urlscan.io logo urlscan.io
SecurityTrails logo

www.rethinkbenefits.com Open in urlscan Pro
2620:1ec:48::44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rethinkbenefits.com/
Effective URL: https://www.rethinkbenefits.com/eb/
Submission: On November 14 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 44 HTTP transactions. The main IP is 2620:1ec:48::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.rethinkbenefits.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 5th 2021. Valid for: a year.
This is the only time www.rethinkbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.107.213.67 8068 (MICROSOFT...)
1 25 2620:1ec:48::44 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 206.189.187.108 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 206.189.191.180 14061 (DIGITALOC...)
3 35.174.78.146 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:2800:133... 15133 (EDGECAST)
44 14
1    13.107.213.67 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rethinkbenefits.com
25    2620:1ec:48::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.rethinkbenefits.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    206.189.187.108 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn103.acsbapp.com
acsbapp.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    206.189.191.180 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn102.acsbapp.com
cdn.acsbapp.com
3    35.174.78.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com
pi.pardot.com
go.rethinkfirst.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
rethink-cdn-edu.azureedge.net
Domain Requested by
25 www.rethinkbenefits.com 1 redirects www.rethinkbenefits.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pi.pardot.com www.rethinkbenefits.com
pi.pardot.com
2 cdn.acsbapp.com acsbapp.com
2 acsbapp.com 1 redirects www.rethinkbenefits.com
1 rethink-cdn-edu.azureedge.net www.rethinkbenefits.com
1 go.rethinkfirst.com pi.pardot.com
1 track.hubspot.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-scripts.com www.rethinkbenefits.com
1 www.googletagmanager.com www.rethinkbenefits.com
1 fonts.googleapis.com www.rethinkbenefits.com
1 rethinkbenefits.com 1 redirects
44 15

This site contains links to these domains. Also see Links.

Domain
www.whil.com
www.rethinkfirst.com
www.google.com
accessibe.com
Subject Issuer Validity Valid
www.rethinkbenefits.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-05 -
2022-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.acsbapp.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-23 -
2022-10-05		 a year crt.sh
pi.pardot.com
DigiCert SHA2 Secure Server CA		 2020-12-05 -
2021-12-04		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
go.rethinkfirst.com
R3		 2021-09-24 -
2021-12-23		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.rethinkbenefits.com/eb/
Frame ID: 0FBD0CD84DAFA2534346418845E5EE06
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rethink Benefits

Page URL History Show full URLs

  1. http://rethinkbenefits.com/ HTTP 301
    https://www.rethinkbenefits.com/ HTTP 302
    https://www.rethinkbenefits.com/eb/ Page URL

Page Statistics

44
Requests

98 %
HTTPS

71 %
IPv6

13
Domains

15
Subdomains

14
IPs

2
Countries

1380 kB
Transfer

3695 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rethinkbenefits.com/ HTTP 301
    https://www.rethinkbenefits.com/ HTTP 302
    https://www.rethinkbenefits.com/eb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://acsbapp.com/apps/app/assets/js/acsb.js HTTP 301
  • https://acsbapp.com/apps/app/dist/js/app.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rethinkbenefits.com/eb/
Redirect Chain
  • http://rethinkbenefits.com/
  • https://www.rethinkbenefits.com/
  • https://www.rethinkbenefits.com/eb/
57 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2a0de9f156b5d4bd033c538442fbaed0ace3f13495f9c1f9dda988fc259bfb29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-length
18095
content-type
text/html; charset=UTF-8
content-encoding
gzip
vary
Accept-Encoding
x-powered-by
strict-transport-security
max-age=31536000;includeSubDomains;
x-content-type-options
nosniff
link
<https://www.rethinkbenefits.com/eb/wp-json/>; rel="https://api.w.org/" <https://www.rethinkbenefits.com/eb/wp-json/wp/v2/pages/3731>; rel="alternate"; type="application/json" <https://www.rethinkbenefits.com/eb/>; rel=shortlink
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
x-azure-ref
0BQORYQAAAAA3Z9dA6TWwQbQlsy9V+WYBTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
date
Sun, 14 Nov 2021 12:37:25 GMT

