bundlebenefits.com Open in urlscan Pro
188.166.146.181 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen07.com/s3t/c/5/f18dQhb0S7kF8c7SC-W1zfN0p59hl3kW7_k2841CX6NGW35QNv-1D8PzDW7s-thm3ydGtpf197v5Y04?te=W3R5h...
Effective URL:
https://bundlebenefits.com/
Submission: On March 23 via api (March 23rd 2022, 3:55:48 pm UTC) from CA — Scanned from CA

Summary HTTP 51 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 23 domains to perform 51 HTTP transactions. The main IP is 188.166.146.181, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is bundlebenefits.com.
TLS certificate: Issued by R3 on February 28th 2022. Valid for: 3 months.

This is the only time bundlebenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:260	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	188.166.146.181 188.166.146.181	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.33.60.106 13.33.60.106	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:13:... 2600:141b:13::17d7:82d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
2	130.211.30.48 130.211.30.48	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.99.194 104.18.99.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.117.117.251 34.117.117.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 8	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:8d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:f1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	24

1 2606:4700::6812:260 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen07.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 188.166.146.181 (London, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 553566.cloudwaysapps.com

bundlebenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.60.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-106.ewr52.r.cloudfront.net

cdn.leadmanagerfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2008 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.30.48 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 48.30.211.130.bc.googleusercontent.com

t.leadmanagerfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.99.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.117.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.117.117.34.bc.googleusercontent.com

t.marketingcloudfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:9b53 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-na1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2004 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:8d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)

avatars.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	hubspot.com 3 redirects forms.hubspot.com — Cisco Umbrella Rank: 3048 api.hubspot.com — Cisco Umbrella Rank: 4676 app.hubspot.com — Cisco Umbrella Rank: 6146 track.hubspot.com — Cisco Umbrella Rank: 2180 api-na1.hubspot.com — Cisco Umbrella Rank: 27417	25 KB
10	bundlebenefits.com 1 redirects bundlebenefits.com	1 MB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 7281	262 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 434 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 5153	4 KB
5	leadmanagerfx.com cdn.leadmanagerfx.com — Cisco Umbrella Rank: 34724 t.leadmanagerfx.com — Cisco Umbrella Rank: 31219	30 KB
3	hubspot.net avatars.hubspot.net — Cisco Umbrella Rank: 29853	43 KB
3	gstatic.com fonts.gstatic.com	90 KB
2	marketingcloudfx.com t.marketingcloudfx.com — Cisco Umbrella Rank: 69149	322 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 499	540 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	106 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 8822	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 68	444 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 799	3 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2051	16 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5037	25 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4008	87 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2038	20 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4966	22 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2209	992 B
1	sidekickopen07.com 1 redirects t.sidekickopen07.com — Cisco Umbrella Rank: 45735	506 B
51	23

	Domain	Requested by
10	bundlebenefits.com	1 redirects bundlebenefits.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
3	avatars.hubspot.net
3	api-na1.hubspot.com	3 redirects
3	api.hubspot.com	js.usemessages.com static.hsappstatic.net
3	px.ads.linkedin.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn.leadmanagerfx.com	bundlebenefits.com
2	t.marketingcloudfx.com	cdn.leadmanagerfx.com
2	p.adsymptotic.com	1 redirects bundlebenefits.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	t.leadmanagerfx.com	cdn.leadmanagerfx.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	bundlebenefits.com
2	fonts.googleapis.com	bundlebenefits.com
1	track.hubspot.com
1	app.hubspot.com	js.usemessages.com
1	www.google.ca	bundlebenefits.com
1	www.google.com	bundlebenefits.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-scripts.com	bundlebenefits.com
1	t.sidekickopen07.com	1 redirects
51	30

This site contains links to these domains. Also see Links.

Domain
bundle.bundlebenefits.com
mazetx.com
www.proofpoint.com
www.parkinson.org
www.alvarezandmarsal.com
www.airtable.com
www.alector.com
www.bcg.com
www.bridgebio.com
www.instagram.com
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
bun.demo.link R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
cdn.leadmanagerfx.com Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
t.leadmanagerfx.com GTS CA 1D4	`2022-02-16` - `2022-05-17`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
t.marketingcloudfx.com GTS CA 1D4	`2022-02-12` - `2022-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://bundlebenefits.com/
Frame ID: 863EEABB745DBC7C8B09B56432BEE69D
Requests: 42 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/7692313/threads/utk/cb3373ac4fb14131a289583e0b803d0e?uuid=19172f8129574ef79fae32794c6c4fee&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=bundlebenefits.com&inApp53=false&messagesUtk=cb3373ac4fb14131a289583e0b803d0e&url=https%3A%2F%2Fbundlebenefits.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: B83E6EBE82E464670AEF18E816148D84
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

All-Encompassing Employee Benefits - Bundle

Page URL History Show full URLs

https://t.sidekickopen07.com/s3t/c/5/f18dQhb0S7kF8c7SC-W1zfN0p59hl3kW7_k2841CX6NGW35QNv-1D8PzDW7s-thm3ydG... HTTP 307
http://bundlebenefits.com/ HTTP 301
https://bundlebenefits.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

51
Requests

92 %
HTTPS

77 %
IPv6

23
Domains

30
Subdomains

24
IPs

3
Countries

1895 kB
Transfer

4769 kB
Size

27
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://bundle.bundlebenefits.com/start-a-live-session
Title: Sign Up Here

Search URL Search Domain Scan URL

URL: https://bundle.bundlebenefits.com/meetings/miamedico/mia-allie-round-robin
Title: Schedule Now

Search URL Search Domain Scan URL

URL: https://bundle.bundlebenefits.com/breakaction?_ga=2.124482306.987771742.1645467450-632194144.1645131711
Title: See a Booking in Action

Search URL Search Domain Scan URL

URL: https://mazetx.com/

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us

Search URL Search Domain Scan URL

URL: https://www.parkinson.org/

Search URL Search Domain Scan URL

URL: https://www.alvarezandmarsal.com/

Search URL Search Domain Scan URL

URL: https://www.airtable.com/

Search URL Search Domain Scan URL

URL: https://www.alector.com/

Search URL Search Domain Scan URL

URL: https://www.bcg.com/en-us/

Search URL Search Domain Scan URL

URL: https://www.bridgebio.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bundlebenefits/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bundlebenefits/

Search URL Search Domain Scan URL

URL: https://twitter.com/BundleBenefits

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bundle-benefits/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen07.com/s3t/c/5/f18dQhb0S7kF8c7SC-W1zfN0p59hl3kW7_k2841CX6NGW35QNv-1D8PzDW7s-thm3ydGtpf197v5Y04?te=W3R5hFj26QkGZW3ZY6VG1JxwY7W3XDfVV41QWmcW3C7M-53M3Dq3f1JxwY5V3&si=8000000016898106&pi=a6a6444498dae1d17a85ca9ddcca06a1] HTTP 307
http://bundlebenefits.com/ HTTP 301
https://bundlebenefits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3565156&time=1648050941952&url=https%3A%2F%2Fbundlebenefits.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3565156&time=1648050941952&url=https%3A%2F%2Fbundlebenefits.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3565156%26time%3D1648050941952%26url%3Dhttps%253A%252F%252Fbundlebenefits.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3565156&time=1648050941952&url=https%3A%2F%2Fbundlebenefits.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3565156&time=1648050941952&url=https%3A%2F%2Fbundlebenefits.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKOtfLWRsQKXgAAAX-3fbFYkXLGMSpRox7hO-u50l9AKm5u0DzuikmZ9pixHT7yc9za1T1kqg HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a5d245ad-b46e-415a-9fce-d74d5ab685c7 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a5d245ad-b46e-415a-9fce-d74d5ab685c7&_expected_cookie=292849f100f8083bf086f9f35d7488e2

