mhp.benefits.me Open in urlscan Pro
3.70.81.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mhp.benefits.me/ntracking/Y2xpY2stNDc4Ny0yMjA3MjM4LTUwMDcz
Effective URL:
https://mhp.benefits.me/login?next=/offer/31381
Submission: On April 29 via manual (April 29th 2024, 1:09:31 pm UTC) from RO — Scanned from DE

Summary HTTP 46 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 46 HTTP transactions. The main IP is 3.70.81.64, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is mhp.benefits.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 4th 2024. Valid for: a year.

This is the only time mhp.benefits.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 30	3.70.81.64 3.70.81.64	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	143.204.102.158 143.204.102.158	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8d11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4c8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	10

30 3.70.81.64 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com

mhp.benefits.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.102.158 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-102-158.fra50.r.cloudfront.net

d9pkkqscj1pvg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4c8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	benefits.me 2 redirects mhp.benefits.me	677 KB
7	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4170 api.hubspot.com — Cisco Umbrella Rank: 4845 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4116 track.hubspot.com — Cisco Umbrella Rank: 2416 forms.hubspot.com — Cisco Umbrella Rank: 5487 app.hubspot.com — Cisco Umbrella Rank: 5595	30 KB
4	cloudfront.net d9pkkqscj1pvg.cloudfront.net	40 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2206	17 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 4475	925 B
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4787	25 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5216	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2216	21 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2505	1 KB
46	9

	Domain	Requested by
30	mhp.benefits.me	2 redirects mhp.benefits.me
4	d9pkkqscj1pvg.cloudfront.net	mhp.benefits.me
2	api.hubspot.com	js.usemessages.com
2	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
1	app.hubspot.com	js.usemessages.com
1	perf-na1.hsforms.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-scripts.com	mhp.benefits.me
46	14

This site contains links to these domains. Also see Links.

Domain
company.benefits.me
benefitsme.workwise.io
blog.benefits.me
press.benefits.me
discover.benefits.me
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
*.benefits.me Amazon RSA 2048 M03	`2024-02-04` - `2025-03-05`	a year	crt.sh
hs-scripts.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
hsleadflows.net E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
usemessages.com E1	`2024-04-12` - `2024-07-11`	3 months	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://mhp.benefits.me/login?next=/offer/31381
Frame ID: DCEA3433D663ACC64D2E64297162A730
Requests: 44 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/14494208/threads/utk/61497f61a39c426c9fc940eb53926014?uuid=af6072b5eff44f5b92f15d755313fe97&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=mhp.benefits.me&inApp53=false&messagesUtk=61497f61a39c426c9fc940eb53926014&url=https%3A%2F%2Fmhp.benefits.me%2Flogin%3Fnext%3D%2Foffer%2F31381&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 3534D04EC0F7C4F5DEA1862D60619E55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exklusive Vergünstigungen für MHP-Mitarbeiter:innen

Page URL History Show full URLs

https://mhp.benefits.me/ntracking/Y2xpY2stNDc4Ny0yMjA3MjM4LTUwMDcz HTTP 302
https://mhp.benefits.me/offer/31381 HTTP 302
https://mhp.benefits.me/login?next=/offer/31381 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

14
Subdomains

10
IPs

3
Countries

900 kB
Transfer

3968 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://company.benefits.me/
Title: Über uns

Search URL Search Domain Scan URL

URL: https://company.benefits.me/team
Title: Team

Search URL Search Domain Scan URL

URL: https://benefitsme.workwise.io/
Title: Karriere

Search URL Search Domain Scan URL

URL: https://blog.benefits.me/
Title: Blog

Search URL Search Domain Scan URL

URL: https://press.benefits.me/
Title: Presse

Search URL Search Domain Scan URL

URL: https://discover.benefits.me/podcast
Title: Podcast

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/benefits-me

Search URL Search Domain Scan URL

URL: https://www.instagram.com/benefits.me_de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mhp.benefits.me/ntracking/Y2xpY2stNDc4Ny0yMjA3MjM4LTUwMDcz HTTP 302
https://mhp.benefits.me/offer/31381 HTTP 302
https://mhp.benefits.me/login?next=/offer/31381 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
mhp.benefits.me/
Redirect Chain

https://mhp.benefits.me/ntracking/Y2xpY2stNDc4Ny0yMjA3MjM4LTUwMDcz
https://mhp.benefits.me/offer/31381
https://mhp.benefits.me/login?next=/offer/31381

31 KB
8 KB

238ms
237ms

Document
text/html

3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: d1ffe57c37ef9b45b5126e6db4d8e887f57a67207bf4a573c2b2b4c39214394e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 7320
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 13:09:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 4408
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 13:09:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /login?next=/offer/31381
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
vary: Accept-Encoding