Redirect headers

cache-control
private
content-length
121
content-type
text/html; charset=utf-8
location
/eb/
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
access-control-expose-headers
Request-Context
access-control-allow-origin
*
backend-pool
East
strict-transport-security
max-age=31536000;includeSubDomains;
x-frame-options
SAMEORIGIN
x-xssprotection
1; mode=block
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-azure-ref
0BQORYQAAAAAMuaRzXECmQ59PJpUZjBI6TE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
date
Sun, 14 Nov 2021 12:37:24 GMT
style.min.css
www.rethinkbenefits.com/eb/wp-includes/css/dist/block-library/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-includes/css/dist/block-library/style.min.css?ver=5.7.4
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:25 GMT
content-encoding
gzip
last-modified
Sat, 26 Jun 2021 01:12:28 GMT
x-frame-options
SAMEORIGIN
etag
"d25b8e54286ad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/css
access-control-allow-origin
*
x-azure-ref
0BgORYQAAAAAlSe+8OnOiRq2/o7vpM4gBTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
11934
css
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Alike%3Aregular%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic&ver=2.3.5
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33f4664bbf94cc1c4524b3469ba4c25aeb1bab2636ffc061adfc1ffedc4dafde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 12:37:26 GMT
server
ESF
date
Sun, 14 Nov 2021 12:37:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Nov 2021 12:37:26 GMT
style.css
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/ 		488 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/style.css?ver=1950071011
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d4102bbe4cbf20ecf50ed31f75606465a4576ef2c0765fbf6e5d0d1a2a5084c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:33:35 GMT
x-frame-options
SAMEORIGIN
etag
"e1116923f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/css
access-control-allow-origin
*
x-azure-ref
0BgORYQAAAAB9x+P+7Ea7TJ3GMI270ZevTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
style-custom.css
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/ 		213 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/style-custom.css?ver=1794119835
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a5e3d92515571781e7a0cde874ec6b137ae496da4d29a4361fe1d35629e199c5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 10:49:00 GMT
x-frame-options
SAMEORIGIN
etag
"9a80b86b32c7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/css
access-control-allow-origin
*
x-azure-ref
0BgORYQAAAAAMxYTjqwI4QbC51oEu2szCTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
33257
style.css
www.rethinkbenefits.com/eb/wp-content/themes/uncode-child/ 		184 B
441 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-content/themes/uncode-child/style.css?ver=1950071011
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7b999ad5a53f20d5432a997640c8e6466a4f8fbd4d754b91e0fd102f5a5301b2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Fri, 05 Jun 2020 02:09:41 GMT
x-frame-options
SAMEORIGIN
etag
"49d1c55fde3ad61:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/css
access-control-allow-origin
*
x-azure-ref
0BgORYQAAAAAGeunwk8eAQLNzQH3EKvzLTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
249
uncode-icons.css
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/uncode-icons.css?ver=1794119835
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8cc76357bd40603ec5e4006a86598180f96ebd603aa32682e6f8da895e02fab2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:33:35 GMT
x-frame-options
SAMEORIGIN
etag
"79e26c23f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/css
access-control-allow-origin
*
x-azure-ref
0BgORYQAAAAAxeFesaNnER4txI0ljQ/xWTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
14208
jquery.min.js
www.rethinkbenefits.com/eb/wp-includes/js/jquery/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:38:08 GMT
x-frame-options
SAMEORIGIN
etag
"c75efac5f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BgORYQAAAAAhp9rRS0xTRYbfAPTa4ixYTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
39745
jquery-migrate.min.js
www.rethinkbenefits.com/eb/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:38:08 GMT
x-frame-options
SAMEORIGIN
etag
"4bd2e8c5f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BgORYQAAAAAtDRXY54t6S5F0nQ9UR2VsTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
4994
init.js
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/ 		167 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/init.js?ver=1794119835
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2d5f7f551cca52ad439af9e3f54b7103ad31587084ad121361d8e319210b9f5d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:33:40 GMT
x-frame-options
SAMEORIGIN
etag