Request Chain 48

https://api-na1.hubspot.com/userpreferences/v1/avatar/0db20c544621b2588422f19fdf8db468/100 HTTP 307
https://avatars.hubspot.net/0db20c544621b2588422f19fdf8db468-100

Request Chain 49

https://api-na1.hubspot.com/userpreferences/v1/avatar/c045b414c4a32b96b909586216c439c1/100 HTTP 307
https://avatars.hubspot.net/c045b414c4a32b96b909586216c439c1-100

Request Chain 50

https://api-na1.hubspot.com/userpreferences/v1/avatar/d163400e51d21a8791173863bace7ad3/100 HTTP 307
https://avatars.hubspot.net/d163400e51d21a8791173863bace7ad3-100

51 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bundlebenefits.com/
Redirect Chain

https://t.sidekickopen07.com/s3t/c/5/f18dQhb0S7kF8c7SC-W1zfN0p59hl3kW7_k2841CX6NGW35QNv-1D8PzDW7s-thm3ydGtpf197v5Y04?te=W3R5hFj26QkGZW3ZY6VG1JxwY7W3XDfVV41QWmcW3C7M-53M3Dq3f1JxwY5V3&si=800000001689...
http://allie.cook@bundlebenefits.com/
https://bundlebenefits.com/

63 KB
12 KB

648ms
476ms

Document
text/html

188.166.146.181
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bundlebenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.146.181 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 553566.cloudwaysapps.com
Software: nginx / Craft Commerce,Craft CMS
Resource Hash: 690ed8a5ac7e5ae85167a09debd832a8287629923a419a62106a21e230e0d252

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

server: nginx
date: Wed, 23 Mar 2022 15:55:41 GMT
content-type: text/html; charset=UTF-8
content-length: 12139
x-powered-by: Craft Commerce,Craft CMS
link: <https://bundlebenefits.com/>; rel="canonical"
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 23 Mar 2022 15:55:40 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://bundlebenefits.com/

GET
H2 200 main.css
bundlebenefits.com/assets/css/ 135 KB
23 KB 89ms
88ms Stylesheet
text/css 188.166.146.181
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bundlebenefits.com/assets/css/main.css?v=125
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.146.181 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 553566.cloudwaysapps.com
Software: nginx /
Resource Hash: 0962f9e62973ed95f8cda46d6a40e2a3f952574b2c21fc9b20ab00b2c41ff866

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:06:23 GMT
server: nginx
etag: W/"62041ebf-21c9d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
909 B 82ms
34ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: bundlebenefits.com
URL: https://bundlebenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb561cd233f45d1673411866767ddb162ee40503bc71195ef8f186ec41f97fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 15:43:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Mar 2022 15:55:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Mar 2022 15:55:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
801 B 85ms
37ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;500;600&display=swap

Requested by

Host: bundlebenefits.com
URL: https://bundlebenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78d147e445a39009ea83035d69267d7e81d52b8d6655090c42b0c7c9da037995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 15:55:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Mar 2022 15:55:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Mar 2022 15:55:41 GMT

GET
H2 200 7692313.js Show response
js.hs-scripts.com/ 2 KB
992 B 58ms
33ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/7692313.js
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d7bf66dc52ed4446fa33d4055b012073cba9c8539176ec2c9bd81d135b143f0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 36
cf-polished: origSize=2487
x-hubspot-correlation-id: dedf7f3d-d2c5-4c96-bab4-3bd2e53b3b44
last-modified: Wed, 23 Mar 2022 15:53:53 GMT
server: cloudflare
x-trace: 2BF6B3A180C57B8006CB2C5B24E60D60E70B3DC017000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://meetings.hubspot.com
expires: Wed, 23 Mar 2022 15:56:41 GMT
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6f085a51ee237151-YUL
cf-bgj: minify

GET
H2 200 bundle-logo.png
bundlebenefits.com/assets/uploads/general/_300xAUTO_fit_center-center_none/ 5 KB
5 KB 248ms
248ms Image
image/png 188.166.146.181
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bundlebenefits.com/assets/uploads/general/_300xAUTO_fit_center-center_none/bundle-logo.png
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.146.181 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 553566.cloudwaysapps.com
Software: nginx /
Resource Hash: 929902d8630541f56bea65f15141b10f6f1680f19cdd8834bf5ad02dce641e2f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
last-modified: Tue, 01 Dec 2020 14:12:10 GMT
server: nginx
etag: "5fc64f3a-1536"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5430

GET
H2 200 scripts.js Show response
bundlebenefits.com/assets/js/ 2 MB
464 KB 89ms
89ms Script
application/javascript 188.166.146.181
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bundlebenefits.com/assets/js/scripts.js?v=125
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.146.181 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 553566.cloudwaysapps.com
Software: nginx /
Resource Hash: f4c9335f07012722924c8faa20ea357b817281c521366bdcfa82fc1b37f33fb6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:51:48 GMT
server: nginx
etag: W/"62264634-18e602"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H/1.1 200
OK 5357 Show response
cdn.leadmanagerfx.com/js/mcfx/ 44 KB
11 KB 57ms
18ms Script
text/javascript 13.33.60.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.leadmanagerfx.com/js/mcfx/5357
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-106.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: b87ac4b900cf045e79b26c440091c5f7649d2eb7b1e315b7bda73d16e708c40f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 15:53:41 GMT
Via: 1.1 google, 1.1 215207bc7fb93e55e70ed5107d9c8948.cloudfront.net (CloudFront)
Age: 120
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Amz-Cf-Pop: EWR52-C1
X-Amz-Cf-Id: pPLbo0mJWy5xNdnWgkMlLdwSc2lSWbmV5TX8Jhb8TfL6kImNRhGoPw==
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 5357 Show response
cdn.leadmanagerfx.com/phone/js/ 25 KB
8 KB 54ms
18ms Script
text/javascript 13.33.60.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.leadmanagerfx.com/phone/js/5357
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-106.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: 564b3736005b2da08357d18e9554a32992e82f249f1083ad04ee941849844f9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 15:53:41 GMT
Via: 1.1 google, 1.1 29206f4909cacc031d06a0daf330fb6a.cloudfront.net (CloudFront)
Age: 120
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS, PATCH, HEAD
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Amz-Cf-Pop: EWR52-C1
Access-Control-Allow-Headers: Authorization, Content-Type
X-Amz-Cf-Id: bXig2Psqgn5ZgoF69pdlmdXOnhCWKHPBANCUNB-wTY9ZOC0S4Z1QsQ==
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 135 KB
49 KB 85ms
38ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M4VTSJH

Requested by

Host: bundlebenefits.com
URL: https://bundlebenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9258117837d1b67229047ecea55158fb77a97d1bff2fe9aed4fc3f498200b179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49535
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 15:55:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
57 KB 114ms
67ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKF74CV