GET
H2 200 identity.min.1714125160.php
mhp.benefits.me/css/ 232 KB
42 KB 73ms
72ms Stylesheet
text/css 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/css/identity.min.1714125160.php?id=694
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: f734197701470b86c0062970828d26a17e3366ee3999dfc6cdca97500de2fbaf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate
content-length: 42965
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery-1.9.1.js Show response
mhp.benefits.me/js/ 91 KB
32 KB 44ms
43ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/jquery-1.9.1.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: cf37577f042dedba5b50fc8c34b35bb70f002aa3be855a11636fe93088c196ad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "16a6e-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32808

GET
H2 200 identity_bootstrap.js Show response
mhp.benefits.me/js/ 36 KB
10 KB 43ms
42ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/identity_bootstrap.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 17e0f4fa34c7aa213bd386e1adc788b83be18d59d5afc9b89fdfb2a881b4dfc8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "8f18-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9554

GET
H2 200 general_functions.min.1714125160.js Show response
mhp.benefits.me/js/ 38 KB
6 KB 25ms
24ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/general_functions.min.1714125160.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 77b3b42e0ddeb5b825874ff635d3d6f626fdff24475d0133c146c4104d849c9e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "9887-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 6151

GET
H2 200 jquery.placeholder.label.js Show response
mhp.benefits.me/js/ 5 KB
1 KB 23ms
22ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/jquery.placeholder.label.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 8f8e5165ea429bb2411876ea6c57a0cf3985e84782e91ad252d832c688ac990a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "1489-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1095

GET
H2 200 js.cookie.min.js Show response
mhp.benefits.me/js/ 2 KB
1 KB 24ms
23ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/js.cookie.min.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "691-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 823

GET
H2 200 14494208.js Show response
js.hs-scripts.com/ 2 KB
1 KB 93ms
43ms Script
application/javascript 2606:4700::6810:8cd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/14494208.js

Requested by

Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d114e70206dd8ee6598f5d83202b012b06331afbf9688a28cc733ee47f8927cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: a33afe04-700c-4408-86a6-4ae95fb34213
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2482
age: 43
x-envoy-upstream-service-time: 60
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a33afe04-700c-4408-86a6-4ae95fb34213
cf-bgj: minify
last-modified: Mon, 29 Apr 2024 13:08:44 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://muenchen.benefits.me
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-v52ph
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 87bf86cc4e373834-FRA
expires: Mon, 29 Apr 2024 13:10:57 GMT

GET
H2 200 event31381-img1.jpg
d9pkkqscj1pvg.cloudfront.net/img/events/medium/ 7 KB
7 KB 86ms
24ms Image
image/jpeg 143.204.102.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9pkkqscj1pvg.cloudfront.net/img/events/medium/event31381-img1.jpg?u=1713511023
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.102.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-102-158.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1569b45270382948638a16deff434f9dcf60d124bb72cca850b82fc604990c57

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:00:55 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified: Fri, 19 Apr 2024 07:17:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 512
x-amz-server-side-encryption: AES256
etag: "8d022d3229dc6af11ef7b754a240c1d6"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7198
x-amz-cf-id: PEJkoODobsj6sMjYlFYY_iw_oQs3RgGDvad1oAMDYtwJGIxaVUq4Qg==

GET
H2 200 event31381-img1.jpg
d9pkkqscj1pvg.cloudfront.net/img/events/large/ 19 KB
19 KB 84ms
23ms Image
image/jpeg 143.204.102.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9pkkqscj1pvg.cloudfront.net/img/events/large/event31381-img1.jpg?u=1713511023
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.102.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-102-158.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3872fb9ec404d18003f9c2ae1f726c5c86bd439e38fb2b2b18352eb1c79ee8d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:40:07 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified: Fri, 19 Apr 2024 07:17:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 1760
x-amz-server-side-encryption: AES256
etag: "68717bef2aef0eb9a3ceb3f985b8e577"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 19156
x-amz-cf-id: FHP3N7llipYdltqNvONH7IbQUQIdjk2E3K-Fh1hr8SqJ_LzQZT3_-Q==

GET
H2 200 logo_MHP.jpg
d9pkkqscj1pvg.cloudfront.net/img/companies/ 7 KB
7 KB 24ms
22ms Image
image/jpeg 143.204.102.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9pkkqscj1pvg.cloudfront.net/img/companies/logo_MHP.jpg
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.102.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-102-158.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1248b3b19a4e20e84b2988981ef83aa99d9f04d0512d42a3881b12917eca8512

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:02:25 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified: Fri, 30 Oct 2015 11:09:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 423
etag: "f38d21c07295cc023450e7840a6840ac"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7330
x-amz-cf-id: qjv-SP2t2cAExfSzl5Bl7mrbE0pOH5OO6ASoeHF1qCooi25Ooo8qWA==