"af8e3026f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BgORYQAAAABH83Na+Mb+QYK/kLVnkGbJTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
50229
Rethink-Benefits-.svg
www.rethinkbenefits.com/eb/wp-content/uploads/2019/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkbenefits.com/eb/wp-content/uploads/2019/12/Rethink-Benefits-.svg
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e0d9d3c9034dde0af57d0b444fa033f9223ce92dbe904ce0236cbcec842bbb04
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
last-modified
Fri, 05 Jun 2020 02:10:25 GMT
etag
"21d9d879de3ad61:0"
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAACXD6P36p1pTLM9DcvyC4AGTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
7899
Hitrust-1.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/Hitrust-1.png
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8cea5efbe16230f5a4726ea5d2172c4c8d38a080dba3a4e105d07f3d77af6748
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
last-modified
Fri, 05 Jun 2020 02:10:42 GMT
etag
"a0e6b883de3ad61:0"
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
content-type
image/png
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAABVaGLb42KoSavJePlRnjPDTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
49696
hipaa.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/hipaa.png
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1d048e58fc4c11acd0d6814e6514b4253b25dae91b51093501c297408f2ddff2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
last-modified
Fri, 05 Jun 2020 02:10:41 GMT
etag
"3ec27383de3ad61:0"
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
content-type
image/png
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAABU65aHs7euTIm5ptgkqFWMTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
41338
cobit-1.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/cobit-1.png
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68e86b7f45d9e6f39ec522458a4d0973c25745485188bad6d680e70b953a9bec
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
last-modified
Fri, 05 Jun 2020 02:10:32 GMT
etag
"2011d37dde3ad61:0"
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
content-type
image/png
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAACgH91Y7xPbQaxhzzQfHr/TTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
42135
ISO.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ISO.png
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d3acae6258d603740a17dbff03bec2004d36814f15082958c84a544d43e33b4d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
last-modified
Fri, 05 Jun 2020 02:10:54 GMT
etag
"70ce128bde3ad61:0"
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
content-type
image/png
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAAAWsid1vpfeR5s7kxSz1pacTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
58219
ncsp.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ncsp.png
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8b9b7ad3b5c3fe6eb502079f3b955b165622b807d03ffcf954bd28e8e8a4cee0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
last-modified
Fri, 05 Jun 2020 02:11:00 GMT
etag
"6066668ede3ad61:0"
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
content-type
image/png
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAACwWU1SNjltR7pHHQmoexxYTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
38915
PCI-1.png
www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkbenefits.com/eb/wp-content/uploads/2020/01/PCI-1.png
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b0e6f7ad3ea85c656db9e4e51c75fe79d503bfce28f8be62e2c03a80d20cf76d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
last-modified
Fri, 05 Jun 2020 02:11:03 GMT
etag
"f3c64c90de3ad61:0"
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
content-type
image/png
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAAC6e5xP8MzWTbRHq14eYHgwTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
22537
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-40561067-3
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bb5c2edc099b775a350b3817c48064503396589aedbe31717606d48805ff519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
36179
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Nov 2021 12:37:27 GMT
2900416.js
js.hs-scripts.com/ 		988 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2900416.js?integration=WordPress
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f81abf2fa62278a2518c9766fe54ab4f9d5e2af2f748973086e3c136d0d03c95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
9f0cd249-826c-40e2-8aaf-8d5a086d40bc
last-modified
Sun, 14 Nov 2021 12:23:25 GMT
server
cloudflare
x-trace
2B9D8CC92D566341DDCB1798AD5FB6FFF3D595F628000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.rethinkbenefits.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6ae04a8ddf1f702d-FRA
expires
Sun, 14 Nov 2021 12:38:27 GMT
mediaelement-and-player.min.js