Requested by

Host: bundlebenefits.com
URL: https://bundlebenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6200a06f2308c17b1180420c86bafc67c9ad3ae77091789e39e95f34bef3994f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58025
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 15:55:41 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 78ms
20ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bundlebenefits.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:46:05 GMT
x-content-type-options: nosniff
age: 61776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:46:05 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f9522ce01c768c76cdaa23b8a599c4b694f78bd3773e301e0c9a478616a4d6c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 96ms
47ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bundlebenefits.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:05 GMT
x-content-type-options: nosniff
age: 591936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:05 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 105ms
56ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bundlebenefits.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:02 GMT
x-content-type-options: nosniff
age: 591939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:02 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
22 KB 48ms
21ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7692313.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9fd3f5dec6c3a8864a0a9100ab0f2405304932539eaab3f78f73b8512be5ac0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
via: 1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 249
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9791/bundles/project.js&cfRay=6ed75f6a6ef0ece2-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 17 Mar 2022 05:15:40 UTC
server: cloudflare
etag: W/"419cdf3ddf23042fd3143657d9f8f249"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: fI2QQ2HoG52g6zkNXkR2xzQlZVwCe.yM
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P2
cf-ray: 6f085a52397c4bb8-YUL
x-amz-cf-id: 9cj79nBentISGdHBVjC96nZW2NqgZfvtV0Nq6u5269jQnLWGuDbyqA==
x-hs-target-asset: conversations-embed/static-1.9791/bundles/project.js

GET
H2 200 7692313.js Show response
js.hs-analytics.net/analytics/1648050900000/ 62 KB
20 KB 80ms
53ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1648050900000/7692313.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7692313.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc7ee12def883bec3ede0f9bfac151bc6974423aca58b4ecf494a1d90b615f39

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 36
x-amz-server-side-encryption: AES256
x-amz-request-id: KTG53V5D9NGKJDNZ
x-amz-id-2: 15SJd0J4dBNyTlfJUWXPhfrxVRjlZwuR27yz4Jrx3WUQ56dZOO4CRJSxROrzR++8P3BiVSngioU=
last-modified: Thu, 24 Feb 2022 12:46:39 GMT
server: cloudflare
etag: W/"9479f35f5b3a1e2fd715950daa3ab81e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 6f085a523eb3ecf6-YUL
expires: Wed, 23 Mar 2022 16:00:05 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 534 KB
87 KB 62ms
33ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7692313.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221

Request headers

Referer: https://bundlebenefits.com/
Origin: https://bundlebenefits.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
via: 1.1 349b149961d8d2361c29d4be4b5847f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 120
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js&cfRay=6f0031269aa1543d-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6f085a52481d7142-YUL
last-modified: Tue, 01 Mar 2022 09:57:40 UTC
server: cloudflare
etag: W/"57a8210ba9519a68ae76dcc1857db0f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: qE7M39zrJ2dCa.o34UdW.NnTPVZDG9U3
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: eKK1BXCIY7L4eTEifG2qk_qmZngm_HWzUfO2PkVzbNmGvg2udYV8sA==
x-hs-target-asset: lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 73 KB
25 KB 51ms
22ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7692313.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e

Request headers

Referer: https://bundlebenefits.com/
Origin: https://bundlebenefits.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 120
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.273/bundles/project.js&cfRay=6f0031269ef0cab8-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6f085a524c72ca4f-YUL
last-modified: Fri, 04 Mar 2022 03:24:42 UTC
server: cloudflare
etag: W/"5655d6c20b8fbd0326ccba67c4a94b8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: d8qvQ4NJOEEA6UgWpFiA1cbs11TvqQym
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: EOkr28hZWAPcJVie_5OKxPLy4BFj4bzW-0gpvmHpEN4lEmkH8r0Puw==
x-hs-target-asset: collected-forms-embed-js/static-1.273/bundles/project.js

GET
H2 200 7692313.js Show response
js.hs-banner.com/ 61 KB
16 KB 49ms
23ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7692313.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7692313.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab59f00b835acf5c74b70035090c902f4007fa2b7a49056786624debe50bdf9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 168
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: Q146572DQJZCK21X
x-amz-id-2: /mR7ma/HuufoAvu5XgYimckWPBKNkHftiZyGMWTuyd7UCE7eDmb02jrhOyBuKqejS0oy5yWAMoc=
timing-allow-origin: *
last-modified: Thu, 17 Feb 2022 22:11:02 GMT
server: cloudflare
etag: W/"c1d479172ba556a8d9c830c567f2b9b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: oCjvd3rcRbbnS9Hc2TNNcjz7T1FPkpu2
access-control-allow-origin: https://bundlebenefits.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6f085a523ed4ca47-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 23 Mar 2022 15:57:53 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 65ms
19ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4VTSJH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 15:55:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Mar 2022 23:45:34 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=71444
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3104

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKF74CV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4305
date: Wed, 23 Mar 2022 14:43:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 23 Mar 2022 16:43:56 GMT

POST
H2 200 5357 Show response
t.leadmanagerfx.com/visit/add/ 17 B
206 B 149ms
125ms XHR
text/plain 130.211.30.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.leadmanagerfx.com/visit/add/5357
Requested by: Host: cdn.leadmanagerfx.com
URL: https://cdn.leadmanagerfx.com/js/mcfx/5357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.30.48 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 48.30.211.130.bc.googleusercontent.com
Software: Apache /
Resource Hash: d65f5376c47878eac4dafdc277c98becc0577d96e23096fb34dfb7c4e9a93c3c

Request headers

Referer: https://bundlebenefits.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Mar 2022 15:55:41 GMT
via: 1.1 google
server: Apache
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://bundlebenefits.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 78ms
53ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7692313&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7564e0e4638da917bfda717eadedc8293b5f7304817dcadea36a9f1a8f70da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://bundlebenefits.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e9a8a599-d61a-4e74-9ca7-e91ba0e3cd8a
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIddW1u552k5QHQ8OQ8yFb%2B%2FXBg3ukdRoCdN1LVo%2BmWQ%2F4bemM1JLQl4T16X6ojJZUmv6%2FzqHGSBzHC3zeyeTpRVkCeRH6oK77RGv%2FdKAF3fRhgliYC5yZ0qqJrZ0Myqg60ltEcb2MHdaT8acuGk"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bundlebenefits.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6f085a535916ecee-YUL
access-control-allow-headers: *

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3565156&time=1648050941952&url=https%3A%2F%2Fbundlebenefits.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3565156&time=1648050941952&url=https%3A%2F%2Fbundlebenefits.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3565156%26time%3D1648050941952%26url%3Dhttps%253A%252F%252Fbundlebenefits.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3565156&time=1648050941952&url=https%3A%2F%2Fbundlebenefits.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3565156&time=1648050941952&url=https%3A%2F%2Fbundlebenefits.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKOtfLWRsQKXgAAAX-3fbFYkXLGMSpRox7hO-u50l...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a5d245ad-b46e-415a-9fce-d74d5ab685c7
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a5d245ad-b46e-415a-9fce-d74d5ab685c7&_expected_cookie=292849f100f8083bf086f9f3...