GET
H2 200 germany.png
mhp.benefits.me/css/images/flags/ 433 B
721 B 31ms
30ms Image
image/png 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mhp.benefits.me/css/images/flags/germany.png
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 107881e747019f235d21c5e08b26db8b6caaaf910c38f5d6717e1deee185193b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "1b1-616fcdd432a00"
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 433

GET
H2 200 united-kingdom.png
mhp.benefits.me/css/images/flags/ 366 B
654 B 34ms
33ms Image
image/png 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mhp.benefits.me/css/images/flags/united-kingdom.png
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 61266c07cefe5b8628ebe4e9643422206cdf1ba5bdabd95a75993a864823ae94

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "16e-616fcdd432a00"
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 366

GET
H2 200 logo_negativ.svg
d9pkkqscj1pvg.cloudfront.net/img/ 6 KB
6 KB 22ms
20ms Image
image/svg+xml 143.204.102.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9pkkqscj1pvg.cloudfront.net/img/logo_negativ.svg
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.102.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-102-158.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb2dff820308ca8092b8369adc4442e02adfc8f1ee6fa23378f3c3973a2e7857

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:14:57 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified: Mon, 13 Mar 2023 08:14:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 3271
x-amz-server-side-encryption: AES256
etag: "773a9c04caac7cb05803530e36a7f0e0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5844
x-amz-cf-id: pcij2BgCJY5pf1-O-od3WyT6CP6hcet4-IIFKdWA-juaE2w6ENyokw==

GET
H2 200 all.min.css
mhp.benefits.me/css/fa/ 170 KB
33 KB 33ms
31ms Stylesheet
text/css 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/css/fa/all.min.css
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 0e36d48c48ae338b5cccef7dedc545d736dff75042f4ecf272c7061a4fd92a4b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "2a63d-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: text/css
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 33348

GET
H2 200 ma_icons.css
mhp.benefits.me/css/ 4 KB
1 KB 28ms
27ms Stylesheet
text/css 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/css/ma_icons.css
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 3f5de30972f56383a9ef9d491aaf183ae0a09d5cffd1e5090be1e60d40f14f7d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "eea-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: text/css
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 919

GET
H2 200 jquery.form.js Show response
mhp.benefits.me/js/ 14 KB
6 KB 26ms
25ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/jquery.form.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 73760de900377c2aabe0234b6fe15fbd374d87c8d029629ce33450b9940f6ef0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "39fd-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5608

GET
H2 200 jquery.validate.js Show response
mhp.benefits.me/js/ 22 KB
7 KB 27ms
26ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/jquery.validate.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: d38be0aa8bdcdb3c4df9e7a224a9055a263f39be1f8e1ef217576248bcf1e5ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "560c-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 6800

GET
H2 200 registration.js Show response
mhp.benefits.me/js/ 11 KB
2 KB 29ms
28ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/registration.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 2d12a0a46eda7ebd2da24d2a568d7ce047cbf437240deffb302b0371d1e053ec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "2d4f-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2116

GET
H2 200 external_functions.js Show response
mhp.benefits.me/js/ 7 KB
2 KB 30ms
29ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/external_functions.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 74178d12c416f1d70958338fe3fe36184e36110f31fde23f9e7b925733e88562

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "1c3f-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1858

GET
H2 200 main.min.1714125160.js Show response
mhp.benefits.me/js/ 258 KB
46 KB 38ms
37ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/main.min.1714125160.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: ecd41d99163aff46cd2f10409b990c48eb7171469abad0f64d1505c002907c13

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "407ff-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 46487

GET
H2 200 cookie_settings.1714125160.js Show response
mhp.benefits.me/js/ 4 KB
2 KB 24ms
23ms Script
application/javascript 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/js/cookie_settings.1714125160.js
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/login?next=/offer/31381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 6f3e9d9a5e11e5334fe264ed48c55481203caee3f7fc1d89aac0c99368f99c56

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "11d3-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1586

GET
H2 200 languages.xml Show response
mhp.benefits.me/include/ 350 KB
73 KB 45ms
45ms XHR
text/xml 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/include/languages.xml
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/js/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 2c009c88078232cf30a2a1d709f7b3051eaa3a40d74158fde01404cd4abd48d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://mhp.benefits.me/login?next=/offer/31381
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "57660-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
accept-ranges: bytes

GET
H2 200 fa-regular-400.woff2
mhp.benefits.me/css/webfonts/ 170 KB
171 KB 23ms
22ms Font
application/octet-stream 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/css/webfonts/fa-regular-400.woff2
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/css/fa/all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/css/fa/all.min.css
Origin: https://mhp.benefits.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "2a918-616fcdd432a00"
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 174360

