Submitted URL: https://highlands.benefithub.com/
Effective URL: https://highlands.benefithub.com/app
Submission: On June 14 via api from US — Scanned from DE

Summary

This website contacted 26 IPs in 3 countries across 11 domains to perform 133 HTTP transactions. The main IP is 20.10.131.207, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is highlands.benefithub.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 9th 2024. Valid for: a year.
This is the only time highlands.benefithub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 45 20.10.131.207 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.128 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.181.228 15169 (GOOGLE)
1 142.250.185.195 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.42 15169 (GOOGLE)
1 172.217.16.138 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2620:1ec:29:1... 8075 (MICROSOFT...)
3 172.217.16.206 15169 (GOOGLE)
2 2 45.60.33.129 19551 (INCAPSULA)
2 13.32.27.123 16509 (AMAZON-02)
5 142.250.185.227 15169 (GOOGLE)
12 172.178.14.174 8075 (MICROSOFT...)
26 20.110.203.202 8075 (MICROSOFT...)
2 142.250.185.74 15169 (GOOGLE)
133 26
Apex Domain
Subdomains
Transfer
89 benefithub.com
highlands.benefithub.com
cdn.benefithub.com — Cisco Umbrella Rank: 201565
contentlibrary.benefithub.com — Cisco Umbrella Rank: 290149
resourcesv3.benefithub.com — Cisco Umbrella Rank: 180703
11 MB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
maps.googleapis.com — Cisco Umbrella Rank: 391
translate.googleapis.com — Cisco Umbrella Rank: 1253
272 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
161 KB
9 lytics.io
c.lytics.io — Cisco Umbrella Rank: 13419
52 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
region1.google-analytics.com — Cisco Umbrella Rank: 2347
21 KB
4 partnerbookingkit.com
pbk.partnerbookingkit.com — Cisco Umbrella Rank: 200211
widget-cdn.partnerbookingkit.com — Cisco Umbrella Rank: 196766
275 KB
2 google.com
translate.google.com — Cisco Umbrella Rank: 1491
www.google.com — Cisco Umbrella Rank: 5
32 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8196
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
355 B
1 checkout.com
cdn.checkout.com — Cisco Umbrella Rank: 65634
31 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
94 KB
133 11
Domain Requested by
45 highlands.benefithub.com 3 redirects highlands.benefithub.com
26 resourcesv3.benefithub.com
12 contentlibrary.benefithub.com
9 c.lytics.io highlands.benefithub.com
c.lytics.io
8 fonts.gstatic.com fonts.googleapis.com
6 cdn.benefithub.com highlands.benefithub.com
5 www.google-analytics.com highlands.benefithub.com
www.google-analytics.com
5 fonts.googleapis.com highlands.benefithub.com
client
4 maps.googleapis.com highlands.benefithub.com
maps.googleapis.com
3 translate.googleapis.com translate.googleapis.com
3 www.gstatic.com www.gstatic.com
2 widget-cdn.partnerbookingkit.com
2 pbk.partnerbookingkit.com 2 redirects
2 region1.google-analytics.com www.googletagmanager.com
1 www.google.de highlands.benefithub.com
1 www.google.com highlands.benefithub.com
1 stats.g.doubleclick.net www.google-analytics.com
1 translate.google.com highlands.benefithub.com
1 cdn.checkout.com highlands.benefithub.com
1 www.googletagmanager.com highlands.benefithub.com
133 20
Subject Issuer Validity Valid
Benefithub.com
Sectigo RSA Domain Validation Secure Server CA
2024-05-09 -
2025-06-09
a year crt.sh
upload.video.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.google-analytics.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.checkout.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-14
a year crt.sh
*.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
lytics.io
E1
2024-05-14 -
2024-08-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.google.de
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.gstatic.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
cdn.benefithub.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh

This page contains 2 frames:

Primary Page: https://highlands.benefithub.com/app
Frame ID: 487F35D28DAD64D53E80032421603260
Requests: 152 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3202DA68A0E509A71825652EC38CD874
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Home | Highlands Community Charter School

Page URL History Show full URLs

  1. https://highlands.benefithub.com/ HTTP 302
    https://highlands.benefithub.com/Account/Login?ReturnUrl=%2f HTTP 302
    https://highlands.benefithub.com/ HTTP 302
    https://highlands.benefithub.com/app Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

133
Requests

98 %
HTTPS

48 %
IPv6

11
Domains

20
Subdomains

26
IPs

3
Countries

12374 kB
Transfer

20684 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://highlands.benefithub.com/ HTTP 302
    https://highlands.benefithub.com/Account/Login?ReturnUrl=%2f HTTP 302
    https://highlands.benefithub.com/ HTTP 302
    https://highlands.benefithub.com/app Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://pbk.partnerbookingkit.com/55a9f0fe5885/ehi-pbk.css HTTP 301
  • https://widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/widget.css
Request Chain 61
  • https://pbk.partnerbookingkit.com/55a9f0fe5885/ehi-pbk.js HTTP 301
  • https://widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/widget.js