www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/ 		154 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:38:10 GMT
x-frame-options
SAMEORIGIN
etag
"25b321c7f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BgORYQAAAABM+fEcS/TORLD3/dBienIBTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
51982
mediaelement-migrate.min.js
www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.7.4
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:38:10 GMT
x-frame-options
SAMEORIGIN
etag
"51c024c7f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAAB0AcS6gtz9RpKwXhPwtBM/TE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
707
wp-mediaelement.min.js
www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/ 		906 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.7.4
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:38:10 GMT
x-frame-options
SAMEORIGIN
etag
"bba33bc7f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAADjDc5iLRVZTYDWOHwC8e8NTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
646
plugins.js
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/ 		775 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/plugins.js?ver=1794119835
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ac33ffd788e54cb4a00b31c9823744f840e1f1b5a5f6c94a5cdaa588a05c3ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:33:40 GMT
x-frame-options
SAMEORIGIN
etag
"a6757426f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAABOMn2gJEz5T4HDR3p+u4+GTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
app.js
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/ 		178 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/js/app.js?ver=1794119835
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dff26b51cad388065c1fbe75ce5af23772a422909b70f7fca58f6cb6632caa8c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:33:40 GMT
x-frame-options
SAMEORIGIN
etag
"9cb12926f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAADA10f6tt+tQ4WvAmn9Buj2TE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
55272
wp-embed.min.js
www.rethinkbenefits.com/eb/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-includes/js/wp-embed.min.js?ver=5.7.4
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:38:11 GMT
x-frame-options
SAMEORIGIN
etag
"8fe3cec7f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAAA/FBo/hNMATrP4XEWiZHvxTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
966
wp-emoji-release.min.js
www.rethinkbenefits.com/eb/wp-includes/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/eb/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 06:38:11 GMT
x-frame-options
SAMEORIGIN
etag
"1d48d7c7f7fd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAADNeDGCrXxWRo54Atxj/5YtTE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
5993
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alike%3Aregular%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic&ver=2.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rethinkbenefits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 04:48:55 GMT
x-content-type-options
nosniff
age
287312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 04:48:55 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alike%3Aregular%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic&ver=2.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rethinkbenefits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:18:02 GMT
x-content-type-options
nosniff
age
170365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:18:02 GMT
HI_EiYEYI6BIoHjGQ5Q.woff2
fonts.gstatic.com/s/alike/v13/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alike/v13/HI_EiYEYI6BIoHjGQ5Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alike%3Aregular%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic&ver=2.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d68e9b6ef66bf0113a643dbe47a31245ba5a9e13140dd8f75bd86cc7abfe0f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rethinkbenefits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 02:44:05 GMT
x-content-type-options
nosniff
age
294802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
28648
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:39:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 02:44:05 GMT
app.js
acsbapp.com/apps/app/dist/js/
Redirect Chain
  • https://acsbapp.com/apps/app/assets/js/acsb.js
  • https://acsbapp.com/apps/app/dist/js/app.js
422 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Server
206.189.187.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
cdn103.acsbapp.com
Software
/
Resource Hash
0daa212f585390c130c10af17219c619da5688ef874853f89f746c2b97d42e01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:27 GMT
content-encoding
br
last-modified
Wed, 10 Nov 2021 19:43:06 GMT
etag
"69839-618c20ca-9c42fe7eaa01a5ad;br"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
141090
expires
Mon, 15 Nov 2021 12:37:27 GMT