GET
H2 200 fa-solid-900.woff2
mhp.benefits.me/css/webfonts/ 138 KB
139 KB 25ms
25ms Font
application/octet-stream 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/css/webfonts/fa-solid-900.woff2
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/css/fa/all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/css/fa/all.min.css
Origin: https://mhp.benefits.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "22920-616fcdd432a00"
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 141600

GET
H2 200 fa-brands-400.woff2
mhp.benefits.me/css/webfonts/ 75 KB
75 KB 44ms
44ms Font
application/octet-stream 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/css/webfonts/fa-brands-400.woff2
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/css/fa/all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/css/fa/all.min.css
Origin: https://mhp.benefits.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "12b5c-616fcdd432a00"
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 76636

GET
H2 200 languages.xml Show response
mhp.benefits.me/include/ 350 KB
0 0ms
0ms XHR
text/xml 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/include/languages.xml
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/js/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 2c009c88078232cf30a2a1d709f7b3051eaa3a40d74158fde01404cd4abd48d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://mhp.benefits.me/login?next=/offer/31381
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "57660-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
accept-ranges: bytes

GET
H2 200 ma_icons.ttf
mhp.benefits.me/fonts/ 15 KB
15 KB 22ms
22ms Font
application/font-sfnt 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/fonts/ma_icons.ttf?4lqe96
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/css/ma_icons.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 8d8ccb7fea4efbb18db326c27699216b94fa4e5cdd3dea16e9a5bf84dda2f5a2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/css/ma_icons.css
Origin: https://mhp.benefits.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "3c04-616fcdd432a00"
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/font-sfnt
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15364

GET
H2 200 languages.xml Show response
mhp.benefits.me/include/ 350 KB
0 0ms
0ms XHR
text/xml 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/include/languages.xml
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/js/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 2c009c88078232cf30a2a1d709f7b3051eaa3a40d74158fde01404cd4abd48d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://mhp.benefits.me/login?next=/offer/31381
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "57660-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
accept-ranges: bytes

GET
H2 200 languages.xml Show response
mhp.benefits.me/include/ 350 KB
0 0ms
0ms XHR
text/xml 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/include/languages.xml
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/js/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 2c009c88078232cf30a2a1d709f7b3051eaa3a40d74158fde01404cd4abd48d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://mhp.benefits.me/login?next=/offer/31381
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "57660-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
accept-ranges: bytes

GET
H2 200 languages.xml Show response
mhp.benefits.me/include/ 350 KB
0 0ms
0ms XHR
text/xml 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/include/languages.xml
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/js/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 2c009c88078232cf30a2a1d709f7b3051eaa3a40d74158fde01404cd4abd48d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://mhp.benefits.me/login?next=/offer/31381
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:26 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "57660-616fcdd432a00-gzip"
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
accept-ranges: bytes

GET
H2 200 14494208.js Show response
js.hs-banner.com/ 65 KB
17 KB 83ms
37ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/14494208.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14494208.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a0f257373e45998c58183f424b79f1e0f98c05b9fe037755fbe19e71cb80991

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
x-amz-version-id: Xh0A2evE8Nnv8bFBD3czgNzlVJfU4Pxk
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: F3B3A4VW37BWJYKZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 06acb3e8-456a-4943-b7c7-993999009143
age: 205
x-envoy-upstream-service-time: 221
x-amz-id-2: WrtPEA2WvkTiljZL54c6xw7WEUZKf1KGqRGDnRGZmm7ODdMGsZhOhD5Sxpm1ONZbU/w8zaIm23I=
x-evy-trace-listener: listener_https
x-request-id: 06acb3e8-456a-4943-b7c7-993999009143
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 29 Mar 2024 16:37:30 GMT
server: cloudflare
etag: W/"b5aa649d8066e41bae7dcc6a39294f4f"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://rhoen-klinikum.benefits.me
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6dfb9475dd-k2c5l
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 87bf86cd3cda917c-FRA
expires: Mon, 29 Apr 2024 13:11:02 GMT