133 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request app
highlands.benefithub.com/
Redirect Chain
  • https://highlands.benefithub.com/
  • https://highlands.benefithub.com/Account/Login?ReturnUrl=%2f
  • https://highlands.benefithub.com/
  • https://highlands.benefithub.com/app
6 KB
5 KB
Document
General
Full URL
https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
50543f030464eb10db48c4e18d22560a49395f664725bb97cea7ed87d9665e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2640
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Jun 2024 09:23:35 GMT
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-AspNet-Version
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Jun 2024 09:23:35 GMT
Location
/app
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-AspNet-Version
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/
27 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6953682c0ea668bba8f2d7259f4227f9edc14e69115084b7d9b7f32a177513b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 09:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 07:29:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 09:23:35 GMT
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be31cc6f5ad4f089f1a4a804709695eb70f481268e6b28add3be269aff468f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 09:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 07:56:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 09:23:35 GMT
elemental_ui_styles.min.css
highlands.benefithub.com/stylesheetsV2/
11 KB
2 KB
Stylesheet
General
Full URL
https://highlands.benefithub.com/stylesheetsV2/elemental_ui_styles.min.css?_Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ffc887a5636cc9e05a5ad76661df8bd0a93b83684bdba03c7d3643f716e791e1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:08:24 GMT
Server
ETag
"0dcac592abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1844
site_style_v2.css
highlands.benefithub.com/stylesheetsV2/
1 MB
144 KB
Stylesheet
General
Full URL
https://highlands.benefithub.com/stylesheetsV2/site_style_v2.css?_Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
28949bee7997a794f6776f51b3663f9a8038af20197e13168e0312a907a3a1db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:08:24 GMT
Server
ETag
"0dcac592abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
146918
site_wrapper.css
highlands.benefithub.com/stylesheetsV2/
103 KB
12 KB
Stylesheet
General
Full URL
https://highlands.benefithub.com/stylesheetsV2/site_wrapper.css?_Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f69de23974d4dbaa97c55fa3a62838a0a08f2ed2425fc55490052abfdf874d3f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:08:24 GMT
Server
ETag
"0dcac592abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11894
site_typography.css
highlands.benefithub.com/stylesheetsV2/
6 KB
1 KB
Stylesheet
General
Full URL
https://highlands.benefithub.com/stylesheetsV2/site_typography.css?_Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5eb4e8a163c821e201375334aa0e088f25a820f81f4fb234ae1ff0d83c243f44
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:08:24 GMT
Server
ETag
"0dcac592abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
839
spin.css
highlands.benefithub.com/stylesheetsV2/
404 B
590 B
Stylesheet
General
Full URL
https://highlands.benefithub.com/stylesheetsV2/spin.css?_Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be01ca1fde2b4cac1b283abd1358abaac463ae4a40b8da01d0d4295172ea870a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:08:24 GMT
Server
ETag
"0dcac592abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
255
all.min.css
highlands.benefithub.com/ContentV2/FontAwesomePro/css/
170 KB
33 KB
Stylesheet
General
Full URL
https://highlands.benefithub.com/ContentV2/FontAwesomePro/css/all.min.css?_Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0d22cec83d6202205c0c4f032831100c6d7c9fc65d949c8bae6ea0f3ee39516
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:07:46 GMT
Server
ETag
"0856432abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33563
jquery-3.6.0.min.js
highlands.benefithub.com/javascripts/core/
87 KB
31 KB
Script
General
Full URL
https://highlands.benefithub.com/javascripts/core/jquery-3.6.0.min.js
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:08:12 GMT
Server
ETag
"0ce85522abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30987
promise-polyfill.min.js
highlands.benefithub.com/javascripts/core/
5 KB
3 KB
Script
General
Full URL
https://highlands.benefithub.com/javascripts/core/promise-polyfill.min.js
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aed3bcb734c4a6d9a0b941043094b75498b5b77a6b32aabe5f49d197e5b1d914
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:08:12 GMT
Server
ETag
"0ce85522abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2230
porthole.js
highlands.benefithub.com/javascripts/core/
19 KB
5 KB
Script
General
Full URL
https://highlands.benefithub.com/javascripts/core/porthole.js
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d21a319b7748e17510b5826ca3eb1b81d4f7497008e4317db681ef7f3bb9f1c4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:08:12 GMT
Server
ETag
"0ce85522abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4997
js
www.googletagmanager.com/gtag/
269 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZS7CW6GWCH
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65f5c5a7ee31104ae62fd7adb8b3e2bb5447939d6d14c19e8c3517031aaff693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95573
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Jun 2024 09:23:36 GMT
bundle.js
highlands.benefithub.com/dist/WebPlatform/
5 MB
1 MB
Script
General
Full URL
https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a631864ac9c0c0918dac54e0d8776aa4ff4b6de0fd913ec5276f1d1773b23f7f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:07:52 GMT
Server
ETag
"0c9a462abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1368786
js
maps.googleapis.com/maps/api/
249 KB
82 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCPUypyddmlVaIGqGxbDjdy4bAq3lvFwPE&libraries=geometry,places&v=3.37
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
728fe00bf983dbff609ee5fe275d39e55860c912cc23d7ec2430a614bbfa6aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83173
x-xss-protection
0
framesv2.min.js
cdn.checkout.com/js/
84 KB
31 KB
Script
General
Full URL
https://cdn.checkout.com/js/framesv2.min.js
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-128.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6aeb678c209c97bff4eca5b033f3d3e9ef6c71cc5836df9afb57f705804d3f9f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 14:08:10 GMT
content-encoding
gzip
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P4
age
69325
etag
W/"14edf-jAfwFNhwGknGtXfLesZEp8NHFEg"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
HmL30Zk6TyFClLYzStopVwt6CyJ_gH7I5EOheKG1khaz4z44R9F7RA==
element.js
translate.google.com/translate_a/
90 KB
31 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73361ec61e33325a61b6b6b64de2531285f1462c78909945bec9621ab35cf419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Jun 2024 08:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3268
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 14 Jun 2024 10:29:08 GMT
latest.min.js
c.lytics.io/api/tag/232cb4d402b404fece04a9072a6bbd5c/
66 KB
23 KB
Script
General
Full URL
https://c.lytics.io/api/tag/232cb4d402b404fece04a9072a6bbd5c/latest.min.js
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a7ace6067cfa8474a3cc0063f86f7993d5750b237dd1362dcb6ab33292cafb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:36 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6077
last-modified
Fri, 14 Jun 2024 07:42:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RlZdiKbIeOZY6b8aXOE5IaPxz8Cmt3%2F6JChgyS5SPypHrcNI37AMaDOXhk%2ByKqsGbCLfknKknb9DjOTMqPe6mP9O9%2BvMVu%2FYbfJnBaT9bNIA7L40EASkL%2B3GG5Z%2FXSksdn2NFxx%2F95o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
4b5889ea3f9f66c2abcae45a89d4d400
cf-ray
8939433849743675-FRA
collect
www.google-analytics.com/j/
3 B
214 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=264756843&t=event&ni=1&_s=1&dl=https%3A%2F%2Fhighlands.benefithub.com%2Fapp&ul=de-de&de=UTF-8&dt=BenefitHub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app&ea=initializing&_u=IGBAgEABAAAAACAAI~&jid=1195929756&gjid=485937305&cid=1456730284.1718357017&tid=UA-44330825-4&_gid=1819305880.1718357017&_slc=1&z=414697811
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://highlands.benefithub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
355 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-44330825-4&cid=1456730284.1718357017&jid=1195929756&gjid=485937305&_gid=1819305880.1718357017&_u=IGBAgEABAAAAAGAAI~&z=1769921893
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 14 Jun 2024 09:23:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://highlands.benefithub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
232cb4d402b404fece04a9072a6bbd5c
c.lytics.io/c/
35 B
599 B
Image
General
Full URL
https://c.lytics.io/c/232cb4d402b404fece04a9072a6bbd5c?
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:37 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6KLQzYN%2FWpWQUU6ZKr4QOAhYTVxvv6Cfm4605vLeihSZ4oi46JdJBjO41wpuks8%2BQrUXjRo07lwRLv%2FhUW%2Fh0fbvQTObXUHh9bnsjQo08LMIKuK33EOELjF%2FQu3T4dS2zW56C1dW4eHC"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
8298d7f802b6214f85f46a65369bf54f
cf-ray
8939433c6f013675-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
collect
region1.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZS7CW6GWCH&gtm=45je46c0v872441053za200&_p=1718357016070&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1456730284.1718357017&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718357017&sct=1&seg=0&dl=https%3A%2F%2Fhighlands.benefithub.com%2Fapp&dt=BenefitHub&en=initialize&_fv=1&_ss=1&_ee=1&ep.event_category=app&tfd=3606&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZS7CW6GWCH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://highlands.benefithub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44330825-4&cid=1456730284.1718357017&jid=1195929756&_u=IGBAgEABAAAAAGAAI~&z=659911589
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44330825-4&cid=1456730284.1718357017&jid=1195929756&_u=IGBAgEABAAAAAGAAI~&z=659911589
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
18 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,600,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60839c6d74f3420c7b860f47cd381366f7312b95abe96a23414a7a7094c8d37e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 09:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 09:23:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 09:23:37 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://highlands.benefithub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 03:20:55 GMT
x-content-type-options
nosniff
age
108163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 03:20:55 GMT
css2
fonts.googleapis.com/
5 KB