43 B
142 B

46ms
46ms

Image
image/gif

104.18.99.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a5d245ad-b46e-415a-9fce-d74d5ab685c7&_expected_cookie=292849f100f8083bf086f9f35d7488e2
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: H2
Server: 104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f085a56e8cc542b-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a5d245ad-b46e-415a-9fce-d74d5ab685c7&_expected_cookie=292849f100f8083bf086f9f35d7488e2
date: Wed, 23 Mar 2022 15:55:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6f085a56a86c542b-YYZ
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1 200
OK 5357 Show response
cdn.leadmanagerfx.com/js/mcfx/ 44 KB
11 KB 19ms
18ms Script
text/javascript 13.33.60.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.leadmanagerfx.com/js/mcfx/5357
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-106.ewr52.r.cloudfront.net
Software: Apache /
Resource Hash: b87ac4b900cf045e79b26c440091c5f7649d2eb7b1e315b7bda73d16e708c40f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 15:53:41 GMT
Via: 1.1 google, 1.1 29206f4909cacc031d06a0daf330fb6a.cloudfront.net (CloudFront)
Age: 121
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Amz-Cf-Pop: EWR52-C1
X-Amz-Cf-Id: doIOwTPLAEtFrh-bxU5BYhLGSK-QEMf76aM49PCO0LLR2YZ87vkAZw==
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 shutterstock_725291137-b.jpg
bundlebenefits.com/assets/uploads/general/_1200x1200_crop_center-center_none/ 208 KB
209 KB 85ms
84ms Image
image/jpeg 188.166.146.181
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bundlebenefits.com/assets/uploads/general/_1200x1200_crop_center-center_none/shutterstock_725291137-b.jpg
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.146.181 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 553566.cloudwaysapps.com
Software: nginx /
Resource Hash: ea65ec80654b57bab1e6fc3f70d202e2c413f04b57d2fc6284b314f2b93293c7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
last-modified: Mon, 06 Sep 2021 12:06:26 GMT
server: nginx
etag: "61360442-34163"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 213347

GET
H2 200 dots-snake.svg
bundlebenefits.com/assets/img/ 954 B
534 B 87ms
86ms Image
image/svg+xml 188.166.146.181
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bundlebenefits.com/assets/img/dots-snake.svg
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.146.181 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 553566.cloudwaysapps.com
Software: nginx /
Resource Hash: bcfff99c3f1d52da087fbb69b091bebda359acdc87cc48c1121f7cd6b6cc5eaf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 23:40:48 GMT
server: nginx
etag: W/"60835b00-3ba"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 shutterstock_644083087.jpg
bundlebenefits.com/assets/uploads/general/_1280x576_crop_center-center_none/ 102 KB
102 KB 87ms
87ms Image
image/jpeg 188.166.146.181
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bundlebenefits.com/assets/uploads/general/_1280x576_crop_center-center_none/shutterstock_644083087.jpg
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.146.181 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 553566.cloudwaysapps.com
Software: nginx /
Resource Hash: 6f580b18bf563a72b3a12a1105688dc8e4372461475faa99fe9018aa0812ea39

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
last-modified: Mon, 06 Sep 2021 11:22:49 GMT
server: nginx
etag: "6135fa09-198e1"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 104673

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 33ms
32ms XHR
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1651047965&t=pageview&_s=1&dl=https%3A%2F%2Fbundlebenefits.com%2F&ul=en-us&de=UTF-8&dt=All-Encompassing%20Employee%20Benefits%20-%20Bundle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=613650038&gjid=1579788849&cid=517390704.1648050942&tid=UA-196056152-1&_gid=1940091705.1648050942&_r=1&gtm=2wg3e0WKF74CV&z=1267394366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bundlebenefits.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:55:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bundlebenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 5357 Show response
t.leadmanagerfx.com/visit/add/ 17 B
77 B 120ms
120ms XHR
text/plain 130.211.30.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.leadmanagerfx.com/visit/add/5357
Requested by: Host: cdn.leadmanagerfx.com
URL: https://cdn.leadmanagerfx.com/js/mcfx/5357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.30.48 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 48.30.211.130.bc.googleusercontent.com
Software: Apache /
Resource Hash: f6d4d2bc529ae54543db99aeb2e4d063dc5f6cd4c0ae4a405e02fc91d2c9d143

Request headers

Referer: https://bundlebenefits.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
via: 1.1 google
server: Apache
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://bundlebenefits.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17

OPTIONS
H2 204 visitor
t.marketingcloudfx.com/ Frame 0
0 70ms
45ms Preflight
text/html 34.117.117.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.marketingcloudfx.com/visitor
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.117.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.117.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bundlebenefits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://bundlebenefits.com
function-execution-id: 6r8c7mv437ly
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: ce2e07cd1b1401960eb1ec941ac37746
date: Wed, 23 Mar 2022 15:55:42 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 visitor Show response
t.marketingcloudfx.com/ 583 B
322 B 66ms
52ms XHR
application/json 34.117.117.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.marketingcloudfx.com/visitor
Requested by: Host: cdn.leadmanagerfx.com
URL: https://cdn.leadmanagerfx.com/phone/js/5357
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.117.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.117.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6f7c3e771724ad02286d6e697e75fa7cd7b8f84f71df19258d7da5a0c9a52ad1

Request headers

Referer: https://bundlebenefits.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"247-gH0SHT23remW9/3PzrOwJgWrn0Q"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bundlebenefits.com
x-cloud-trace-context: eea7d4e97693c0f024f7b2b3833d18db
cache-control: private
function-execution-id: 6r8cnwofdkhu
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
via: 1.1 google

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 4 KB
3 KB 185ms
171ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7692313&conversations-embed=static-1.9791&mobile=false&messagesUtk=cb3373ac4fb14131a289583e0b803d0e&traceId=cb3373ac4fb14131a289583e0b803d0e

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6841f3419824448c72b973325b934c6e6ebb503561e7a58a5ccc4cd7007f530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://bundlebenefits.com/
Accept-Language: en-CA,en;q=0.9
X-HubSpot-Messages-Uri: https://bundlebenefits.com/

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 81be7668-9c34-4d8f-900d-0bdc5f5d2a49
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1611
server: cloudflare
x-trace: 2B6955D3865C7024A72BFC441AF3528F1669B9D5CD000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exkhL8c3St763YC3NIfQ6bcORIKPQZ%2B%2BNy47F7TxuUSLiLoFIkhDeN6LHI2mHg0jE6BOjFWqzwLM1hFa%2BILHyyJdhcqrtKtTv5nTKfCmXTesYokWcizgjA5ru%2FPhbfCYMj5fECfxKqE%2BzEnAFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bundlebenefits.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6f085a54edb3713f-YUL
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 62ms
60ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://bundlebenefits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6f085a546a39ecee-YUL
access-control-allow-origin: https://bundlebenefits.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 71785216-4376-404d-a61b-279337d050ef
x-trace: 2B9F2F49B5F92AFF5076DC8538DCA4B2F6355D721C000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wE5clq1EtCph6s9kHddVoVayp1lJODSRtT55Pr3JcOHlw6VhP9A7wjFFHME7kTan2p50DNR82EiRKcl0bRui1iR7DM%2FrIATVE5EUjIGapi9M0OnK1dwYuVBFUhPTPV306fN6fa2grGPssZIMIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 82ms
32ms XHR
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-196056152-1&cid=517390704.1648050942&jid=613650038&gjid=1579788849&_gid=1940091705.1648050942&_u=YGBACEAABAAAAC~&z=1940177681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bundlebenefits.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 23 Mar 2022 15:55:42 GMT
content-type: text/plain
access-control-allow-origin: https://bundlebenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 85ms
38ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-196056152-1&cid=517390704.1648050942&jid=613650038&_u=YGBACEAABAAAAC~&z=1084152538

Requested by

Host: bundlebenefits.com
URL: https://bundlebenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:55:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 84ms
38ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-196056152-1&cid=517390704.1648050942&jid=613650038&_u=YGBACEAABAAAAC~&z=1084152538

Requested by

Host: bundlebenefits.com
URL: https://bundlebenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:55:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 shutterstock_725291137-c.jpg
bundlebenefits.com/assets/uploads/general/_1200x1200_crop_center-center_none/ 130 KB
130 KB 84ms
84ms Image
image/jpeg 188.166.146.181
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bundlebenefits.com/assets/uploads/general/_1200x1200_crop_center-center_none/shutterstock_725291137-c.jpg
Requested by: Host: bundlebenefits.com
URL: https://bundlebenefits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.146.181 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 553566.cloudwaysapps.com
Software: nginx /
Resource Hash: 69cc44e4d91e2aa99a1cd1e19f389d4318f6245bd3216dffddc8e7b7a6b3fb89