GET
H2 200 14494208.js Show response
js.hs-analytics.net/analytics/1714395900000/ 67 KB
21 KB 81ms
38ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1714395900000/14494208.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14494208.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 674d8b3139b657182d5c53ee20d035633df6731cc150de1eb9c8c230976189df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HZSHV5T03KNKYCEE
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 44b1dff6-d906-4a18-b87e-30edd6a3db0d
age: 220
x-envoy-upstream-service-time: 26
x-amz-id-2: l3As6ONguPNLhFIZ/Qt16A80ACGnDq2n/bnRo7qs3R0hKm96K+R7nGQOMctB0JP03G/AVmilU8aPXQeivnOwYrOjjlVcvg6sfK3WrdgwH/g=
x-evy-trace-listener: listener_https
x-request-id: 44b1dff6-d906-4a18-b87e-30edd6a3db0d
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 24 Apr 2024 18:34:57 GMT
server: cloudflare
etag: W/"a4cd70eb53e11c4d5fba1b18fb9831d6"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-mnr7x
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 87bf86cd380403a0-FRA
expires: Mon, 29 Apr 2024 13:10:47 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 73ms
31ms Script
application/javascript 2606:4700::6812:8d11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14494208.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Origin: https://mhp.benefits.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 16501
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js&cfRay=87bdf3f02fdf8f31-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"d252299cef5b9176cf0435e72e0baeeb"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js
date: Mon, 29 Apr 2024 13:09:27 GMT
x-amz-version-id: FzXUOelq5PzvbDhLOc3Au0ThiCBuXHAc
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: de830913-e320-45a2-b5b6-d940d3d63869
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-request-id: de830913-e320-45a2-b5b6-d940d3d63869
last-modified: Wed, 03 Apr 2024 09:27:53 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-bsp24
cf-ray: 87bf86cd3fac92c3-FRA
x-amz-cf-id: DROvfZFGQk8yYWyXLAEm1D6mp1uJ5Fi-nj9K-CDYVMwFG18GpcrYaA==

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
25 KB 101ms
58ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14494208.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8903e555bd60b3e66725a7316fa1c399c1c330b6f207dfbf294e287857d526c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Origin: https://mhp.benefits.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 167
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1087/bundles/project.js&cfRay=87bf82bcffb23672-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"aca27b624bf30d36e5f4f145ae76704a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1087/bundles/project.js
date: Mon, 29 Apr 2024 13:09:27 GMT
x-amz-version-id: iqAR5gkkMAkFd.Z3L05RGWJk1d1nl__E
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: b94fbae4-d8ae-4963-a9ea-eeb827b3e4df
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-evy-trace-route-configuration: listener_https/all
x-request-id: b94fbae4-d8ae-4963-a9ea-eeb827b3e4df
last-modified: Fri, 26 Apr 2024 11:14:32 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5z5LWTBcMgxXifE%2BDM%2BKjwYWU7S3tne8d81B3Qz3gW6jc97yt8aAxTxfFOgKGqjT8LZBKiq933IlDlKTFsi0nQBf0zYo2uFQ7WtbidsdDFYUsyYWtIuwl7O%2BRKA0MJwunr1DiluiuR7T%2FW3"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-bsp24
cf-ray: 87bf86cd3dac9183-FRA
x-amz-cf-id: eA_7LyweNO8KdTl8bkYMp40ATQUCxrHSLF4D7fATFAZIxr9CKRX6vg==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
25 KB 78ms
31ms Script
application/javascript 2606:4700::6810:4c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14494208.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

156b381819247eb013bfd7ad6cd96fed291f0a1bfb55206c8e644bb42576c5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
x-amz-version-id: GvgLK8fwBknh5qjmyScH5OBLxCldU5fy
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 88
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16164/bundles/project.js&cfRay=87bf84a6792d37f6-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 180cfafe-4f3b-45f3-aa4a-90396824504a
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 5
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 180cfafe-4f3b-45f3-aa4a-90396824504a
last-modified: Thu, 25 Apr 2024 15:01:14 UTC
server: cloudflare
etag: W/"62f54fd24c76f93ed036543b6c349661"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-275zq
cf-ray: 87bf86cd386f9f40-FRA
x-amz-cf-id: wbM44Zkm1GANp5BuaM47ZXctYl8O8ffZdPzBKVGthqg2GfqO68jkaw==
x-hs-target-asset: conversations-embed/static-1.16164/bundles/project.js

GET
H2 200 check_cookie_settings.php Show response
mhp.benefits.me/ajax/ 52 B
304 B 23ms
23ms XHR
text/html 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/ajax/check_cookie_settings.php
Requested by: Host: mhp.benefits.me
URL: https://mhp.benefits.me/js/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 3afabaaa0c3052db82ef74b7e58a7fc974a049c5c340826dfa116f84ee30ddda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mhp.benefits.me/login?next=/offer/31381
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
content-length: 70
vary: Accept-Encoding
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 147ms
139ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=14494208&conversations-embed=static-1.16164&mobile=false&messagesUtk=61497f61a39c426c9fc940eb53926014&traceId=61497f61a39c426c9fc940eb53926014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://mhp.benefits.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://mhp.benefits.me
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 87bf86cd9e209183-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 29 Apr 2024 13:09:27 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nmwIsrqLWmwMwAP8a%2F4GQkn%2F4NTO92ApCSYEM5t9rIGB732%2Bi%2FjQz%2FaaRbpnohLkZJzsixSNeUUFsvPW%2BCx0OHtei3JlbelqB%2BqnyWbf%2FQNXxLzxr0Tr%2FTtz%2B2TUkv897705cU0a%2FC5PdL7wqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-htsxm
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 04cc5d28-c4f6-4953-91e9-4e9aba2617d9
x-request-id: 04cc5d28-c4f6-4953-91e9-4e9aba2617d9