Redirect headers

location
https://acsbapp.com/apps/app/dist/js/app.js
date
Sun, 14 Nov 2021 12:37:27 GMT
content-length
707
content-type
text/html
uncode-icons.woff2
www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/fonts/ 		138 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/fonts/uncode-icons.woff2
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/uncode-icons.css?ver=1794119835
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb3bfa3f39f228b5e06fb6ee80aea986056d3253805a59581e6eff051050141d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.rethinkbenefits.com/eb/wp-content/themes/uncode/library/css/uncode-icons.css?ver=1794119835
Origin
https://www.rethinkbenefits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:26 GMT
last-modified
Wed, 03 Mar 2021 06:33:36 GMT
etag
"4913c723f7fd71:0"
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
content-type
application/font-woff2
access-control-allow-origin
*
x-azure-ref
0BwORYQAAAAC9TA2pW/0/SrVO0uwU4Vy2TE9OMjFFREdFMDExMwBkMjc1Yzk1MC1lNTQwLTQ0YTYtYTk2OC0wODcwMGVhZmNiZmY=
accept-ranges
bytes
content-length
141008
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alike%3Aregular%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic&ver=2.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rethinkbenefits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 21:50:41 GMT
x-content-type-options
nosniff
age
226006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
19824
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 21:50:41 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40561067-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2181
date
Sun, 14 Nov 2021 12:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Sun, 14 Nov 2021 14:01:06 GMT
collect
www.google-analytics.com/j/ 		1 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=576862155&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&ul=en-us&de=UTF-8&dt=Rethink%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=101122888&gjid=2119580595&cid=1171059012.1636893447&tid=UA-40561067-3&_gid=36630625.1636893447&_r=1&gtm=2ouba1&z=662827303
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rethinkbenefits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 12:37:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rethinkbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
2900416.js
js.hs-banner.com/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2900416.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2900416.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af163e6370aa13abac18245d6c0f786a5db66448abba499f506b4bd11414727c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
BVANRH9FYYENX48R
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
bKrpRXpC8JO9KHBIxNxwa7/z822DXfzR+4WZCoIjjA0nITUElL2J14lzrvNyiRj9QSiGokXDTeM=
timing-allow-origin
*
last-modified
Thu, 11 Nov 2021 21:33:22 GMT
server
cloudflare
etag
W/"bf9ce368d7d81c9674d952c65b4035ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
MFy7i6PeM1iHOSRkjCK3SxBrXTE0qJNi
access-control-allow-origin
https://www.rethinkbenefits.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6ae04a8eebd1d6b9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Sun, 14 Nov 2021 12:42:27 GMT
2900416.js
js.hs-analytics.net/analytics/1636893300000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1636893300000/2900416.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2900416.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42329280b0cf83cd9362c2c18410b9a0e16571baa6d7b4877a59edfe4192c494

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:28 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
Y8ZP95YY77KPZH52
x-amz-server-side-encryption
AES256
cf-ray
6ae04a8ef8bd4d84-FRA
x-amz-id-2
c2Qx1auWvC0oUAIJMwGajNPtFHckJARJgRBGsdOUucklDRJJXrk41BYJx3w2rfKJKlPwvDqE6Ms=
last-modified
Thu, 11 Nov 2021 21:33:20 GMT
server
cloudflare
etag
W/"c4b0df6b5d3243e66e8ccc00df82ac27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Sun, 14 Nov 2021 12:42:27 GMT
config.json
cdn.acsbapp.com/cache/app/rethinkbenefits.com/ 		136 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/rethinkbenefits.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
cdn102.acsbapp.com
Software
/
Resource Hash
dd592fc05cf1e7ddba67be59a6d4866812454da8b0610dfbf01e37f798a54273