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
last-modified: Mon, 06 Sep 2021 12:06:46 GMT
server: nginx
etag: "61360456-20790"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 133008

GET
H2 200 cb3373ac4fb14131a289583e0b803d0e Show response
app.hubspot.com/conversations-visitor/7692313/threads/utk/ Frame B83E 45 KB
17 KB 106ms
81ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/7692313/threads/utk/cb3373ac4fb14131a289583e0b803d0e?uuid=19172f8129574ef79fae32794c6c4fee&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=bundlebenefits.com&inApp53=false&messagesUtk=cb3373ac4fb14131a289583e0b803d0e&url=https%3A%2F%2Fbundlebenefits.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e61e1047f96659ace541c3095fcc3c536f28547e9030470c264e991851b3c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
content-type: text/html; charset=utf-8
cf-ray: 6f085a562b157138-YUL
age: 3073
cache-control: max-age=600
etag: W/"143080f8dda9aa822a77de21f002482d"
last-modified: Thu, 17 Mar 2022 05:15:40 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net *.google-analytics.com www.googletagmanager.com www.google.com www.gstatic.com data: 'unsafe-inline' 'unsafe-eval' connect.facebook.net www.gstatic.cn *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.12244/html/index.html&cfRay=6f085a562b157138&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7692313%2Fthreads%2Futk%2Fcb3373ac4fb14131a289583e0b803d0e%3Fuuid%3D19172f8129574ef79fae32794c6c4fee%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dbundlebenefits.com%26inApp53%3Dfalse%26messagesUtk%3Dcb3373ac4fb14131a289583e0b803d0e%26url%3Dhttps%253A%252F%252Fbundlebenefits.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fbundlebenefits.com%2F&cfenv=prod&pdt=2022-03-23&csp=ro
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: 6tn9_pEOfZb3_1v-71fVJeUwhKjcs-vUj343qxbpAuwXUFupq7dxxg==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: Q0_uVcQpkOJOeaN7_rfb4xqVK8DiA0Nb
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-worker-debug-mode: false
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.199/ Frame B83E 45 KB
16 KB 55ms
27ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.199/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/7692313/threads/utk/cb3373ac4fb14131a289583e0b803d0e?uuid=19172f8129574ef79fae32794c6c4fee&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=bundlebenefits.com&inApp53=false&messagesUtk=cb3373ac4fb14131a289583e0b803d0e&url=https%3A%2F%2Fbundlebenefits.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f0f0e765d8fe642b2163a3ab5e21bf74617fab00fc01127553b7d0379af256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
via: 1.1 e9cd6227f5054d45a581b16b58940702.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1275896
x-amz-server-side-encryption: AES256
cf-ray: 6f085a56eff4ca53-YUL
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 08 Mar 2022 20:23:12 GMT
server: cloudflare
etag: W/"365b06df93f3bcf54923f96dfdf791d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=480E%2BJ2STGcYQvdav3tmTbg%2B%2Fgxh2f23uL9eB165unI5%2B%2FYBGj7ByYTDRsNL4AKnuIWkWj%2FRu6Usu79vBnCyskflNbmIYJnujmEICxVoAM3OkYLGDiR7PLfrRi7qHq2G21U%2FO3mnGRfCQ383HAO%2Fx1T98dg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4ZNtq2xyQnSmn4.ITAr_8V5WI99rq4Z2
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: YTO50-C3
content-type: application/javascript
x-amz-cf-id: Mo9vXaKlWF_SRiCfkr2dXQIMnqfnEt3LjhWGGPftQyQjrua9ulflPw==
expires: Thu, 23 Mar 2023 15:55:42 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame B83E 20 KB
5 KB 48ms
21ms Stylesheet
text/css 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
via: 1.1 9289d7ed5e4e6afe1ab2abc0c202a3c4.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1295745
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-replication-status: PENDING
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXFfrFlLe9Ka5j399ns9WwY8ZBmIlrPS4PPAFY16AJsmITX4WaBW7cPavMV6ZYWld7e7%2FNpjxaivRUMZGlTKsYgOFxOMot%2FKlQdB%2FrRRYAx9AyZsJay62Vy6lTIMOFUYePbGdcIJtSUr8VCE9%2B1DXzCm4VM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: YTO50-C3
cf-ray: 6f085a56ea944bd6-YUL
x-amz-cf-id: 8SsYq2cG4cdOdzpPZcTuSGp_ydbTmdxAltFXktY2mhgwfZqve2vLLw==
expires: Thu, 23 Mar 2023 15:55:42 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.230/ Frame B83E 295 KB
93 KB 52ms
25ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.230/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13df007910fae34722fcb2e57d9dd11d41ae4cd072a35f914f4dbb27016576b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
via: 1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1638790
x-amz-server-side-encryption: AES256
cf-ray: 6f085a56eff5ca53-YUL
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Mar 2022 21:13:59 GMT
server: cloudflare
etag: W/"c56a430aaf0486911a8053cea34601fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54H9j3SKOsu7%2BdU8KfR4DDOe5uuuAls3l3TT8vHISSoRIRXs79z810tmL4Cdur02aTgWLkLDzfNdqdNTg0MH4mwBBFN%2Be4S8UVm4VZR4d81%2FIbuiTNeRyFWdjGJkPjUnPxJZ%2BcILK6w1f0AYEB5sfj5uSXA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 5VobiXfENFP0XzdtTrqztwj2.ZK8U_Ot
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ORD52-C2
content-type: application/javascript
x-amz-cf-id: 2yItbWqYiUMtkU-6vwWICBubsn87-Jp2UQbHdK4UJQ4Jqtt1QYgJhQ==
expires: Thu, 23 Mar 2023 15:55:42 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12244/bundles/ Frame B83E 504 KB
147 KB 54ms
28ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12244/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f29fd43bca68198a7b5c40f904576b5ff2a55acf91c705ac735736eca04cd51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
via: 1.1 69ee5c85b205257767e8ccfbec049a06.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 513597
x-amz-server-side-encryption: AES256
cf-ray: 6f085a56eff8ca53-YUL
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 16:51:45 GMT
server: cloudflare
etag: W/"527190a1ecc51f86761a445ddb39d242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOVnVcj%2Byo1DUuzi7ugwYZLERsAjmMxLgk0ckqEPv%2F0L%2B7aqzmb%2Fo7fjSdPt4G950GGJ8EKJdkbnAjdZFR9Xqgb4gvGafWrpAXPz12mBvG6zW2KIbsUaag7akBW21cZXfdeUtzXsvzy1FHd4c5%2FXxus7ma8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: t03bg1So3pWVnMS4_rs5UpK44cIWeGWW
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: YTO50-C3
content-type: application/javascript
x-amz-cf-id: B1ugRAgDEVZcKOmQwHg_TEJQJ21SzEQuC7gqMKmuRSJnIpjDdJdBYg==
expires: Thu, 23 Mar 2023 15:55:42 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12229/ Frame B83E 776 B
1 KB 39ms
23ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12229/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12244/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11841d7704ca0ff7553f1753fbe62c6e2da0cc8c313cc479d20bb01311134695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1118135
x-amz-server-side-encryption: AES256
cf-ray: 6f085a57faf87157-YUL
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Mar 2022 18:45:13 GMT
server: cloudflare
etag: W/"0dd23ae65090f7df8b16504ef1c68366"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOaDEzfDGRPdbk%2BUbwKHhlnYlnQkLjRPlk3rG8F2N6eGlxnXZTMvlAcsDW3iWhExWWb%2Bu3Vy7unVfyeHjOGbe3mmOjmtpbCFjlWZPjFO7Qg9quIjQKgfhuoQSYGEsptwGHDBJ8%2FGKhya85GUBQ0Z5ZxjRP8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: CbHX0TLq2cpENhYCYeoyQW_y7rDqAnHX
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript
x-amz-cf-id: XXtA4RlQF1DdbJMGiYoCaHM6rCrtIQFfLSUSPD2i5GIK1c9AATGYQg==
expires: Thu, 23 Mar 2023 15:55:42 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
510 B 61ms
60ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=7692313&rcu=https%3A%2F%2Fbundlebenefits.com%2F&pu=https%3A%2F%2Fbundlebenefits.com%2F&t=All-Encompassing+Employee+Benefits+-+Bundle&cts=1648050942772&vi=14b32ae6a180a5377c98712b67db8f8e&nc=true&u=170935615.14b32ae6a180a5377c98712b67db8f8e.1648050942767.1648050942767.1648050942767.1&b=170935615.1.1648050942767&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 585d57da-25cd-4108-b2d8-d9a5c8091feb
cf-ray: 6f085a586e127138-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek2NncoNXoCPvJphmcJG%2BDRQyiOXeujIP6EKVnjge3d3XC256Ius6rx2HPZqtmETdJspthvfavSSAfOgqCOd5CzqIKZWtzegZqFQTrkMgZxrez%2FV3YQ78ZLKh26oN2c1ND57Wzewn5kJ6fm40SNH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
DATA 200
OK truncated
/ 217 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53aa1467ec78daa400f575ccda7ff8dc93a3801de62a7e4cf04352b9c97261e1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 217 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b52b96d76602d6f103fabd238855106a6fef0f54096484edd5a7f4ebf12d7e2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shutterstock_1760084756-medium_2021-06-15-124337.jpg
bundlebenefits.com/assets/uploads/general/_1250x900_crop_center-center_none/ 197 KB
197 KB 85ms
85ms Image
image/jpeg 188.166.146.181
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bundlebenefits.com/assets/uploads/general/_1250x900_crop_center-center_none/shutterstock_1760084756-medium_2021-06-15-124337.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.146.181 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 553566.cloudwaysapps.com
Software: nginx /
Resource Hash: 8dfc0f2b6cd4d436117f12a5f5628df18cf0f3c43784159bf07b0d6c0b1766be