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 240ms
240ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b9ed772a8187716ee35f5fb81918a159cbefd1f1deaba4ce93f842e3f69c5e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://mhp.benefits.me/login?next=/offer/31381
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4d1610ab-a7b1-430f-8ca0-0793886fb83f
x-envoy-upstream-service-time: 102
content-length: 1493
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4d1610ab-a7b1-430f-8ca0-0793886fb83f
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mhp.benefits.me
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-p4svx
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2BsPxv%2Fz9ceqEjuwcwHS%2FvycFJ4qYoweGPvbLRu8CjGGmpl3HTHal3t3dULWYLv4PcF2zdrQJ3VdngiF8basOCg5kv6Da8%2FwhKS%2FG1ZidAaMfTcxI5fcKqi5SOGWUfgjQaLSAGTDV%2BItH806OA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 87bf86ce7f389183-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ 2 B
145 B 77ms
33ms Fetch
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/14494208.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1500
cf-ray: 87bf86cddc4e910d-FRA
content-length: 2

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 433 B
1 KB 170ms
170ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=14494208&currentUrl=https%3A%2F%2Fmhp.benefits.me%2Flogin%3Fnext%3D%2Foffer%2F31381

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c45a7c8f-8117-4ca5-961d-ee0a0885f56b
content-encoding: br
x-envoy-upstream-service-time: 36
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c45a7c8f-8117-4ca5-961d-ee0a0885f56b
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mhp.benefits.me
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JGzRaFqQnlr6s20w8Zd3lNl1EkJvgvdikghelmOyNuIK9veNmylII0HiHkZGdlFNmR7Ty1QF1YAP0O4LUNEQhNPl4kkzN99vPlfU5r00zl5Ac0V1rym9%2FQDkdDEMQQA%2FzYEJjRHfgcGHnOhUd3HVlMMslAM0eYHr4v0%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 87bf86cdae3b9183-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-cq4g8

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 215ms
167ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=14494208&rcu=https%3A%2F%2Fmhp.benefits.me%2F&pu=https%3A%2F%2Fmhp.benefits.me%2Flogin%3Fnext%3D%2Foffer%2F31381&t=Exklusive+Verg%C3%BCnstigungen+f%C3%BCr+MHP-Mitarbeiter%3Ainnen&cts=1714396167304&vi=c65bf7e927a9970727ba04a3dee9039b&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 613f532e-9755-473f-bff4-58323fb2c140
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 17
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 613f532e-9755-473f-bff4-58323fb2c140
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4q10ogZrdVu0bX4NM3LdCm5NXWWmG%2Fnd6HMvWbcJ3Wexhzd%2FaSkCen5dmkNG7qAtGX83tOZPstCpGjcnLyDaSf%2F9mXphzsSvKdVnuOR7GRtNUwznTbXy68%2B39I0cZozQz7agzd8NnqQ1JeztrU0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-zcmkp
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 87bf86cdfac603b8-FRA
x-robots-tag: none

GET
H2 200 favicon-32x32.png
mhp.benefits.me/ 2 KB
2 KB 22ms
22ms Other
image/png 3.70.81.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mhp.benefits.me/favicon-32x32.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.81.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-81-64.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips /
Resource Hash: 77b3f9745d162fdd97ef3005a8183a1f3cb0f9f7e23d033445e8bb44f22106e1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/login?next=/offer/31381
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
last-modified: Fri, 26 Apr 2024 09:52:40 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips
etag: "662-616fcdd432a00"
p3p: CP="CAO PSA OUR CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1634

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
903 B 163ms
162ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=14494208&utk=c65bf7e927a9970727ba04a3dee9039b&__hstc=221334663.c65bf7e927a9970727ba04a3dee9039b.1714396167303.1714396167303.1714396167303.1&__hssc=221334663.1.1714396167303&currentUrl=https%3A%2F%2Fmhp.benefits.me%2Flogin%3Fnext%3D%2Foffer%2F31381

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1976118754d100fd34f9aac6f8a715aebc31b795390a27ab516191fac410abbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 69b2acd5-c934-42ad-9153-48096db5b239
content-encoding: br
x-envoy-upstream-service-time: 31
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 69b2acd5-c934-42ad-9153-48096db5b239
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mhp.benefits.me
x-evy-trace-virtual-host: all
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-lfb6x
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wMRzLI3lVsvRRtawhrAK%2FKgvdR4oDARQIE118hOdwqR%2BY3jwSIPfSLi%2BNGZ%2BBXfrOM%2FCJT%2FXAPlOv2%2FGdRlDwlxXfI4Bc3h3SYn5lDxOfpIRg2ZV1tWzYOUYQ%2F%2BewrdU47RkzPh34IfxYbOwS8UK"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 87bf86ce5f169183-FRA

