 7DYTRJG0VEXB5FKV
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: kUYBmyXOKL4f13PsnIlweF9QeY9UF72hlXxRE4Ld0pp6A0gbTK21M/QgZTm+VWFcvuFhdTDnCiw=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:50 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"8af82c4c30a069f66de02526c2f332af"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e96bb480697216b993fa7aee34e34efc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 23.0a035390359aab65eb82.js Show response
load.sumo.com/ 329 KB
94 KB 29ms
27ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 7DYQWW7NDCH126AR
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: yWzzJ2K6QYXrvzHOY6EtdCeZ7zP0JKwZ3j9GXB8raZ8nXteXIInZ+LvoX+c0l4l+TO88Hc919ew=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"be0b945be6cafa91f6fd4efdfc8268f8"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 1b1da5594f4740d7ecce9ff528257db3
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.0a035390359aab65eb82.js Show response
load.sumo.com/ 179 KB
51 KB 24ms
23ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 7DYYAC1D60VRVNQ9
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: B1D9xoprVVvp2s4JHbypf21X8JpkbZw/cKi3aZeuT/rVdN0gQRZ4nEFh0gUJ69og2mnbH+RM0iE=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:50 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"beda094dfc3b530efd0d2d83c5a0280c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: d85f110581bd8c784a29037ceebf9c98
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 64.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 KB
1 KB 35ms
34ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 7DYG7FMKFZ17T0MH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: OhVh2mhEeydNqsCmX4fghh7Jg3Fc7b49cV6lMZgUWMKTQyC7RDNuKy1i5YyxTV874cLev5rtBHM=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:22:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"d200986501135078d1fbd7f480e7bb08"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 162c500b287f33e61d229304258686bc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 19ms
18ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 3QT1RRVVAHN62DCV
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: s87ZhTmlzAihXnT1vKOqJDaz0UTkQGMGhuH7hm9c2oSVzPW0WRQkdqajtvWDW5zPz2BCjOK43b4=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"31baf056af3800bbd6e4f9e8b445d052"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: a0c68af61187d0b479f871eb874519c6
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 96.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 MB
80 KB 19ms
19ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 3QTB7FHQJW72W75G
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: hEwFEVNCoMxrBbK5odZr9TLzmfc5GLX02rjCiy7USKeT1CtjJWVrqdsLET532wtwUQXmdkH/mWA=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:22:52 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"f33273f5c8e8dd3d010a11b209891b91"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: bfeae21e36cae093c559599bd7af180b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 97.0a035390359aab65eb82.js Show response
load.sumo.com/ 221 B
993 B 22ms
22ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: 3QT0YKJMXCC8Q8JN
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 3YMsjhD1bRSHlHYg3EUPk5l75TQsIUGAScsbqp+x/0/7F7lIoqfibIhUSkmZkOSWQ3VgoXQo/Gw=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:22:53 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"857476cf6e94c14c223d4481353b4c19"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: a6e69c32d62efccc158c82e99a41393d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 KB
2 KB 27ms
26ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/1.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: RTCCVRNX9MR58BSW
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: lRYpnf7BhKANC1dYTIWuTtXuIkJ8Yklyu/eCFIW/sZLMaYcD9Dcotk6FuVv19Y1UXtGcXREAaxE=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:34 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"f9b0aedd5a94b36e30a06214fcc0644f"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 89d321bcf80c638b4fe6762a912786b8
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 3.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
2 KB 35ms
34ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/3.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: 9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: RTC853R38KG6QAG7
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 8FzhxIlM0+4ftxOsW7DiDAoqb3P1/7fES0xbRLst+JBO2sMDAncNA+EohVT71lxVDF3XzrvXgHE=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"2e9797cb3f2d07795148e1bd54b404a0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 3bcba6a7789808657fb4018d24bdd5e7
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.0a035390359aab65eb82.js Show response
load.sumo.com/ 438 KB
129 KB 27ms
27ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/11.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: RTC3VP4QRKSX3V0C
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 5lmzkwz2wrlt1NgINPMfJVW4mK4KR8+niGGC4PP3K6505TGuFFNRsRNCAxdtrSmD+G7DRWKvphg=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:41 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"4624ceb9029a934a36424d836cf4cc37"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 5e1c1cbaad12b418d88b3977d5368a59
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 15.0a035390359aab65eb82.js Show response
load.sumo.com/ 711 KB
53 KB 32ms
32ms Script
text/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/15.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 /
Resource Hash: e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
cdn-edgestorageid: 887
x-amz-request-id: RTCCTZAHYXB80DP1
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 13:04:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: JZm2YrgemlmncGKAl1sKZjigLg57/7U1sU331kPAAH9dtIgt2+vHGOFfIx7ID2+k6MLXt+EKSTI=
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 18:21:44 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6e9c6264954bf1f04a63db8a9fd0f653"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: c475ace57a145dcc23cee3750edb76eb
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=352583858672123&ev=Microdata&dl=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&rl=&if=false&ts=1649234853524&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Benefex%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1649234852003.1357598490&it=1649234851703&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 06 Apr 2022 08:47:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 31 KB
2 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc3eefe6b1857505fcff69054bb2c7381a95448d621179e0df280cc3859413c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 08:43:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 08:47:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 08:47:33 GMT