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:28 GMT
last-modified
Sun, 14 Nov 2021 07:13:14 GMT
etag
"88-6190b70a-e8d190544353b00;;;"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
136
expires
Mon, 15 Nov 2021 12:37:28 GMT
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 12:37:28 GMT
Content-Encoding
gzip
X-Pardot-Route
b39cd42d381b722267ab9de7e8c10f5d
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
Last-Modified
Fri, 12 Nov 2021 05:15:08 GMT
Server
PardotServer
ETag
"1547-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1950
Expires
Tue, 14 Nov 2023 12:37:28 GMT
__ptq.gif
track.hubspot.com/ 		45 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2427650321&v=1.1&a=2900416&ct=standard-page&rcu=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&pu=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&t=Rethink+Benefits&cts=1636893448046&vi=31fcbcdd6e5d37cc3b92a1d33e76755f&nc=true&u=142051885.31fcbcdd6e5d37cc3b92a1d33e76755f.1636893448043.1636893448043.1636893448043.1&b=142051885.1.1636893448043&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:28 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
73ccf48a-12d5-45c2-863f-b965add737ad
cf-ray
6ae04a92c83a5c08-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5mAHXT61G8S0cOSDK6pYG%2FP%2B2AG%2BTpP2uwmXrLcxZLr5hMYtJfoEI8Iz5yERmOlHve8rw1%2BN2Py7b%2F%2BXopefja3q40%2Fj745byKHeyCTRYfCoxr%2FV0nJclfbUa2QbN7EBezyYOT7%2FKL8mqjHdeRU"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
en.build.json
cdn.acsbapp.com/cache/app/ 		216 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/en.build.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
cdn102.acsbapp.com
Software
/
Resource Hash
3ced5f8cdff53413385be72b52dc7aec3bc055c24684f76ae30a74664d0ef052

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:37:28 GMT
content-encoding
br
last-modified
Wed, 10 Nov 2021 19:39:03 GMT
etag
"35ea0-618c1fd7-9308222c1a65a329;br"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
20740
expires
Mon, 15 Nov 2021 12:37:28 GMT
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=19158&account_id=84952&title=Rethink%20Benefits&url=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
ba9d950a196e00ead579cfd94696d9b56c7f98173988c959a37fa6d38e053512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 12:37:28 GMT
Content-Encoding
gzip
X-Pardot-Route
d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp
16/26/73
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
552
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
go.rethinkfirst.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rethinkfirst.com/analytics?conly=true&visitor_id=274754737&visitor_id_sign=a5248ac035406cb1c415f1b55e3da4391a55d47a178c8e2238f906e38925e1649f4de2c8ee8a8c592a4756f716afd557ff9a1d35&pi_opt_in=&campaign_id=19158&account_id=84952&title=Rethink%20Benefits&url=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=19158&account_id=84952&title=Rethink%20Benefits&url=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&referrer=
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 12:37:29 GMT
X-Pardot-Route
d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp
16/57/239
Vary
User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
50
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
a350d5ad2adc9090bc0fd677c1285892_b4.js
rethink-cdn-edu.azureedge.net/scripts/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rethink-cdn-edu.azureedge.net/scripts/a350d5ad2adc9090bc0fd677c1285892_b4.js
Requested by
Host: www.rethinkbenefits.com
URL: https://www.rethinkbenefits.com/eb/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F54) /
Resource Hash
e79d81fa221aa8f47dfb5083fb1bd5baf2dfeee346efac6c39aaba529a24558c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
etag
"555b5cbea3d1d71:0"
age
222675
x-cache
HIT
x-azure-ref
0Np2NYQAAAACwLBwPo8V1TYWR9l9F0pMTRlJBRURHRTEwMTgAZDI3NWM5NTAtZTU0MC00NGE2LWE5NjgtMDg3MDBlYWZjYmZm
strict-transport-security
max-age=31536000;includeSubDomains;
content-length
5453
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
last-modified
Thu, 04 Nov 2021 17:45:23 GMT
server
ECAcc (frc/8F54)
x-frame-options
SAMEORIGIN
date
Sun, 14 Nov 2021 12:37:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Request-Context
x-xssprotection
1; mode=block
accept-ranges
bytes
x-content-type-options
nosniff
backend-pool
East
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=576862155&t=event&_s=2&dl=https%3A%2F%2Fwww.rethinkbenefits.com%2Feb%2F&ul=en-us&de=UTF-8&dt=Rethink%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie-Script&ea=Show&_u=aEBAAUABAAAAAC~&jid=&gjid=&cid=1171059012.1636893447&tid=UA-40561067-3&_gid=36630625.1636893447&gtm=2ouba1&z=1854138193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rethinkbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 14:14:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80589
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings undefined| $ function| jQuery object| SiteParameters object| uaInfo object| screenInfo object| dataUriInfo function| css_browser_selector string| css_browser_selector_ns object| evento undefined| player object| OKEvents undefined| options undefined| videoWidth undefined| videoHeight undefined| YTplayers object| youtubePlayers function| onYouTubeIframeAPIReady function| vimeoPlayerReady function| whichTransitionEvent function| whichAnimationEvent function| requestAnimFrame function| requestTimeout function| clearRequestTimeout object| classie function| wrap function| wrapAll object| UNCODE function| Vivus object| iNoBounce function| FontFaceObserver object| _hsq object| hbspt function| gtag object| dataLayer string| piAId string| piCId string| piHostname object| leadin_wordpress object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _hsp function| uncode_progress_bar object| BigText function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| Waypoint object| browserPrefixes function| ProgressCircle function| vc_pieChart function| Share object| BootstrapTabHistory function| IScroll function| uncode_textfill function| waypoint_animation string| waypointContextKey object| twemoji object| php_js function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _0x4fea function| _0x5b40 object| AJS object| AccessiBe object| acsb object| acsbJS object| EJSEventListeners boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime function| EJSCustomEvent function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse function| csCookies object| cookieScriptWindow object| cookieScripts string| cookieScriptSrc function| cookieQuery string| cookieScriptPosition string| cookieScriptSource string| cookieScriptDomain string| cookieScriptReadMore string| cookieId number| cookieScriptDebug boolean| cookieScriptShowBadge string| cookieScriptCurrentUrl string| cookieScriptTitle string| cookieScriptDesc string| cookieScriptAccept string| cookieScriptMore string| cookieScriptReject string| cookieScriptCopyrights function| cookieScriptLoadJavaScript function| InjectCookieScript undefined| Cookies string| cookieScriptStatsDomain function| cookieScriptCreateCookie function| cookieScriptReadCookie function| cookieScriptAddBox object| cookieScriptCurrentValue