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
925 B 163ms
135ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mhp.benefits.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 13:09:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9d0b01f4-80e2-4c13-8206-2bb2f1f0ea54
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9d0b01f4-80e2-4c13-8206-2bb2f1f0ea54
last-modified: Mon, 29 Apr 2024 13:09:27 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-5xhvl
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 87bf86ceee981ca1-FRA

GET
H2 200 61497f61a39c426c9fc940eb53926014
app.hubspot.com/conversations-visitor/14494208/threads/utk/ Frame 3534 0
0 451ms
411ms Document
text/html 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/14494208/threads/utk/61497f61a39c426c9fc940eb53926014?uuid=af6072b5eff44f5b92f15d755313fe97&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=mhp.benefits.me&inApp53=false&messagesUtk=61497f61a39c426c9fc940eb53926014&url=https%3A%2F%2Fmhp.benefits.me%2Flogin%3Fnext%3D%2Foffer%2F31381&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mhp.benefits.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
age: 3108
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 87bf86d04b1218eb-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18616/html/index.html&cfRay=87bf86d04b1218eb&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F14494208%2Fthreads%2Futk%2F61497f61a39c426c9fc940eb53926014%3Fuuid%3Daf6072b5eff44f5b92f15d755313fe97%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dmhp.benefits.me%26inApp53%3Dfalse%26messagesUtk%3D61497f61a39c426c9fc940eb53926014%26url%3Dhttps%253A%252F%252Fmhp.benefits.me%252Flogin%253Fnext%253D%252Foffer%252F31381%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fmhp.benefits.me%2F&cfenv=prod&pdt=2024-04-29&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 29 Apr 2024 13:09:28 GMT
etag: W/"fe713fbe44a0deddd2e87f2e023919eb"
last-modified: Thu, 25 Apr 2024 15:01:14 UTC
origin-trial: Aqk2Dm2ZNOeMxifFm26pJzN4DTOHc1z7UYEx7QaWtHTVqsFhooI36f0r5tbw602aKbEI4WJ0fgx7+KHwlyi4HwwAAABceyJvcmlnaW4iOiJodHRwczovL2h1YnNwb3QuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=87bf86d04b1218eb&resource=conversations-visitor-ui/static-1.18616/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-amz-cf-id: 6gR375KK1Mhq-XobTvVBvRU1AYeIgQg05T2xWo0tK2O5uId9tHbdeA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: _K5mn4P9p47gXw3WAZ5_G8OZVLZ9sXnh
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 8
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-bsp24
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.18616/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 58880041-e6ff-4f54-ac15-55897ee44f00
x-request-id: 58880041-e6ff-4f54-ac15-55897ee44f00

Verdicts & Comments Add Verdict or Comment

295 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mhp.benefits.me/offer	1969-12-31 23:59:59	Name: googtrans Value: /en/de
mhp.benefits.me/css	1969-12-31 23:59:59	Name: googtrans Value: /en/de
.benefits.me/	1970-01-20 20:23:20	Name: _nl Value: NDc4Nw%3D%3D
mhp.benefits.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9bga8437lqtum3rni0s4e796p1
mhp.benefits.me/	1969-12-31 23:59:59	Name: googtrans Value: /en/de
mhp.benefits.me/	1970-01-20 20:13:16	Name: _check Value: 1
.benefits.me/	1970-01-21 00:32:28	Name: __hstc Value: 221334663.c65bf7e927a9970727ba04a3dee9039b.1714396167303.1714396167303.1714396167303.1
.benefits.me/	1970-01-21 00:32:28	Name: hubspotutk Value: c65bf7e927a9970727ba04a3dee9039b
.benefits.me/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.benefits.me/	1970-01-20 20:13:17	Name: __hssc Value: 221334663.1.1714396167303
.hsforms.com/	1970-01-20 20:13:17	Name: __cf_bm Value: epFLoUg3S94OjKRsVLCnO8Phq4nZ2.AFeQT81jTje.c-1714396167-1.0.1.1-GcvR5q_tgNT1MpnvT0jpM2_c0Fp5ZdDfLRDPxqXKkZUUIHHAbi7nL4iBR26KsMvtdlk5uPuhjPkKSC1sg5stMQ
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: rPUJpJOB20Tx7PyQx9_JbQGScsYLYJkJLZ0WrUUDFX0-1714396167620-0.0.1.1-604800000
.mhp.benefits.me/	1970-01-21 00:32:28	Name: messagesUtk Value: 61497f61a39c426c9fc940eb53926014
.hubspot.com/	1970-01-20 20:13:17	Name: __cf_bm Value: eYVUSyF3JmQ8A7ZiUR1ghHEkrVOBXiEJmWycjOqdcDw-1714396168-1.0.1.1-VZ2V56jJQ2gcU2hin439jyJfgUow5KUCREJKZ4UiY5C1yTfFVM7R1nwp0pvHfhLk9qx1hgfsQdO545nv2I0.kA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 0Yfry0XCvKFWMns9PFmbeHKul8w7MIstsOhGUO_js.s-1714396168682-0.0.1.1-604800000