GET
H2 200 features Show response
sumo.com/api/site/e037cefc7980cde0b1e125a35d4ba7af41e38c021393e334303be3681a0e45d2/ 3 KB
1 KB 172ms
171ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/e037cefc7980cde0b1e125a35d4ba7af41e38c021393e334303be3681a0e45d2/features?site_id=e037cefc7980cde0b1e125a35d4ba7af41e38c021393e334303be3681a0e45d2

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fa4cf15573934177ab93dc306116372c05316ec80a6fd1e43fb73ce7b578cfe4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
X-Sumo-Auth: RiQDpgmpHpdEqlvjbTFHlArL

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx
etag: "1141492075"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.hellobenefex.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/e037cefc7980cde0b1e125a35d4ba7af41e38c021393e334303be3681a0e45d2/ Frame 0
0 165ms
165ms Preflight 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/e037cefc7980cde0b1e125a35d4ba7af41e38c021393e334303be3681a0e45d2/features?site_id=e037cefc7980cde0b1e125a35d4ba7af41e38c021393e334303be3681a0e45d2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://go.hellobenefex.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://go.hellobenefex.com
access-control-max-age: 2592000
date: Wed, 06 Apr 2022 08:47:33 GMT
server: nginx

OPTIONS
H2 404 rpc
clients6.google.com/ Frame 0
0 55ms
7ms Preflight
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://go.hellobenefex.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1564
content-type: text/html; charset=UTF-8
date: Wed, 06 Apr 2022 08:47:33 GMT
referrer-policy: no-referrer

GET
H3 200 css
fonts.googleapis.com/ 31 KB
1 KB 31ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc3eefe6b1857505fcff69054bb2c7381a95448d621179e0df280cc3859413c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 08:43:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 08:47:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 08:47:33 GMT

GET
H2 200 shares.json Show response
api.bufferapp.com/1/links/ 128 B
441 B 522ms
476ms Script
text/javascript 104.16.139.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bufferapp.com/1/links/shares.json?url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&callback=jQuery110204617474764316607_1649234852041&_=1649234852042

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.139.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2349589dc0bb00a403ff0da46afa2c96ca444c9a9f5ddbd89cd32e4c56881741

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=43200
cf-ray: 6f79426b9a1599ab-CDG
etag: W/"80-DRfOasau6cN0WGuh9GVdYG2pW5M"
expires: Wed, 06 Apr 2022 20:47:34 GMT

GET
H2 200 / Show response
graph.facebook.com/ 251 B
665 B 70ms
46ms Script
text/javascript 2a03:2880:f02d:110:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&callback=jQuery110204617474764316607_1649234852043&_=1649234852044