16 Cookies

Domain/Path Name / Value
www.rethinkbenefits.com/ Name: ASP.NET_SessionId
Value: ajrct202t42xgoveg10aqqbg
.rethinkbenefits.com/ Name: _ga
Value: GA1.2.1171059012.1636893447
.rethinkbenefits.com/ Name: _gid
Value: GA1.2.36630625.1636893447
.rethinkbenefits.com/ Name: _gat_gtag_UA_40561067_3
Value: 1
.rethinkbenefits.com/ Name: __hstc
Value: 142051885.31fcbcdd6e5d37cc3b92a1d33e76755f.1636893448043.1636893448043.1636893448043.1
.rethinkbenefits.com/ Name: hubspotutk
Value: 31fcbcdd6e5d37cc3b92a1d33e76755f
.rethinkbenefits.com/ Name: __hssrc
Value: 1
.rethinkbenefits.com/ Name: __hssc
Value: 142051885.1.1636893448043
.hubspot.com/ Name: __cf_bm
Value: BPe4Onkzmo1VjlSCGCKdHEJxtIa9WvpNVMwpkO6Hd0M-1636893448-0-AbZIKz5suV6l4YzU9+GB7V2mygdMfDSDTdHJGtrcQbaZNMhKT1ZlvcyYSlyRh43GpvsyhpQJLfu1vran/b0eGe4=
.pardot.com/ Name: visitor_id83952
Value: 274754737
.pardot.com/ Name: visitor_id83952-hash
Value: a5248ac035406cb1c415f1b55e3da4391a55d47a178c8e2238f906e38925e1649f4de2c8ee8a8c592a4756f716afd557ff9a1d35
pi.pardot.com/ Name: lpv83952
Value: aHR0cHM6Ly93d3cucmV0aGlua2JlbmVmaXRzLmNvbS9lYi8%3D
www.rethinkbenefits.com/ Name: visitor_id83952
Value: 274754737
www.rethinkbenefits.com/ Name: visitor_id83952-hash
Value: a5248ac035406cb1c415f1b55e3da4391a55d47a178c8e2238f906e38925e1649f4de2c8ee8a8c592a4756f716afd557ff9a1d35
go.rethinkfirst.com/ Name: visitor_id83952
Value: 274754737
go.rethinkfirst.com/ Name: visitor_id83952-hash
Value: a5248ac035406cb1c415f1b55e3da4391a55d47a178c8e2238f906e38925e1649f4de2c8ee8a8c592a4756f716afd557ff9a1d35