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mhp.benefits.me/login?next=/offer/31381 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
cta-service-cms2.hubspot.com
d9pkkqscj1pvg.cloudfront.net
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
mhp.benefits.me
perf-na1.hsforms.com
track.hubspot.com
104.19.175.188
143.204.102.158
2606:4700:4400::ac40:991b
2606:4700::6810:4c8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8cd1
2606:4700::6810:a0a8
2606:4700::6812:8d11
3.70.81.64
0e36d48c48ae338b5cccef7dedc545d736dff75042f4ecf272c7061a4fd92a4b
107881e747019f235d21c5e08b26db8b6caaaf910c38f5d6717e1deee185193b
1248b3b19a4e20e84b2988981ef83aa99d9f04d0512d42a3881b12917eca8512
1569b45270382948638a16deff434f9dcf60d124bb72cca850b82fc604990c57
156b381819247eb013bfd7ad6cd96fed291f0a1bfb55206c8e644bb42576c5c7
17e0f4fa34c7aa213bd386e1adc788b83be18d59d5afc9b89fdfb2a881b4dfc8
1976118754d100fd34f9aac6f8a715aebc31b795390a27ab516191fac410abbf
1b9ed772a8187716ee35f5fb81918a159cbefd1f1deaba4ce93f842e3f69c5e3
2c009c88078232cf30a2a1d709f7b3051eaa3a40d74158fde01404cd4abd48d2
2d12a0a46eda7ebd2da24d2a568d7ce047cbf437240deffb302b0371d1e053ec
3afabaaa0c3052db82ef74b7e58a7fc974a049c5c340826dfa116f84ee30ddda
3f5de30972f56383a9ef9d491aaf183ae0a09d5cffd1e5090be1e60d40f14f7d
61266c07cefe5b8628ebe4e9643422206cdf1ba5bdabd95a75993a864823ae94
674d8b3139b657182d5c53ee20d035633df6731cc150de1eb9c8c230976189df
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f3e9d9a5e11e5334fe264ed48c55481203caee3f7fc1d89aac0c99368f99c56
73760de900377c2aabe0234b6fe15fbd374d87c8d029629ce33450b9940f6ef0
74178d12c416f1d70958338fe3fe36184e36110f31fde23f9e7b925733e88562
77b3b42e0ddeb5b825874ff635d3d6f626fdff24475d0133c146c4104d849c9e
77b3f9745d162fdd97ef3005a8183a1f3cb0f9f7e23d033445e8bb44f22106e1
7a0f257373e45998c58183f424b79f1e0f98c05b9fe037755fbe19e71cb80991
80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c
8d8ccb7fea4efbb18db326c27699216b94fa4e5cdd3dea16e9a5bf84dda2f5a2
8f8e5165ea429bb2411876ea6c57a0cf3985e84782e91ad252d832c688ac990a
a3872fb9ec404d18003f9c2ae1f726c5c86bd439e38fb2b2b18352eb1c79ee8d
a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
cb2dff820308ca8092b8369adc4442e02adfc8f1ee6fa23378f3c3973a2e7857
cf37577f042dedba5b50fc8c34b35bb70f002aa3be855a11636fe93088c196ad
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
d114e70206dd8ee6598f5d83202b012b06331afbf9688a28cc733ee47f8927cd
d1ffe57c37ef9b45b5126e6db4d8e887f57a67207bf4a573c2b2b4c39214394e
d38be0aa8bdcdb3c4df9e7a224a9055a263f39be1f8e1ef217576248bcf1e5ca
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65
e8903e555bd60b3e66725a7316fa1c399c1c330b6f207dfbf294e287857d526c
ecd41d99163aff46cd2f10409b990c48eb7171469abad0f64d1505c002907c13
efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a
f734197701470b86c0062970828d26a17e3366ee3999dfc6cdca97500de2fbaf

mhp.benefits.me Open in urlscan Pro 3.70.81.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

70 %IPv6

9 Domains

14 Subdomains

10 IPs

3 Countries

900 kBTransfer

3968 kBSize

15 Cookies

8 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mhp.benefits.me Open in urlscan Pro
3.70.81.64 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

14
Subdomains

10
IPs

3
Countries

900 kB
Transfer

3968 kB
Size

15
Cookies

46 HTTP transactions
0 data transactions