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5926a64ab8d027c33d8a71fc780fc302304ce94c776022be864e66bdd9c11ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1005306368
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 8/lhWyIY3MdtNKng0jltT1hLRUNwMSXYwPepS83yT/B3Or5VHUkr2lnAN5cYgpGWXb5ZnioIVqWv0E7dUzdamA==
x-fb-trace-id: BXMwBtofXvU
date: Wed, 06 Apr 2022 08:47:33 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AFzEhs7Pos-O2D0hky90hCr
cache-control: no-store
facebook-api-version: v6.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 559 B
726 B 68ms
42ms Script
text/javascript 2a03:2880:f02d:110:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&format=json&callback=jQuery110204617474764316607_1649234852045&_=1649234852046

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f98db779dfbf914c18173a9806d9c5c65cea235843d7538b4dff44c6146337db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: dMDLpw1gBm3WkcVX7NLu0YDxyO9SemNGXiGT5mBAy7umyymDjZ7kGyT/fN6F7vL4ZCvq1k4FnizBnAsbUe05kQ==
content-encoding: br
vary: Accept-Encoding
x-fb-trace-id: G8PYQCa74l8
date: Wed, 06 Apr 2022 08:47:33 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: ACD3xGUhFLY8JLtx322I_Zu
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1005306648
facebook-api-version: v6.0
content-length: 364
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST rpc
clients6.google.com/ 0
0

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 258 B
448 B 130ms
104ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery110204617474764316607_1649234852047&source=6&url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&_=1649234852048

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2aafa94c04159bddff12e0b5c6d9e4d2dbd92eb1568d8009b063ad7ca15ac3f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 3
accept-ranges: none
x-pinterest-rid: 1803059637578235
expires: Wed, 06 Apr 2022 09:02:33 GMT

GET
H2

200

button_info.json Show response
www.reddit.com/
Redirect Chain

https://reddit.com/button_info.json?url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D53468033...
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D5346...

167 B
526 B

124ms
116ms

Script
application/javascript

151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/button_info.json?url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&jsonp=jQuery110204617474764316607_1649234852049&_=1649234852050

Protocol

Server

151.101.193.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

7a017254fe3b8314eb9d8e38989387fde999a1c6d39dc11d028ca50efa26b0e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ratelimit-used: 1
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 167
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
date: Wed, 06 Apr 2022 08:47:33 GMT
x-ratelimit-remaining: 299
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: max-age=0, must-revalidate
x-ratelimit-reset: 147
accept-ranges: bytes

Redirect headers

date: Wed, 06 Apr 2022 08:47:33 GMT
via: 1.1 varnish
x-content-type-options: nosniff
server: snooserv
x-frame-options: SAMEORIGIN
location: https://www.reddit.com/button_info.json?url=https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ&jsonp=jQuery110204617474764316607_1649234852049&_=1649234852050
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
retry-after: 0

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
235 B 165ms
165ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
vary: Origin, Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.hellobenefex.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
235 B 161ms
161ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Apr 2022 08:47:33 GMT
vary: Origin, Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.hellobenefex.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 900ms
520ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://go.hellobenefex.com
date: Wed, 06 Apr 2022 08:47:34 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
235 B 164ms
164ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Apr 2022 08:47:34 GMT
vary: Origin, Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.hellobenefex.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.benefex.co.uk
URL: https://www.benefex.co.uk/fonts/dist/VisbyCF/VisbyCF-Regular.woff2