623 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;800&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
cbb999307a9fd1d7aa51b3277092caf92b2150d4876176222877d3335857fa20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 09:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 09:18:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 09:23:38 GMT
css2
fonts.googleapis.com/
17 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 09:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 09:03:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 09:23:38 GMT
GetLoggedInStatus
highlands.benefithub.com/api/AccountApi/
187 B
815 B
XHR
General
Full URL
https://highlands.benefithub.com/api/AccountApi/GetLoggedInStatus?
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45cdb883dfa5ef2e18b0fcd2ae44c5bbee36e41f47d08e0bfe5b0a082e0908d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
187
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetUsersLocation
highlands.benefithub.com/api/LocationAPI/
229 B
2 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/LocationAPI/GetUsersLocation?
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c3274a8945ca180b6d77dba581f68f5f4bc58e8f258d5d5e9a05a3e98aebfd44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
229
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetContext
highlands.benefithub.com/api/DashboardAPI/
8 KB
10 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/DashboardAPI/GetContext
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03bf37d67d5c7d80b081a0bc3c7109148fb058dea6c09f0746b72973002f69bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://highlands.benefithub.com/app
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
8171
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetSpotlightModel
highlands.benefithub.com/api/LandingPageAPI/
96 B
2 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/LandingPageAPI/GetSpotlightModel?
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c990541a5fb5f2f0cca411d075dc22e91984cb6715f5422c66edb49435dd9c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
96
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetSections
highlands.benefithub.com/api/ShoppingCenterAPI/
557 B
3 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/ShoppingCenterAPI/GetSections?
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c4215b212bbcdfc4fc551a0e05016a725539aed5952a8091ab04e41d3042df24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
557
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCPUypyddmlVaIGqGxbDjdy4bAq3lvFwPE&libraries=geometry,places&v=3.37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://highlands.benefithub.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
GetSiteContext
highlands.benefithub.com/api/DashboardAPI/
64 KB
67 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/DashboardAPI/GetSiteContext?_=1718357017227
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3c28ea59937953239b8753a3a792744906fe07a0772019f100010c78886a5673
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://highlands.benefithub.com/app
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
66036
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetContext
highlands.benefithub.com/api/DashboardAPI/
8 KB
10 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/DashboardAPI/GetContext?_=1718357017228
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03bf37d67d5c7d80b081a0bc3c7109148fb058dea6c09f0746b72973002f69bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://highlands.benefithub.com/app
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
8171
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetAppsV2
highlands.benefithub.com/api/AppsV2Api/
3 KB
5 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/AppsV2Api/GetAppsV2?
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
122ca848df82a1a8fa009bc72b5d0bd4f8825418fdabec82f2a3aed94e400fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
3143
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetCountries
highlands.benefithub.com/api/LocalizationAPI/
241 KB
243 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/LocalizationAPI/GetCountries?_=1718357017229
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1e791be508fd633c85f2ed920bbe4b34b84cfbe8ca5b2cf2e317e629198d86d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://highlands.benefithub.com/app
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
246941
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
c9b01f00-24c6-4d32-b4af-10642080c68c
c.lytics.io/api/personalize/232cb4d402b404fece04a9072a6bbd5c/user/_uid/
302 B
624 B
Script
General
Full URL
https://c.lytics.io/api/personalize/232cb4d402b404fece04a9072a6bbd5c/user/_uid/c9b01f00-24c6-4d32-b4af-10642080c68c?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22c9b01f00-24c6-4d32-b4af-10642080c68c%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22highlands.benefithub.com%2Fapp%22%2C%22_ga%22%3A%22GA1.1.1456730284.1718357017%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1718357018670&callback=u_607208262625489200
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/232cb4d402b404fece04a9072a6bbd5c/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e30e17441c5a29c2f4c95c597d45a220d32a651d9b8ca9c5059d2c745ad3e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:38 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000;
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atfRiRW%2Bnl4u%2F9o0ijCxknyJpdqlXb9zu5UnWCEYg9Kx1LKDNu0IeKbdDD33ztEZtSW21SjI%2FOxMepp2%2BSeb6DuD6ezdZHIWXHWofEN4jcDS3waNl2JXzWOzR2pApmbeGRgU59p%2FvVE0"}],"group":"cf-nel","max_age":604800}
x-lytics-trace
77dc9aa1e256e188eee956fb4bf9eca8
cf-ray
89394346ce1e3675-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length
221
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=AAM/d=0/rs=AN8SPfrUh4eQMB1I5qTj-4-oeXAO15kIQQ/
22 KB
5 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=AAM/d=0/rs=AN8SPfrUh4eQMB1I5qTj-4-oeXAO15kIQQ/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.bzfoHxF7-dQ.O/am=AAM/d=1/rs=AN8SPfo693Atj8vxMY4tIXZ_VVdL-lnZEw/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Jun 2025 09:23:35 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.bzfoHxF7-dQ.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqwyp2ZFY3x8JWJbzdfqeuDqYUAzw/
207 KB
72 KB
Script
General
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.bzfoHxF7-dQ.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqwyp2ZFY3x8JWJbzdfqeuDqYUAzw/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.bzfoHxF7-dQ.O/am=AAM/d=1/rs=AN8SPfo693Atj8vxMY4tIXZ_VVdL-lnZEw/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0bc60de0d7b7cab94914f7591a114030d613d1c3813a54674285150d11aae6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 17:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72966
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 21:11:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jun 2025 17:52:46 GMT
favicon.ico
highlands.benefithub.com/
15 KB
15 KB
Other
General
Full URL
https://highlands.benefithub.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bfb5ab5b5af49546a8d1a65db69b12f6420ea2b14fd3c845bae43fc6d740e3a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:38 GMT
Last-Modified
Tue, 11 Jun 2024 18:07:30 GMT
Server
ETag
"01d7d392abcda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
pathfora.min.js
c.lytics.io/static/
103 KB
22 KB
Script
General
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/232cb4d402b404fece04a9072a6bbd5c/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:39 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 14 Jun 2024 08:13:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4237
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LaSqUVy%2BFYNxmJUq6SwCfY9dXnKBGuF7hnPfNZ%2F%2FAcaGEbCqfcBOyya4816oCTp6hP1Y3QoJXduC5I1WTkSAE1KCSPrbEMNRA%2FPnr4FdltWPjjnQtiZg2VqwXiU3PNV6ohFLA2gGlKG7"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
8939434b0c353675-FRA
pathfora.min.css
c.lytics.io/static/
20 KB
4 KB
Stylesheet
General
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:39 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 14 Jun 2024 08:54:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1776
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bv8%2BYAKrCmbI0Yo9nEAz4fhbTdrDa8Vi%2BNNRHrIAQvE0x0Z1vzoCLDiL4J9oYOa9difqsAXEt1551Warctc5HtU56DDMuTpjUkdNV8BOvl9p6da99y90NjQsVCjJ0fovpiZLpltL8fiV"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
8939434b5c8c3675-FRA
config.js
c.lytics.io/api/program/campaign/config/232cb4d402b404fece04a9072a6bbd5c/
327 B
698 B
Script
General
Full URL
https://c.lytics.io/api/program/campaign/config/232cb4d402b404fece04a9072a6bbd5c/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/232cb4d402b404fece04a9072a6bbd5c/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
320ba3c8c4197a4de9e28c0231687541363c1e77cabe2485d34df8a42907cab0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:39 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6071
content-length
226
last-modified
Fri, 14 Jun 2024 07:42:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tx6140i78A%2F96HkmRUgCDWpehznFM6BhNWdliwLg7sWWO4pJQWxPeWyg%2Bc9Q2YRx9Oa5hyZBBgqBotnG1AdSzzD6QpA0sUHpgVSFAMQwx8fKiksLNlqbb9UH7I3MSr4kvfDkNgbBM6ya"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
444ab665fde99424196d62879048a22b
accept-ranges
bytes
cf-ray
8939434b5c963675-FRA
Common.json
cdn.benefithub.com/locales/en-US/
20 KB
6 KB
Fetch
General
Full URL
https://cdn.benefithub.com/locales/en-US/Common.json?ref=1.Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
398583e507cf6466761a4a47e38fe9f4eb39ed242d82fe02d9b9b29d2210633f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jun 2024 09:23:39 GMT
content-encoding
br
last-modified
Tue, 11 Jun 2024 15:14:57 GMT
vary
Accept-Encoding
x-azure-ref
20240614T092339Z-15f57b858d4mxznsr1cc8k8p3s0000000hs0000000009qhc
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1e521366-601e-0038-773a-be1310000000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
64001491
x-cache-info
L1_T2
Navigation.json
cdn.benefithub.com/locales/en-US/
9 KB
3 KB
Fetch
General
Full URL
https://cdn.benefithub.com/locales/en-US/Navigation.json?ref=1.Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba7857e8396ebe2f0c9416e228b402926f5623144106eed605751cb8413a56c1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jun 2024 09:23:39 GMT
content-encoding
br
last-modified
Tue, 11 Jun 2024 15:14:56 GMT
vary
Accept-Encoding
x-azure-ref
20240614T092339Z-15f57b858d4mxznsr1cc8k8p3s0000000hs0000000009qhb
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c59cacf8-801e-001b-469b-bd7cdb000000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
64001491
x-cache-info
L1_T2
Common.json
cdn.benefithub.com/locales/en/
215 B
450 B
Fetch
General
Full URL
https://cdn.benefithub.com/locales/en/Common.json?ref=1.Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f78f6d065eb4127eb005315b4070d3cef77952df44292637fea973d7190a6374