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:42 GMT
last-modified: Fri, 17 Sep 2021 17:58:58 GMT
server: nginx
etag: "6144d762-312d5"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 201429

GET
H2

200

0db20c544621b2588422f19fdf8db468-100
avatars.hubspot.net/ Frame B83E
Redirect Chain

https://api-na1.hubspot.com/userpreferences/v1/avatar/0db20c544621b2588422f19fdf8db468/100
https://avatars.hubspot.net/0db20c544621b2588422f19fdf8db468-100

12 KB
12 KB

48ms
20ms

Image
image/webp

2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/0db20c544621b2588422f19fdf8db468-100
Protocol: H2
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c485c0d6cf2ba9ea48457d6b98b0f57c2c6d8daa4eba0470269ce6cbea37e54b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 170
x-amz-server-side-encryption: AES256
cf-ray: 6f085a59fb047144-YUL
content-length: 11836
x-amz-id-2: 7LTeMkLWJQd5MKRt+ckIKUl3OsIn+3n9K4Skojp5SQAKNfzYSaaKnU/tN7hrNk204t82eKZBD2o=
last-modified: Wed, 06 Oct 2021 20:50:32 GMT
server: cloudflare
etag: "c899aa19fd22f1a4cc4e644c3b574bb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyxET4OKqERia1ZH7k8Dz3oWdNpx8tB9CIyy%2F86DEN5rzhiUMopIfSAo%2Ba2btcmIc2HPI7ozn2I0%2B8zT7mjfXn7jLRRgM%2B7qRgEQz%2B6t4TcsTLmc0RChYuhVpfhyTWyykcStzeBB82m2xqgWVBDUGJI%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 1RA1H17HY2JMW388
cache-control: max-age=0
cf-polished: origFmt=png, origSize=28043
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 23 Mar 2022 15:55:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: 8b80dc0f-d4d3-46a1-993b-3cabdb2212f3
x-trace: 2BD477A5300E28F530C7260621E38B0AE7B9B34951000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0lHPU0a8sSlV0hY9bAwjYo42nuJPdiicQPTzqmVt%2FnnJthWywlPd7e1BTpN7rN9VHerLEr%2FvrbAg3gXrOVUa5Ku%2FdACwJhMTmomjtQ1fFDasLvPdqyycm%2FlBqhyko%2FkvIn3qXy7d32Q28E2LDdbLg8%3D"}],"group":"cf-nel","max_age":604800}
location: https://avatars.hubspot.net/0db20c544621b2588422f19fdf8db468-100
access-control-allow-credentials: false
cf-ray: 6f085a597f747138-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

c045b414c4a32b96b909586216c439c1-100
avatars.hubspot.net/ Frame B83E
Redirect Chain

https://api-na1.hubspot.com/userpreferences/v1/avatar/c045b414c4a32b96b909586216c439c1/100
https://avatars.hubspot.net/c045b414c4a32b96b909586216c439c1-100

14 KB
15 KB

47ms
19ms

Image
image/webp

2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/c045b414c4a32b96b909586216c439c1-100
Protocol: H2
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e43277913870587d9d3b7179a2dc8f303aa42346b15ccef376421f6e33c5e1ab

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 170
x-amz-server-side-encryption: AES256
cf-ray: 6f085a59fb037144-YUL
content-length: 14294
x-amz-id-2: Q9QE10n9r89A1AjgQGUhegNzmJLhX5CqzBgH9l9ZVRa/URmKjCyb+jPScQW9zn4GB72ZWBGYZ1A=
last-modified: Mon, 01 Nov 2021 23:01:45 GMT
server: cloudflare
etag: "c946280ab6c51f7f2d836503fa608eec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TfGYP0GZeINHBh2lqoZucC1Scdmu4A1Mh1M3LJ7P1WVnivY9Fk2ju%2Fm%2BjkU9J7GEX7EbYq3OHObVPAP1I2DLt61AE%2F25oTNGQXA4brULHB80zUB%2BrZoJUPkjAOrXGfxQScV1NZEBqIGyIFXWLO84%2BU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 1RA1DMR5RGJJSF6K
cache-control: max-age=0
cf-polished: origFmt=png, origSize=27142
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 23 Mar 2022 15:55:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: e331de46-9e21-4ca2-9f53-af20fb1345b2
x-trace: 2B62F0741FA9FBA4CB070FF87EA1CBD2398134BE7C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRB5FIH7Nc70jJMZ%2BmkofzsxxwiIfUtJ8HQg9Sc3C6%2FBFGoNDIPjWSm5CApnVjgz9HRd11mfbrfNWNlPtLNsllx7Fb0oGG3r4Wbi%2BYk4UqN99%2BzI4zPqHrSb3lhxTLBPwLit3truvPKjONAdYJtfXDo%3D"}],"group":"cf-nel","max_age":604800}
location: https://avatars.hubspot.net/c045b414c4a32b96b909586216c439c1-100
access-control-allow-credentials: false
cf-ray: 6f085a597f757138-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

d163400e51d21a8791173863bace7ad3-100
avatars.hubspot.net/ Frame B83E
Redirect Chain

https://api-na1.hubspot.com/userpreferences/v1/avatar/d163400e51d21a8791173863bace7ad3/100
https://avatars.hubspot.net/d163400e51d21a8791173863bace7ad3-100