Domain: clients6.google.com
URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
metrics.responsetap.com/track	1969-12-31 23:59:59	Name: JSESSIONID Value: 5A8FE8BC0E15BB4093534526FBB17CC8.numrep12
go.hellobenefex.com/	1970-01-23 17:43:14	Name: visitor_id103572 Value: 225874632
go.hellobenefex.com/	1970-01-23 17:43:14	Name: visitor_id103572-hash Value: 84562ab1f7a6352531ecd978999c23b5f2d249bb6d35ad23a40bd28f7ed05ccda507570b04043c79c3902793c89167898baf9e4d
.hellobenefex.com/	1970-01-20 04:16:50	Name: _gcl_au Value: 1.1.1555381180.1649234852
.bing.com/	1970-01-20 11:28:50	Name: MUID Value: 2A14D1523A8B63990D89C02C3B5962D0
.hellobenefex.com/	1970-01-20 19:38:26	Name: _ga Value: GA1.2.155081530.1649234852
.hellobenefex.com/	1970-01-20 02:08:41	Name: _gid Value: GA1.2.683305077.1649234852
.hellobenefex.com/	1970-01-20 02:08:41	Name: _uetsid Value: 32671f50b58611ec9e9d777769507ae5
.hellobenefex.com/	1970-01-20 11:28:50	Name: _uetvid Value: 32673040b58611ec85a3ddf65a98cd18
.doubleclick.net/	1970-01-20 02:07:15	Name: test_cookie Value: CheckForPermission
.hellobenefex.com/	1970-01-20 02:07:22	Name: MoneypennyRef Value: https%3A%2F%2Fgo.hellobenefex.com%2Femail-preferences-centre%3Fehash%3D57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e%26email_id%3D534680337%26epc_hash%3D11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ%20
.hellobenefex.com/	1970-01-20 10:52:50	Name: MoneypennyHistory Value: 1#
.hellobenefex.com/	1970-01-20 10:52:50	Name: MoneypennyUserAlias Value: %23
.hellobenefex.com/	1969-12-31 23:59:59	Name: MoneypennyVisit Value: 1#1649234852
.ws.zoominfo.com/	1970-01-20 10:52:50	Name: visitorId Value: a1f9e29fc3768f0012bfef5266d14015d9695bce5dfb778feeb7ec539239dfe3
.hellobenefex.com/	1970-01-20 02:07:14	Name: _dc_gtm_UA-3401408-4 Value: 1
.hellobenefex.com/	1970-01-20 04:16:50	Name: _fbp Value: fb.1.1649234852003.1357598490
.facebook.com/	1970-01-20 04:16:50	Name: fr Value: 0lEC4D8of2xFljPCZ..BiTVOk...1.0.BiTVOk.
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:39:08	Name: bcookie Value: "v=2&658b23b3-e02b-474f-89be-d595f2b69720"
.linkedin.com/	1970-01-20 19:37:54	Name: li_gc Value: MTswOzE2NDkyMzQ4NTE7MjswMjFMwrm6cZCwATLWd6WBqzJKnFs84bVlstA9aDZudF7ttg==
.linkedin.com/	1970-01-20 02:08:41	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2595:u=1:x=1:i=1649234851:t=1649321251:v=2:sig=AQFaSyOgFPP6KsbWHIA0ghdg9DNdolwH"