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:39 GMT
x-azure-ref
20240614T092339Z-15f57b858d4mxznsr1cc8k8p3s0000000hs0000000009qh9
x-cache
TCP_MISS
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
1e158ba0-e01e-0029-193c-be240b000000
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
content-length
215
Navigation.json
cdn.benefithub.com/locales/en/
215 B
450 B
Fetch
General
Full URL
https://cdn.benefithub.com/locales/en/Navigation.json?ref=1.Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bb9b7162c1a6281bfc0467d0faf131b5811dc02abc6f0a3e859dcb50c9a35f90

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:40 GMT
x-azure-ref
20240614T092339Z-15f57b858d4mxznsr1cc8k8p3s0000000hs0000000009qha
x-cache
TCP_MISS
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
86177e9e-301e-004d-2b3c-be94ab000000
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
content-length
215
GetSections
highlands.benefithub.com/api/ShoppingCenterAPI/
557 B
3 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/ShoppingCenterAPI/GetSections?
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c4215b212bbcdfc4fc551a0e05016a725539aed5952a8091ab04e41d3042df24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
557
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetSectionOrder
highlands.benefithub.com/api/LandingPageAPI/
2 KB
4 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/LandingPageAPI/GetSectionOrder?_=1718357017230
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
613758334233cee0940a35d528c78606a084891099b63a0531d81718c2522ff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://highlands.benefithub.com/app
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1664
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetActiveSeasonalSection
highlands.benefithub.com/api/InternationalSeasonalApi/
93 B
2 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/InternationalSeasonalApi/GetActiveSeasonalSection?_=1718357017231
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6aa41771685d49fc35e7cc56c863573ee1378702476a909831d7f2b93ce2ac09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://highlands.benefithub.com/app
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
93
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetCustomSections
highlands.benefithub.com/api/LandingPageAPI/
2 B
2 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/LandingPageAPI/GetCustomSections?_=1718357017232
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://highlands.benefithub.com/app
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetContentInHomePageV2
highlands.benefithub.com/api/LandingPageAPI/
8 KB
10 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/LandingPageAPI/GetContentInHomePageV2?_=1718357017233
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d99fe652558d39c8aedd36a2245436c447e8eb817e1c664b81c652a941615986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://highlands.benefithub.com/app
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
7762
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,600,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://highlands.benefithub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 23:53:43 GMT
x-content-type-options
nosniff
age
34196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 23:53:43 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=264756843&t=event&ni=1&_s=2&dl=https%3A%2F%2Fhighlands.benefithub.com%2Fapp&ul=de-de&de=UTF-8&dt=BenefitHub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app&ea=ready&el=load_time&ev=1265&_u=KGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1456730284.1718357017&tid=UA-44330825-4&_gid=1819305880.1718357017&z=1494977863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f206.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 01:57:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26788
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=264756843&t=pageview&_s=3&dl=https%3A%2F%2Fhighlands.benefithub.com%2Fapp&dp=%2F&ul=de-de&de=UTF-8&dt=Home%20%7C%20Highlands%20Community%20Charter%20School&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABAAAAAGACI~&jid=&gjid=&cid=1456730284.1718357017&tid=UA-44330825-4&_gid=1819305880.1718357017&z=1599166248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f206.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 01:57:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26788
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
default
c.lytics.io/c/232cb4d402b404fece04a9072a6bbd5c/
35 B
338 B
Image
General
Full URL
https://c.lytics.io/c/232cb4d402b404fece04a9072a6bbd5c/default?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&userid=&email=Guest&_ts=1718357019669&_nmob=t&_device=desktop&url=highlands.benefithub.com%2Fapp&_ga=GA1.1.1456730284.1718357017&_uid=c9b01f00-24c6-4d32-b4af-10642080c68c&_v=3.0.35&_uido=c9b01f00-24c6-4d32-b4af-10642080c68c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:39 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BatZGdAmeIAVJI0xskN9GbsO34A7KOs13n1PbVy2Nf1jK4v3jN48HNDr3jePD9Mg0u8ZtuQ0EN1CO38%2BnIstvaaHKsMSeM4ZRqVG%2FjUpo2lcZUAbJjg0PlTmdt8qLBsvO%2BWYn%2BGy2fI"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
a01863d0331b925ef145e83f953b278e
cf-ray
8939434d2f093675-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
default
c.lytics.io/c/232cb4d402b404fece04a9072a6bbd5c/
35 B
454 B
Image
General
Full URL
https://c.lytics.io/c/232cb4d402b404fece04a9072a6bbd5c/default?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ts=1718357019689&_nmob=t&_device=desktop&url=highlands.benefithub.com%2Fapp&_ga=GA1.1.1456730284.1718357017&_uid=c9b01f00-24c6-4d32-b4af-10642080c68c&_v=3.0.35&_uido=c9b01f00-24c6-4d32-b4af-10642080c68c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:39 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SR5kaTgMLBNlUxT2VIUGfdm%2Bl46XImo1w1uGFyHy1auRLgMFoCt2D%2Bj3NUAG1dcSQ%2FbODebJRCe8EXNSBvypeflHpeq0VXXJw4atzFMQmMgEY%2FQqAArlOhY2rYBy4bsT1NPIm788ZlXy"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
9367fea2b6e485d668f53021e05e3a84
cf-ray
8939434d2f0d3675-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
GetLoggedInStatus
highlands.benefithub.com/api/AccountApi/
187 B
815 B
XHR
General
Full URL
https://highlands.benefithub.com/api/AccountApi/GetLoggedInStatus?
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a60aa81e88941e37814645a9a58237e61abbcbcca49eee8b79f9a4ff6464fd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
187
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
widget.css
widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/
Redirect Chain
  • https://pbk.partnerbookingkit.com/55a9f0fe5885/ehi-pbk.css
  • https://widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/widget.css
208 KB
22 KB
Stylesheet
General
Full URL
https://widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/widget.css
Protocol
H2
Server
13.32.27.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-123.fra56.r.cloudfront.net
Software
/
Resource Hash
7b3bd9b5d73213774207663b6992c023876972c4f590a7d499f437232bc758a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://highlands.benefithub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 13 Jun 2024 13:48:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-cdn
Imperva
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
70539
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-iinfo
13-46564030-46564032 NNYN CT(96 202 0) RT(1718286455471 2) q(0 0 3 1) r(259 259) U24
cache-control
public, max-age=86400
x-amz-cf-id
ABVFLFDRY6-FnurCYWjIGpVBzWZfowalsoBlKynXXgSsCQvBUVs_1A==
x-xss-protection
1; mode=block