16 KB
17 KB

39ms
21ms

Image
image/webp

2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/d163400e51d21a8791173863bace7ad3-100
Protocol: H2
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d33d56d96415500aeb2b0d987006891dfae8d3081ab4cd004a57d9eecc317106

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 170
x-amz-server-side-encryption: AES256
cf-ray: 6f085a59fb067144-YUL
content-length: 16626
x-amz-id-2: oVnt8LUDRoS+t5p253wBCXsvIQezRDfD9TMya6Ab/WZAIawKDRYUZei7i5HVUjuWSTreEDSl6kM=
last-modified: Mon, 14 Feb 2022 14:07:33 GMT
server: cloudflare
etag: "6f23e5032dd70d29cbfdee12027316fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fqy1MttR1oJaHXyiMC%2BOBqJKSW3OjENt0L7p%2Fp%2F0FiYR1QECBwUVorZjBboInfzKmVHm%2FB%2F86T2DwpTy3ujiJl4iRKxVU27W9VTTFg9N9TUx%2B90ZSC7u8s4NtLFV%2Fw4n%2F8au1RzHM5mNolUTZDDxL8U%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: VAETCK3Z1G7DA5X9
cache-control: max-age=0
cf-polished: origFmt=png, origSize=23144
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 23 Mar 2022 15:55:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: cda6abc8-57b5-4285-b52c-aed68e0ee074
x-trace: 2B96D1D3CE39CBE6892571C549757BCE550EC92B6B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybyU3oZcqKpfWJdMsh%2Bmzn%2F4bV%2B%2BBvFG9m4RiESIKp0ajQDzoTTpNxM3ajywHu26H7JzzcdVZnTQoFT5LjEIh8EDhnAHPWzV3ThL8WKcXrYReAKFshj9pcR1Kdg6y2Bn1yb7GHFobEp8CLbsflgFHZw%3D"}],"group":"cf-nel","max_age":604800}
location: https://avatars.hubspot.net/d163400e51d21a8791173863bace7ad3-100
access-control-allow-credentials: false
cf-ray: 6f085a597f737138-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 rhumb
api.hubspot.com/cartographer/v1/ Frame B83E 0
1 KB 84ms
71ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12244