go.hellobenefex.com/	1970-01-20 02:50:26	Name: __smVID Value: 4c69d2fd3d13be0e1e39dade41dff4c560d50e7e0cbe0c5b2aa7588d281b121c
go.hellobenefex.com/	1970-01-20 02:17:19	Name: slireg Value: https://scout.us2.salesloft.com
.hellobenefex.com/	1970-01-20 10:52:50	Name: _hjSessionUser_1417247 Value: eyJpZCI6ImFkMThjNWNlLTU1MWEtNWFiNC04ZTEzLTA1ZDFhMzMyYzE2YiIsImNyZWF0ZWQiOjE2NDkyMzQ4NTE5NTQsImV4aXN0aW5nIjpmYWxzZX0=
.hellobenefex.com/	1970-01-20 02:07:16	Name: _hjFirstSeen Value: 1
go.hellobenefex.com/	1970-01-20 02:07:14	Name: _hjIncludedInPageviewSample Value: 1
.hellobenefex.com/	1970-01-20 02:07:16	Name: _hjSession_1417247 Value: eyJpZCI6IjJmZjRlNzdjLTFiN2ItNDcyYy05NjI3LWY0NzQ2YzQ5MTVjNSIsImNyZWF0ZWQiOjE2NDkyMzQ4NTIwODgsImluU2FtcGxlIjp0cnVlfQ==
.hellobenefex.com/	1970-01-20 02:07:16	Name: _hjAbsoluteSessionInProgress Value: 0
.go.hellobenefex.com/	1970-01-20 02:07:15	Name: adiErr Value: trackingErr
go.hellobenefex.com/	1970-01-20 10:52:50	Name: sliguid Value: f52d5c7d-6ed4-4909-a9e4-c2361445ee8f
go.hellobenefex.com/	1970-01-20 10:52:50	Name: slirequested Value: true
.hellobenefex.com/	1970-01-20 10:52:50	Name: _clck Value: 1pkoem\|1\|f0e\|0
.c.bing.com/	1970-01-20 11:28:50	Name: SRM_B Value: 2A14D1523A8B63990D89C02C3B5962D0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:28:50	Name: MUID Value: 2A14D1523A8B63990D89C02C3B5962D0
.c.clarity.ms/	1970-01-20 02:07:15	Name: ANONCHK Value: 0
.hellobenefex.com/	1970-01-20 02:08:41	Name: _clsk Value: 1dr3yj9\|1649234852780\|1\|1\|j.clarity.ms/collect
go.hellobenefex.com/	1970-01-20 10:52:50	Name: __smToken Value: RiQDpgmpHpdEqlvjbTFHlArL
.pardot.com/	1970-01-23 17:43:14	Name: visitor_id103572 Value: 225874632
.pardot.com/	1970-01-23 17:43:14	Name: visitor_id103572-hash Value: 84562ab1f7a6352531ecd978999c23b5f2d249bb6d35ad23a40bd28f7ed05ccda507570b04043c79c3902793c89167898baf9e4d
pi.pardot.com/	1970-01-20 02:07:16	Name: lpv103572 Value: aHR0cHM6Ly9nby5oZWxsb2JlbmVmZXguY29tL2VtYWlsLXByZWZlcmVuY2VzLWNlbnRyZT9laGFzaD01N2VkMWE3YTc4NDkxMjc0MDNkNjhlMWQ3ODQ2YzU0N2I4Yjk0MDlmNTk0Y2UyNTZkYTU4ZDQ1M2NiN2VhZDJlJmVtYWlsX2lkPTUzNDY4MDMzNyZlcGNfaGFzaD0xMURkVlh6bVJOc0FVRVBMQmxFa0RBZGlOZWFjVkVnS3RMaVhNNXhPNFZR
.reddit.com/	1970-01-20 19:38:26	Name: csv Value: 2