Redirect headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-CDN
Imperva
Location
https://widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/widget.css
Access-Control-Allow-Origin
*
X-Iinfo
12-43478386-43478470 NNNN CT(161 205 0) RT(1718357019349 419) q(0 0 4 0) r(5 5) U24
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
widget.js
widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/
Redirect Chain
  • https://pbk.partnerbookingkit.com/55a9f0fe5885/ehi-pbk.js
  • https://widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/widget.js
1 MB
251 KB
Script
General
Full URL
https://widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/widget.js
Protocol
H2
Server
13.32.27.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-123.fra56.r.cloudfront.net
Software
/
Resource Hash
5da307deda088cace889da6c72a9f8bc2e8a8d289081e17cdae6f4c476f28106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://highlands.benefithub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 13 Jun 2024 13:46:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-cdn
Imperva
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
70660
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-iinfo
3-24023002-24023004 NNYY CT(101 212 0) RT(1718286359965 2) q(0 0 0 0) r(2 3) U24
cache-control
public, max-age=86400
x-amz-cf-id
otIRmEbBapGsrmw0Y6PWyke42d3kW1lr8f3zoJlXftMM5TtkiiGAVQ==
x-xss-protection
1; mode=block

Redirect headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-CDN
Imperva
Location
https://widget-cdn.partnerbookingkit.com/bundles/55a9f0fe5885/widget.js
Access-Control-Allow-Origin
*
X-Iinfo
7-20484609-20484668 NNNN CT(92 196 0) RT(1718357019349 420) q(0 0 3 0) r(4 4) U24
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Categories.json
cdn.benefithub.com/locales/en-US/
15 KB
4 KB
Fetch
General
Full URL
https://cdn.benefithub.com/locales/en-US/Categories.json?ref=1.Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
20b9c8a2a0774a10dbc00748f6e33ecdfbbaea23c9db201862863b8ed4246be6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jun 2024 09:23:39 GMT
content-encoding
br
last-modified
Tue, 11 Jun 2024 15:14:57 GMT
vary
Accept-Encoding
x-azure-ref
20240614T092339Z-15f57b858d4mxznsr1cc8k8p3s0000000hs0000000009qhd
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7d415e71-c01e-0071-273a-be2070000000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
Categories.json
cdn.benefithub.com/locales/en/
215 B
450 B
Fetch
General
Full URL
https://cdn.benefithub.com/locales/en/Categories.json?ref=1.Release-1037-9327-g90aefc086
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7be2b36156235240faa6ed6c88fe543c36b3d2794850bc45b18ee77b48b84737

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:40 GMT
x-azure-ref
20240614T092339Z-15f57b858d4mxznsr1cc8k8p3s0000000hs0000000009qhe
x-cache
TCP_MISS
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
2c3fd40d-f01e-0014-083c-be912d000000
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
content-length
215
fa-solid-900.woff2
highlands.benefithub.com/ContentV2/FontAwesomePro/webfonts/
138 KB
138 KB
Font
General
Full URL
https://highlands.benefithub.com/ContentV2/FontAwesomePro/webfonts/fa-solid-900.woff2
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/ContentV2/FontAwesomePro/css/all.min.css?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/ContentV2/FontAwesomePro/css/all.min.css?_Release-1037-9327-g90aefc086
Origin
https://highlands.benefithub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Last-Modified
Tue, 11 Jun 2024 18:07:46 GMT
Server
ETag
"0856432abcda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
140996
fa-light-300.woff2
highlands.benefithub.com/ContentV2/FontAwesomePro/webfonts/
185 KB
186 KB
Font
General
Full URL
https://highlands.benefithub.com/ContentV2/FontAwesomePro/webfonts/fa-light-300.woff2
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/ContentV2/FontAwesomePro/css/all.min.css?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/ContentV2/FontAwesomePro/css/all.min.css?_Release-1037-9327-g90aefc086
Origin
https://highlands.benefithub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Last-Modified
Tue, 11 Jun 2024 18:07:46 GMT
Server
ETag
"0856432abcda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
189648
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,600,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://highlands.benefithub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 03:20:55 GMT
x-content-type-options
nosniff
age
108163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 03:20:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,600,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://highlands.benefithub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 20:00:43 GMT
x-content-type-options
nosniff
age
48177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 20:00:43 GMT
Stock_Tickets_marquee_600x220.jpg
highlands.benefithub.com/ImagesV2/CustomSections/
207 KB
207 KB
Image
General
Full URL
https://highlands.benefithub.com/ImagesV2/CustomSections/Stock_Tickets_marquee_600x220.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
837963cf2d305a05c4fdda1752769b22e86bfaeacba500fc633e3cf7fb852f28
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Last-Modified
Tue, 11 Jun 2024 18:08:02 GMT
Server
ETag
"0ed8f4c2abcda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
211733
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
275 KB
276 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=yzt48jk76h5wszzk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eb212ba60a1ce25b977f4e7cfd896fca4a316e15545b811b22a81cb79d116f2c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
281814
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
728 KB
730 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=pvwbgtw088pcyy42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bc59c9ab05aac3e92c1232f2f9023838ea0b1de646d0f494a1f14c3b6d13f16

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
745262
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
59 KB
59 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=q6zhbnmc7pg953cxs3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7f6c99a386a6949c2ff4bd76ce358413497722b2b11343556dac590eedd26c36

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
60633
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
264 KB
265 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=jxyqxcqgfnrmb0n0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c0efc87117613e12fb3de53a652f6014d8ebe590327b22ce8f7f1f2c681275c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
270179
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
173 KB
173 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=3v168q39q0v7fgmq6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ac7bece26a6beb7261894603e090b5a8ffc6213875f7c3475264e9aae863040