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
cdn.acsbapp.com
fonts.googleapis.com
fonts.gstatic.com
go.rethinkfirst.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
pi.pardot.com
rethink-cdn-edu.azureedge.net
rethinkbenefits.com
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
www.rethinkbenefits.com
13.107.213.67
206.189.187.108
206.189.191.180
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:43b0
2606:4700::6811:d5cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2620:1ec:48::44
2a00:1450:4001:827::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
35.174.78.146
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0bb5c2edc099b775a350b3817c48064503396589aedbe31717606d48805ff519
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0daa212f585390c130c10af17219c619da5688ef874853f89f746c2b97d42e01
1d048e58fc4c11acd0d6814e6514b4253b25dae91b51093501c297408f2ddff2
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2a0de9f156b5d4bd033c538442fbaed0ace3f13495f9c1f9dda988fc259bfb29
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d5f7f551cca52ad439af9e3f54b7103ad31587084ad121361d8e319210b9f5d
33f4664bbf94cc1c4524b3469ba4c25aeb1bab2636ffc061adfc1ffedc4dafde
3ced5f8cdff53413385be72b52dc7aec3bc055c24684f76ae30a74664d0ef052
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
42329280b0cf83cd9362c2c18410b9a0e16571baa6d7b4877a59edfe4192c494
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
68e86b7f45d9e6f39ec522458a4d0973c25745485188bad6d680e70b953a9bec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b999ad5a53f20d5432a997640c8e6466a4f8fbd4d754b91e0fd102f5a5301b2
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ac33ffd788e54cb4a00b31c9823744f840e1f1b5a5f6c94a5cdaa588a05c3ff
8b9b7ad3b5c3fe6eb502079f3b955b165622b807d03ffcf954bd28e8e8a4cee0
8cc76357bd40603ec5e4006a86598180f96ebd603aa32682e6f8da895e02fab2
8cea5efbe16230f5a4726ea5d2172c4c8d38a080dba3a4e105d07f3d77af6748
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5e3d92515571781e7a0cde874ec6b137ae496da4d29a4361fe1d35629e199c5
af163e6370aa13abac18245d6c0f786a5db66448abba499f506b4bd11414727c
b0e6f7ad3ea85c656db9e4e51c75fe79d503bfce28f8be62e2c03a80d20cf76d
ba9d950a196e00ead579cfd94696d9b56c7f98173988c959a37fa6d38e053512
cb3bfa3f39f228b5e06fb6ee80aea986056d3253805a59581e6eff051050141d
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d3acae6258d603740a17dbff03bec2004d36814f15082958c84a544d43e33b4d
d4102bbe4cbf20ecf50ed31f75606465a4576ef2c0765fbf6e5d0d1a2a5084c0
d68e9b6ef66bf0113a643dbe47a31245ba5a9e13140dd8f75bd86cc7abfe0f60
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd592fc05cf1e7ddba67be59a6d4866812454da8b0610dfbf01e37f798a54273
dff26b51cad388065c1fbe75ce5af23772a422909b70f7fca58f6cb6632caa8c
e0d9d3c9034dde0af57d0b444fa033f9223ce92dbe904ce0236cbcec842bbb04
e79d81fa221aa8f47dfb5083fb1bd5baf2dfeee346efac6c39aaba529a24558c
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f81abf2fa62278a2518c9766fe54ab4f9d5e2af2f748973086e3c136d0d03c95