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://platform.linkedin.com/js/secureAnonymousFramework?v=0.0.2000-RC8.49682-1428& Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ Message: Access to font at 'https://www.benefex.co.uk/fonts/dist/VisbyCF/VisbyCF-Regular.woff2' from origin 'https://go.hellobenefex.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.benefex.co.uk/fonts/dist/VisbyCF/VisbyCF-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://go.hellobenefex.com/email-preferences-centre?ehash=57ed1a7a7849127403d68e1d7846c547b8b9409f594ce256da58d453cb7ead2e&email_id=534680337&epc_hash=11DdVXzmRNsAUEPLBlEkDAdiNeacVEgKtLiXM5xO4VQ Message: Access to XMLHttpRequest at 'https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ' from origin 'https://go.hellobenefex.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bufferapp.com
api.facebook.com
bat.bing.com
c.bing.com
c.clarity.ms
clients6.google.com
connect.facebook.net
consent.trustarc.com
fonts.googleapis.com
go.hellobenefex.com
googleads.g.doubleclick.net
graph.facebook.com
img.en25.com
in.hotjar.com
j.clarity.ms
load.sumo.com
load.sumome.com
metrics.responsetap.com
moneypennychat.appspot.com
pi.pardot.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
reddit.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
snap.licdn.com
static-ssl.responsetap.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
storage.pardot.com
sumo.com
syndication.twitter.com
vars.hotjar.com
widgets.pinterest.com
ws.zoominfo.com
www.benefex.co.uk
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.reddit.com
clients6.google.com
www.benefex.co.uk
104.16.139.31
104.244.42.136
104.92.88.226
108.157.4.45
108.157.4.47
13.107.42.14
142.250.185.226
143.204.98.123
143.204.98.66
151.101.128.84
151.101.193.140
18.232.28.189
185.152.64.17
185.19.40.106
20.85.30.134
23.111.9.64
2600:9000:224a:5400:d:7e9b:1200:93a1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:650c
2620:1ec:22::14
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:802::2010
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2014
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c0b::9d
2a02:26f0:f7::5c7b:e024
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f12d:181:face:b00c:0:25de
34.192.95.69
52.142.114.2
52.34.133.113
54.74.116.255
65.9.66.34
0b2949bf38998f4c0c38065653677cd3c8ad91e8086aab45696e9d5cce1b9eb1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
184ab7a951c52dbe1d7d2206e4b8327d105a2127ac14433a50b539a87900eaa2
2349589dc0bb00a403ff0da46afa2c96ca444c9a9f5ddbd89cd32e4c56881741
28dc047c398815ac96b1b3cbf6415baa2bad0b7a4c9852148264164a9dbeb9d1
2aafa94c04159bddff12e0b5c6d9e4d2dbd92eb1568d8009b063ad7ca15ac3f6
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
371b0d64495544fe9dd5f2cf2e3be9f0b4561950a6860360d3d249dfb594d5d6
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4f7b3800ad750447170e7c0a9755bbdf298dee753d8b20c284c63b50c000475d
5054a54db3ef08ce6320ae9a8d59ca6e4d6f0c66b5cd92a03caccf9d0448040a
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
5926a64ab8d027c33d8a71fc780fc302304ce94c776022be864e66bdd9c11ff8
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
671c2dfb4d674a0e57875402bd15e8b1f104d7682742be567a3dcedc8ed21788
6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
79badf235e92fe69d052a2df85ddd8d5ea24e2378ea8c46d920f51f286a229d8
7a017254fe3b8314eb9d8e38989387fde999a1c6d39dc11d028ca50efa26b0e2
7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6
7c0d04e8f2ad39c434a9719479a990d01d0aa1aafba4b09d8d0667dff833fa3c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8ba42d81bdd50ecf1a86b99282020d29a891703feb1a46ec96801b96f652384d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
932ea3b08269cff31a76195fd7e2f31ca0858f6121cdc63c3200592934bc51a6
95f2a2d9bf981b3f923cc601270603e88c14767e7e29310eb2d8b6b1407457f1
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
980ef31d7572a82ab05618c15d294991800d65a973244e952d0b61b5104d5531
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a
aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
bebd42f77601d03feff880ffffad638098868695bf0e61ecc9923d0fff045013
c0f520254e9ac563764238e9601253c9e901d2a8ebc5a86056bc8ec084547f5e
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cc8455efbde4eeff44140b369a09ee3e1c1a95a4cc7dfb965bb0ddfa13aea218
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
da5cf14334f4bb2fc0dfd83816baa3af1cc45955ac1c43c20370c37aec872192
da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b
dc3eefe6b1857505fcff69054bb2c7381a95448d621179e0df280cc3859413c6
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
de2f7f8d7b163a0d422d2a426f84db938dbdae1a8fde621b123306a4a12652a6
dff8b2645a4475a00ffe4c9606c5adc3d669d288dd42e45e57ab0ed2ce40ec99
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a8cbb08275919bbc1cfd313899e946f15d6c94ca8eff57f56494b8f93fbe8b
e8e894531255c262d9ae0aa6a8ea9466d9b0dad86cf5fdd4d2a7de4b64ce6f15
eadb941997fc8c1acdb5f259bbc0000ba1a03f75e2235bd7740edb740c7c9bd7
eb62b76097fd33bddb3ee0ad549e8306a52b80ad5479b769025b8dc59b75196c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c
f409a4041d79ca4f0ab55e7ce4dfe7ef88d18e0dee301fb601181e97c780f4ee
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f98db779dfbf914c18173a9806d9c5c65cea235843d7538b4dff44c6146337db
fa4cf15573934177ab93dc306116372c05316ec80a6fd1e43fb73ce7b578cfe4
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

go.hellobenefex.com Open in urlscan Pro 18.232.28.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

93 %HTTPS

49 %IPv6

29 Domains

47 Subdomains

41 IPs

7 Countries

1346 kBTransfer

5872 kBSize

43 Cookies

0 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.hellobenefex.com Open in urlscan Pro
18.232.28.189 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

93 %
HTTPS

49 %
IPv6

29
Domains

47
Subdomains

41
IPs

7
Countries

1346 kB
Transfer

5872 kB
Size

43
Cookies

89 HTTP transactions
0 data transactions