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
176930
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
15 KB
15 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=y1pfrzcqcypgdlh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
965d80d22262565b10674008ec49f4a3780d7e4327e2131245925f223e764ea7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
15038
expires
-1
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://highlands.benefithub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:53:49 GMT
x-content-type-options
nosniff
age
48591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 19:53:49 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,600,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://highlands.benefithub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 13:54:42 GMT
x-content-type-options
nosniff
age
70138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 13:54:42 GMT
GetCustomSectionsContnetForLanding
highlands.benefithub.com/api/BenefitFocusCSAPI/
19 KB
21 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/BenefitFocusCSAPI/GetCustomSectionsContnetForLanding?templateId=undefined
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a25ed9afd073124f97ed2d6d44d10a28ac2e40970431813bae60ecf8273dc29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
19361
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetPublicPlacements
highlands.benefithub.com/api/PlacementApi/
126 KB
128 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/PlacementApi/GetPublicPlacements?category=homepage&placementType=carousel&subCategory=all
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b18f04916ef2d67edd192a5ec4fad99b1417b224e7de38092da9e48a02dd57cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
128910
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
GetRecommendedOffers
highlands.benefithub.com/api/ShoppingCenterAPI/
52 KB
54 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/ShoppingCenterAPI/GetRecommendedOffers?take=15
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a3ed23c39cf1cc89d8c3b86f7ae78d679c673416d20f1b4f90ce4e7fcf43d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
52886
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
truncated
/ Frame 3202
1 KB
1 KB
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43717a87f5a33f3bfb7d0be4c054905fe024306b94885c70e8a67f9d02a321f3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=AAM/d=0/rs=AN8SPfrUh4eQMB1I5qTj-4-oeXAO15kIQQ/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=AAM/d=0/rs=AN8SPfrUh4eQMB1I5qTj-4-oeXAO15kIQQ/m=el_main_css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 22:43:45 GMT
x-content-type-options
nosniff
age
38395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 13 Jun 2025 22:43:45 GMT
GetLogo
highlands.benefithub.com/api/ResourceProxyV2/
5 KB
5 KB
Image
General
Full URL
https://highlands.benefithub.com/api/ResourceProxyV2/GetLogo?_=1718357019874
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3794286042b5420fecd697d4b6f00499109c3281952734983ff3b1ab49b743cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
4750
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e905bf19cad69bace88333878b67390ea9defb763ad280c2915f3cbeb529fce0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
28 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60e06a50e7390cd6faf5c79cff132af466a4385e56189059275fc4df9d9c1b54

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1784c39cafdda03071e41c88e35dbda7cea66d9af1485a8f819254d958d7f28

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
231 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ec30e9cc7121bd3073ef420ae7ed805e1f5f358288fbc9df99776b89cca027c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
001c16660bf98c7f5430cc5dc5c61b6db48fda1c45147f0f04c9b901399be00c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
10 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfb9f3773c4a68652236524a8e19a85813520dca63848725faf56580dc058dcd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/
562 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d52ca34ef5cba6b06b576f7029218b03e42c7eac0fdf9851c76b94fc79ba628e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
66 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8275a6894a1fdb03a7dc55037f2535c8cb10edb764ab92c06ef534575fcd56a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b01adfe1e372d509c886ab75ab5df2fc0fc6ea3830a2cca38c9b791191d898a4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e079f3297065592fc6b3f2908c786c8f914583821b6ed2fe02e44cd90f1ab9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
278 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb4342490d003f881a1a689d6884bfdd87832d2325a1d7e7d6a2845bf2d6936f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
278 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfea24d62fc9e9b1ea8840899b61b3f36c26e3185c9d7d1f7b75416ed4c0c36b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
559 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38d74ce509e10ebbc1486a147b97ad41a575013e796ff679ac8a07eedd24b385

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
401f4c46d69ae23a1067ff19f4a542846e005d6810ef6433c5492b825d31635d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acf0ddab52fee04c78fd9c58671f746de519baf031d711cc050374e61d08e7c6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9456e6a8af5039152379285556a15a986a601a75deda94970f2579e02a1c52

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
427 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1db0a398f8a690a8c9813c58a91a2837f8b16e3b064242d4fe48e14cece9dfe3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
972 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b7fb2903f566adae50e590c42b14a122c154f5bcf1bd466a327198d4e9db744

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
36 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
891e8616d4a77b1df95638c5c73903535693c12001bbd378d19c2189b52c442f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d953a6326f8061954932d65611dfc2a964c21e5fa158a7e45a93ece64dc818ce

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
alamo_logo.png
highlands.benefithub.com/ImagesV2/Widgets/AutoRentalWidget/
12 KB
12 KB
Image
General
Full URL
https://highlands.benefithub.com/ImagesV2/Widgets/AutoRentalWidget/alamo_logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4231986bb2deed76a296345a264cdd35aad377e0d84f4ccb241bec06fc82b901
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Last-Modified
Tue, 11 Jun 2024 18:08:10 GMT
Server
ETag
"0a154512abcda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12287
enterprise_logo.png
highlands.benefithub.com/ImagesV2/Widgets/AutoRentalWidget/
12 KB
12 KB
Image
General
Full URL
https://highlands.benefithub.com/ImagesV2/Widgets/AutoRentalWidget/enterprise_logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d3430378f2bce117aa09a1cad910143fd3a68a6a1377c0acae0618f5f96288fd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Last-Modified
Tue, 11 Jun 2024 18:08:10 GMT
Server
ETag
"0a154512abcda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12001
national_logo.png
highlands.benefithub.com/ImagesV2/Widgets/AutoRentalWidget/
14 KB
14 KB
Image
General
Full URL
https://highlands.benefithub.com/ImagesV2/Widgets/AutoRentalWidget/national_logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ae704aa0842cf7e019d61d268eb9b3203ac02a1785841c298a032209938f978c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Last-Modified
Tue, 11 Jun 2024 18:08:10 GMT
Server
ETag
"0a154512abcda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14427
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
382 KB
383 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=j50yzfjnllwdtc44xpj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c473bff7e7207c66b6874d30581be5f553db8ba6c5a18681a13ca88894bc0ec2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
391630
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
6 KB
6 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=2ls5rlsg2586wjqmt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4ec11f21bb2ca960f6995f8b7a76fb5c01b343d842ae182bd29fc47462059dbd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
6093
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
170 KB
171 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=hmmy286dlfftcqzm5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
21ca78e69223ac2a865598a10992efe15339bdce47c028f5afe87ba437ce8da0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
174344
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
13 KB
13 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=rpmns0kckh9dwm9lz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
60950bfd962aaed42e44d3a81ddde4583d6288fd5e036b3de95294b41655e747