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12244/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 23 Mar 2022 15:55:43 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f1ef6b12-aec0-430c-b095-f3b1e4c3cc28
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSG7vT87POA3r0URYw626xHJOYpvNYsPzTSfYLSqq%2BS%2FzpuFUabmcJAIk7TsGLRsO9a13zTR3EqmMWWuSsTUtoSWhylNKGKcb7t6g2km2qzmtjOaqDPN8QPF%2FjavjWpSO921KaKYqgV3HXpYwA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 6f085a599bb6ca57-YUL
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 94ms
94ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=7692313&utk=14b32ae6a180a5377c98712b67db8f8e&__hstc=170935615.14b32ae6a180a5377c98712b67db8f8e.1648050942767.1648050942767.1648050942767.1&__hssc=170935615.1.1648050942767&currentUrl=https%3A%2F%2Fbundlebenefits.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c210a3f8165b34e6fce21678625c6fc9247e614d770af122768d2937b0f8ae77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bundlebenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:55:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fe2edd6e-4101-4c55-a7e6-39a50a47c3d3
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPt9rkiL1C%2FjoREyFJPPcREak%2F8M61b5T9mhWnkXArZGLKzE9XTqawLLAZmmzsgSmb64sxn2kRQG3ffEO0IpLhS3BrCkF2REwRji%2BRGsxHXCuBv9vg5OLevMY8rHQs2n%2FIbA85XIdy5bHSD5DbBL"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bundlebenefits.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6f085a59ab9a713f-YUL
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.sidekickopen07.com/	1970-01-20 10:33:06	Name: _hetc Value: f1f2a145-c867-4870-841c-f3f2286c1227\|1648050940652\|ACOD57cwLAIUYlHPRX1QUjWpoyKWLX/XGZwBjbICFGlRqoo9y+ZNFSR/kg387JIYTjZ5
bundlebenefits.com/	1969-12-31 23:59:59	Name: CRAFT_CSRF_TOKEN Value: 1ecb11e4f1d2a2625f5e1c4eecb31dde3533e6cd316291f43d46e9f6d7daf3b8a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22_xH0PKH7zLOprGWyGwnyk9-QRtMC2krILvRcUoVt%22%3B%7D
.bundlebenefits.com/	1970-01-20 19:18:42	Name: mcfxCookiesVersion Value: 2
.bundlebenefits.com/	1970-01-20 01:57:35	Name: fx_referrer Value:
.bundlebenefits.com/	1969-12-31 23:59:59	Name: fx_document_title Value: All-Encompassing%2520Employee%2520Benefits%2520-%2520Bundle
.bundlebenefits.com/	1970-01-20 19:18:42	Name: fx_uuid Value: 31654474-b34e-4a15-8782-dc0b2f1da29d
.bundlebenefits.com/	1970-01-20 01:47:31	Name: mcfxVSID Value: f0aad90d-ceed-43ee-b514-c344ded4233c
.linkedin.com/	1970-01-20 03:57:06	Name: li_sugr Value: a5d245ad-b46e-415a-9fce-d74d5ab685c7
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:19:24	Name: bcookie Value: "v=2&754f9806-1bf8-470e-83bf-54a6f728a148"
.linkedin.com/	1970-01-20 01:48:57	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2715:u=1:x=1:i=1648050942:t=1648137342:v=2:sig=AQGdppHbKnjFFjZ8zB3GYGd006x59Niy"
.bundlebenefits.com/	1970-01-20 19:18:42	Name: _ga Value: GA1.2.517390704.1648050942
.bundlebenefits.com/	1970-01-20 01:48:57	Name: _gid Value: GA1.2.1940091705.1648050942
.bundlebenefits.com/	1970-01-20 01:47:31	Name: _gat_UA-196056152-1 Value: 1
.bundlebenefits.com/	1970-01-20 19:18:42	Name: fx_count Value: 2
.linkedin.com/	1970-01-20 02:30:42	Name: UserMatchHistory Value: AQLb7kWjNqrCtgAAAX-3fbC-i6HbJXXdi0K37AthmKio_GYw_FHpQGmZuj85X5HRHXY9AxCUk55F6g
.linkedin.com/	1970-01-20 02:30:42	Name: AnalyticsSyncHistory Value: AQI-j2yYu5dAEQAAAX-3fbC-vZYLEK8NWrYT_pF84YZWs6pGFhYgC1czaNOFS458TjqII6-WUcbzQ5d0IiMqCw
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 19:19:24	Name: bscookie Value: "v=1&20220323155542bc9b7e33-4f89-4d60-8e06-f8de73b14ef2AQHXWt6TIuUFUh8fLlEZENtY7agIvTkF"
.bundlebenefits.com/	1970-01-20 01:57:35	Name: fx_info Value: {%22source%22:%22direct%22%2C%22medium%22:%22direct%22%2C%22term%22:null%2C%22content%22:null%2C%22campaign%22:null%2C%22segment%22:null%2C%22referrer%22:%22%22%2C%22pageUrl%22:%22https://bundlebenefits.com/%22%2C%22fx_matchtype%22:null%2C%22fx_network%22:null%2C%22fx_creative%22:null%2C%22fx_keyword%22:null%2C%22fx_placement%22:null%2C%22fx_aceid%22:null%2C%22fx_adposition%22:null%2C%22utm_source%22:null%2C%22utm_medium%22:null%2C%22utm_segment%22:null%2C%22utm_campaign%22:null%2C%22utm_term%22:null%2C%22gclid%22:null%2C%22gbraid%22:null%2C%22wbraid%22:null%2C%22msclkid%22:null%2C%22adClickId%22:null%2C%22ip%22:%22149.56.153.185%22%2C%22location%22:{%22country%22:%22CA%22%2C%22region%22:%22?%22%2C%22city%22:%22?%22%2C%22cityLatLong%22:[%220.000000%22%2C%220.000000%22]%2C%22userIP%22:%22149.56.153.185%22}%2C%22landingPage%22:%22/%22}
.hubspot.com/	1970-01-20 01:47:32	Name: __cf_bm Value: KQ2BspzF9CLwXJLkHkFy4JGUZyBt2JpoP0RalGX3nCA-1648050942-0-AQIp+Sg9RLZlZFSn4Fl2caemHbuSw97Aai0681Q8i3bXZqbFDn9kzi3OhNb+D6XeYgD2c5RMFQAcpeN1ZdIXaDc=
.adsymptotic.com/	1970-01-20 03:57:06	Name: U Value: 292849f100f8083bf086f9f35d7488e2
.bundlebenefits.com/	1970-01-20 06:06:42	Name: __hstc Value: 170935615.14b32ae6a180a5377c98712b67db8f8e.1648050942767.1648050942767.1648050942767.1
.bundlebenefits.com/	1970-01-20 06:06:42	Name: hubspotutk Value: 14b32ae6a180a5377c98712b67db8f8e
.bundlebenefits.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.bundlebenefits.com/	1970-01-20 01:47:32	Name: __hssc Value: 170935615.1.1648050942767
.bundlebenefits.com/	1970-01-20 06:06:42	Name: messagesUtk Value: cb3373ac4fb14131a289583e0b803d0e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-na1.hubspot.com
api.hubspot.com
app.hubspot.com
avatars.hubspot.net
bundlebenefits.com
cdn.leadmanagerfx.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
p.adsymptotic.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.hsappstatic.net
stats.g.doubleclick.net
t.leadmanagerfx.com
t.marketingcloudfx.com
t.sidekickopen07.com
track.hubspot.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
104.18.99.194
13.107.42.14
13.33.60.106
130.211.30.48
188.166.146.181
2600:141b:13::17d7:82d0
2606:4700::6811:46b0
2606:4700::6811:7fab
2606:4700::6811:8d2
2606:4700::6811:d6cc
2606:4700::6811:e8cc
2606:4700::6811:eecc
2606:4700::6811:f1cc
2606:4700::6812:15bf
2606:4700::6812:260
2606:4700::6813:9a53
2606:4700::6813:9b53
2607:f8b0:4004:c06::9d
2607:f8b0:4006:809::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2003
2607:f8b0:4006:81d::2004
2607:f8b0:4006:820::200e
2620:1ec:21::14
34.117.117.251
0962f9e62973ed95f8cda46d6a40e2a3f952574b2c21fc9b20ab00b2c41ff866
0e61e1047f96659ace541c3095fcc3c536f28547e9030470c264e991851b3c5b
11841d7704ca0ff7553f1753fbe62c6e2da0cc8c313cc479d20bb01311134695
13df007910fae34722fcb2e57d9dd11d41ae4cd072a35f914f4dbb27016576b1
2f9522ce01c768c76cdaa23b8a599c4b694f78bd3773e301e0c9a478616a4d6c
3d7bf66dc52ed4446fa33d4055b012073cba9c8539176ec2c9bd81d135b143f0
53aa1467ec78daa400f575ccda7ff8dc93a3801de62a7e4cf04352b9c97261e1
564b3736005b2da08357d18e9554a32992e82f249f1083ad04ee941849844f9e
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
6200a06f2308c17b1180420c86bafc67c9ad3ae77091789e39e95f34bef3994f
6841f3419824448c72b973325b934c6e6ebb503561e7a58a5ccc4cd7007f530c
690ed8a5ac7e5ae85167a09debd832a8287629923a419a62106a21e230e0d252
69cc44e4d91e2aa99a1cd1e19f389d4318f6245bd3216dffddc8e7b7a6b3fb89
6f580b18bf563a72b3a12a1105688dc8e4372461475faa99fe9018aa0812ea39
6f7c3e771724ad02286d6e697e75fa7cd7b8f84f71df19258d7da5a0c9a52ad1
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
78d147e445a39009ea83035d69267d7e81d52b8d6655090c42b0c7c9da037995
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89f0f0e765d8fe642b2163a3ab5e21bf74617fab00fc01127553b7d0379af256
8b52b96d76602d6f103fabd238855106a6fef0f54096484edd5a7f4ebf12d7e2
8dfc0f2b6cd4d436117f12a5f5628df18cf0f3c43784159bf07b0d6c0b1766be
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9258117837d1b67229047ecea55158fb77a97d1bff2fe9aed4fc3f498200b179
929902d8630541f56bea65f15141b10f6f1680f19cdd8834bf5ad02dce641e2f
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7564e0e4638da917bfda717eadedc8293b5f7304817dcadea36a9f1a8f70da1
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e
ab59f00b835acf5c74b70035090c902f4007fa2b7a49056786624debe50bdf9e
b87ac4b900cf045e79b26c440091c5f7649d2eb7b1e315b7bda73d16e708c40f
bcfff99c3f1d52da087fbb69b091bebda359acdc87cc48c1121f7cd6b6cc5eaf
c210a3f8165b34e6fce21678625c6fc9247e614d770af122768d2937b0f8ae77
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c485c0d6cf2ba9ea48457d6b98b0f57c2c6d8daa4eba0470269ce6cbea37e54b
c9fd3f5dec6c3a8864a0a9100ab0f2405304932539eaab3f78f73b8512be5ac0
cb561cd233f45d1673411866767ddb162ee40503bc71195ef8f186ec41f97fa6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33d56d96415500aeb2b0d987006891dfae8d3081ab4cd004a57d9eecc317106
d65f5376c47878eac4dafdc277c98becc0577d96e23096fb34dfb7c4e9a93c3c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43277913870587d9d3b7179a2dc8f303aa42346b15ccef376421f6e33c5e1ab
ea65ec80654b57bab1e6fc3f70d202e2c413f04b57d2fc6284b314f2b93293c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29fd43bca68198a7b5c40f904576b5ff2a55acf91c705ac735736eca04cd51c
f4c9335f07012722924c8faa20ea357b817281c521366bdcfa82fc1b37f33fb6
f6d4d2bc529ae54543db99aeb2e4d063dc5f6cd4c0ae4a405e02fc91d2c9d143
fc7ee12def883bec3ede0f9bfac151bc6974423aca58b4ecf494a1d90b615f39

bundlebenefits.com Open in urlscan Pro 188.166.146.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

92 %HTTPS

77 %IPv6

23 Domains

30 Subdomains

24 IPs

3 Countries

1895 kBTransfer

4769 kBSize

27 Cookies

15 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

bundlebenefits.com Open in urlscan Pro
188.166.146.181 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

92 %
HTTPS

77 %
IPv6

23
Domains

30
Subdomains

24
IPs

3
Countries

1895 kB
Transfer

4769 kB
Size

27
Cookies

51 HTTP transactions
3 data transactions