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
13709
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
34 KB
35 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=q1h5zrww56zj3w1r7k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f21e96de7e18878aa5ee76b5e3d44e867cfc5601628904fb7210c4521eee4f7e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
35317
expires
-1
Map.svg
highlands.benefithub.com/ImagesV2/Marketplace/
2 KB
2 KB
Image
General
Full URL
https://highlands.benefithub.com/ImagesV2/Marketplace/Map.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
630e4adf0f10ea669fad7776d4b6040d5062b67ee77f6cfab041553c79fda143
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Last-Modified
Tue, 11 Jun 2024 18:08:04 GMT
Server
ETag
"01ac14d2abcda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1672
Wallet.svg
highlands.benefithub.com/ImagesV2/Marketplace/
47 KB
10 KB
Image
General
Full URL
https://highlands.benefithub.com/ImagesV2/Marketplace/Wallet.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74865d0e48c45c5301f48afebe3c1732700e707e21c741ba11c79ff646d6ad6c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2024 18:08:04 GMT
Server
ETag
"01ac14d2abcda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9555
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/
6 KB
3 KB
Image
General
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Jun 2025 09:16:24 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/
910 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:59:26 GMT
x-content-type-options
nosniff
age
95054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 13 Jun 2025 06:59:26 GMT
favicon.ico
highlands.benefithub.com/
15 KB
0
Other
General
Full URL
https://highlands.benefithub.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bfb5ab5b5af49546a8d1a65db69b12f6420ea2b14fd3c845bae43fc6d740e3a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 14 Jun 2024 09:23:38 GMT
Last-Modified
Tue, 11 Jun 2024 18:07:30 GMT
Server
ETag
"01d7d392abcda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Cache-Control
max-age=10800
Accept-Ranges
bytes
Content-Length
15406
GetAppsV2
highlands.benefithub.com/api/AppsV2Api/
3 KB
5 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/AppsV2Api/GetAppsV2?
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
122ca848df82a1a8fa009bc72b5d0bd4f8825418fdabec82f2a3aed94e400fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
Content-Length
3143
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
24 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://highlands.benefithub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 20:00:43 GMT
x-content-type-options
nosniff
age
48177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 20:00:43 GMT
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
40 KB
41 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=jvg8g12fmcqzc4xsr&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
552e92b350fd053dfe894534241cb21fb7fc8c4fbddfcfc74f3bec9b640d14f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
41409
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
9 KB
9 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=i3369&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
502b8c4c6d9e212c29cb4f53ae8c7fb48e165f750faa37b3573bc696e616733b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
no-cache
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
14 KB
14 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=l45770&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cce1ea7f44c43020cd61f419966b3eef673afd14159a8161306173c86885927a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
19 KB
19 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=c1526385&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7e2e1be8384f6f90f4a654fdfb16f0ebd7d4271ec94acd788a109e9c811de755

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
3 KB
3 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=p8058&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e5946ee87ebcfefb18df3c7d593b94d29db5c34671325168053189b58cebf10

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
6 KB
6 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=7deaf02a-5558-4599-8ba4-37cf0f9446e9&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0cb6b6b9b74b58b0de2ac528735d0d8bb2faccbce58f8fe6e09df1330bb0eea2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
6028
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
4 KB
4 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=n3ncmllxmspq5qtxbr6&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
efcd965dd09c386ce4cff78a30a91fd44a7728c723e29b3cc01711930b783117

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
3773
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
4 KB
4 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=l37299&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa1bb1b6146aa8a480bc81a6f6442f43f91c4f247613acd8f4077be6dd2ac539

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
8 KB
8 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=i10290&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
98c5c74e6645eb8febc049e15d3c607b963d55d7a8aaab2a3869e7c7a14e9f0a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
7684
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
18 KB
18 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=cwdkfb19qzh942v82t&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
077f2c2291ad5e65109f1526340daea692ae32f7ad08658a7170649a243d1d5c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
18179
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
18 KB
18 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=i13474&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7dbf2f439c91e0bab5374d8f26e1540337ce87f74ace2c03a60a92e6f400c28c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
18 KB
18 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=nmz9qf8t57d6sk9tw&dimensions=355x295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7e16e52a5782dfad085059aecd3348f104ef3e9ca6ded5200319c90177842d59

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
18611
expires
-1
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=264756843&t=pageview&_s=4&dl=https%3A%2F%2Fhighlands.benefithub.com%2Fapp&dp=%2Fhome&ul=de-de&de=UTF-8&dt=Home%20%7C%20Highlands%20Community%20Charter%20School&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABAAAAAGACIAC~&jid=&gjid=&cid=1456730284.1718357017&tid=UA-44330825-4&_gid=1819305880.1718357017&z=69446745
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f206.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 01:57:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26789
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
default
c.lytics.io/c/232cb4d402b404fece04a9072a6bbd5c/
35 B
360 B
Image
General
Full URL
https://c.lytics.io/c/232cb4d402b404fece04a9072a6bbd5c/default?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ts=1718357020845&_nmob=t&_device=desktop&url=highlands.benefithub.com%2Fapp%2Fhome&_ga=GA1.1.1456730284.1718357017&_uid=c9b01f00-24c6-4d32-b4af-10642080c68c&_v=3.0.35&_uido=c9b01f00-24c6-4d32-b4af-10642080c68c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:40 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5u5zbO9DQz3laiJqf3SzdRRx7X9MFS150htqUBceMhLh7N0t5X2smd6i%2F%2Ff94T7xg01EFt44kTC3IKOELyhhNOuCcs6NonnOyYXZkIAk%2BM90pckHwGAUi9QLC7LIgQWkMtAa6OgMs5sZ"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
3cd9fc822b5f9e53412e000b91ce6a8b
cf-ray
8939435468af3675-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
FileResource
resourcesv3.benefithub.com/ResourceV2/
633 KB
635 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/FileResource?resourceid=LUX6ENLFB7U2BPODR5SQC1JT1CIUYOB0H07LFPO1V6HBG9&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c2c0f55c1ce8f0984d39f251be67d682e99a275e58e5c64de14fdc96b6db4f31

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
647952
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
52 KB
52 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=5142173abd686310a061e784&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f5c50041271633b2056330d71a2c991bc637779c991edb7891c6a33ceab60a6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
53082
expires
-1
GetImage
contentlibrary.benefithub.com/api/ContentAPI/
585 KB
587 KB
Image
General
Full URL
https://contentlibrary.benefithub.com/api/ContentAPI/GetImage?contentId=jb0ntqwfy8p7dsddh4m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.178.14.174 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3a1937dc3fab16dca62c3a6c8c66c7174c8c7202736ac003ce931dc6b7e93e4e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
599164
expires
-1
FileResource
resourcesv3.benefithub.com/ResourceV2/
513 KB
514 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/FileResource?resourceid=WJ5ZDZ9WTGPELN1GP4TH7PL40UMDIZLU8BJJDWVKHC7IGK2&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f6593651d2853f390477e1d53e7218a83da3f72d80ae5cce9faf12113a60896

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
524937
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
30 KB
30 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=6176eb02a1c9ed133cf1e41f&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
98437c8678c8e61f519ec25a0d5ad3f8222649b4539cd5c49245fc8d3bc57ba0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
30489
expires
-1
FileResource
resourcesv3.benefithub.com/ResourceV2/
3 MB
3 MB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/FileResource?resourceid=YFTIYWFBBEUQL2YTLSUWMKP7YAP5CBW3R31BPG9YKQ2QWN0&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0d43990fdcc01493990451019aadda6944f8354acd96f03ac5509e9341c5cf98

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
3088022
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
16 KB
16 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=kjcvyg4qzvtqbh4mqc&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4d3418778d79fda7a053094239d63515606c47385e93d65a6f82a7a543ca1fea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
16560
expires
-1
FileResource
resourcesv3.benefithub.com/ResourceV2/
261 KB
261 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/FileResource?resourceid=Z7UJX0NCQBWGQQNHXM8L2GIGD8CYXBW7MBSWMS1EZEEHY6&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb44441fca52c22d8b828adff1e5a4d7c6580da39b1bd66ade3cb06ec08421f1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
266878
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
60 KB
60 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=51d4449814f1d94864015b48&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
47bd3f25a08449c696fa1fea0538d8a5252cfbe355b6d3d3aaf96dcc5216fe29

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
61296
expires
-1
FileResource
resourcesv3.benefithub.com/ResourceV2/
323 KB
325 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/FileResource?resourceid=HUDQGYUJSZGZFPX1JKJ3WASUXQMN4HJFWQVPKLGABNVCAJY&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a7fc178576c16d67cca4e42b0a3fac60c4c6b734abbee577b34b5395fe6da4e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
331077
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
29 KB
29 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=5e70c83da1c9ed176491252b&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
51ecb1905e6676e26f0af1f8bb656719fb1c89d4444f768670922df65677e53c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
29655
expires
-1
FileResource
resourcesv3.benefithub.com/ResourceV2/
137 KB
138 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/FileResource?resourceid=7L6LFLNYPIWPOATYT65BRXP43LJQOS5HT2MIRQCTM9GWEZD&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b5ba38e3667117a5d21764f6addab178a3b8107e14cf6452345eca71ed967cca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
no-cache
content-length
140645
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
11 KB
11 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=5b9fa53954da3e0b8c2ef1a7&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
edce75834929bcb3998eb37f8eb469cf5c3b3e1ac5cb9e50a1c8dc0fe3de04d9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
10919
expires
-1
FileResource
resourcesv3.benefithub.com/ResourceV2/
681 KB
684 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/FileResource?resourceid=Z9SACG0N1CST6WRYDYS5UAP51Y6SZCW83K5XYMLT7X9BS5&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e743cdf05fd91ee4f378894c83ffb7cdb94c5e89173ec9aa1fcd5af60e691a10

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
696936
expires
-1
GetMerchantLogoV2
resourcesv3.benefithub.com/ResourceV2/
10 KB
10 KB
Image
General
Full URL
https://resourcesv3.benefithub.com/ResourceV2/GetMerchantLogoV2?merchantId=tw04hqbx4kghm48k97&dimensions=original
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.110.203.202 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
49ef656779a799791bff194d51e11bc7178e3ce3b6c1c354fb0cec30028ff114

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache
content-length
9740
expires
-1
common.js
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/
256 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCPUypyddmlVaIGqGxbDjdy4bAq3lvFwPE&libraries=geometry,places&v=3.37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
6e02652bb3712b0d6c86d46b57605d17f3620592c070f87889855a180047079d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 22:13:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
40226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57202
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 22:13:17 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/
182 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCPUypyddmlVaIGqGxbDjdy4bAq3lvFwPE&libraries=geometry,places&v=3.37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
99fef3f878b819e7ed61ba40a1d4cb9aa10a115ce5861823f7d67f5623d4440c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
49741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57145
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 19:34:42 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZS7CW6GWCH&gtm=45je46c0v872441053za200&_p=1718357016070&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1456730284.1718357017&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&sid=1718357017&sct=1&seg=1&dl=https%3A%2F%2Fhighlands.benefithub.com%2Fapp%2Fhome&dt=Home%20%7C%20Highlands%20Community%20Charter%20School&_s=2&tfd=11173&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZS7CW6GWCH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://highlands.benefithub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 09:23:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://highlands.benefithub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LogDetailView
highlands.benefithub.com/api/KevelAPI/
0
2 KB
XHR
General
Full URL
https://highlands.benefithub.com/api/KevelAPI/LogDetailView
Requested by
Host: highlands.benefithub.com
URL: https://highlands.benefithub.com/dist/WebPlatform/bundle.js?_Release-1037-9327-g90aefc086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.10.131.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://highlands.benefithub.com/app/home
sec-ch-ua-platform
"Win32"

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Jun 2024 09:23:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:4432f087-bbc3-47b5-95e3-a1230869b4dd
log
translate.googleapis.com/element/
131 B
152 B
Fetch
General
Full URL
https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.bzfoHxF7-dQ.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqwyp2ZFY3x8JWJbzdfqeuDqYUAzw/m=el_main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Content-Encoding
gzip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/binary
Referer
https://highlands.benefithub.com/
X-Goog-AuthUser
0
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:23:50 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://highlands.benefithub.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
translate.googleapis.com/element/ Frame
0
0
Preflight
General
Full URL
https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://highlands.benefithub.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://highlands.benefithub.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 14 Jun 2024 09:23:50 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| Porthole string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| jstag object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __lytics__jstag__ object| google_tag_manager object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| BH_APP_PUBLIC object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$poly$polylineCodec object| Frames undefined| u_607208262625489200 function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| pathfora function| refreshCustomSections object| pbk object| closure_lm_657490 boolean| ehi-pbk-started

15 Cookies

Domain/Path Name / Value
highlands.benefithub.com/ Name: Localization
Value: {"CountryId":233,"UTCOffset":0,"ShowOnlyLocalCountryOffers":false}
.benefithub.com/ Name: USI
Value: 322e49e8-55af-401b-8254-bad01f27c3de
highlands.benefithub.com/ Name: LoginCountry
Value: true
.benefithub.com/ Name: _gid
Value: GA1.2.1819305880.1718357017
.benefithub.com/ Name: _gat
Value: 1
.highlands.benefithub.com/ Name: seerses
Value: e
.highlands.benefithub.com/ Name: seerid
Value: c9b01f00-24c6-4d32-b4af-10642080c68c
.benefithub.com/ Name: _ga
Value: GA1.1.1456730284.1718357017
.lytics.io/ Name: seerid
Value: 95d704bf99da325a9ee869aa73aa67f6
highlands.benefithub.com/ Name: USI
Value: 322e49e8-55af-401b-8254-bad01f27c3de
.partnerbookingkit.com/ Name: visid_incap_2311331
Value: r4C6Jz5NQmS0TiEneCA5ChsMbGYAAAAAQUIPAAAAAACzG551oWesnyskVomTjoLB
.benefithub.com/ Name: _ga_ZS7CW6GWCH
Value: GS1.1.1718357017.1.1.1718357020.0.0.0
.partnerbookingkit.com/ Name: nlbi_2311331
Value: g8nOcWwJqkHE8QewbKl4vwAAAADNoJBS+YUIl5hw0hKqNGcQ
.partnerbookingkit.com/ Name: incap_ses_259_2311331
Value: IgE8FWSHpkksDH0EOCeYAxwMbGYAAAAAkmWIlzr4m5OtNvsAXE9COQ==
highlands.benefithub.com/ Name: .BHAUTH
Value: 448E88EA387D59E588ED0D35B10883B70B647245BCD9E934BC554506CF817BB750FBBD6D068B813AAB64B9E292CC571245A63214995DB4E2F7CCF8CF8EBD5F67EBB703B2B5206C81FCB6B3200A478239EE6883F5F0C93133F7BDC5F035D2FF3654D08A0BEAB834325E80F3B1601373E3F78404DC3BDD442D53FA62F4CAA3B9F43321D6D7BA3234AE1980350A342EB42938625402702B9922BA26FCEA8440F8D4913DD72EB6FD7DF81F1FAA856CA45F05C78222C577D6DC73D5D56F6BBB85EA9F8D4CA6D88FB6293C7D54B404433A5A7CB4123EDF1CE214CA8BACEEBE742F48FEEF576FDCCDD1AF9EE2B4D0C3742064DA1D9DC194852BC2ECA0BF08F92BBE47BCBB8589797DF749E48CB4712C0DD6CEE50BEEFBE98C88BF0C94113C2736E0FAA298C1E42D0FD28533D45B6A14ECF763B54D73033BFBC6FE4EF8AEA70ADB15B564D03CDB7E084206496426B0C814CCBDE81D618326DD12998B94D05A7E4D091CFE1B110B4000C207B9F03371D1858F8D03E6FF94DA5A05D7DEF6D4D9FED304C9E8B56ABC20E0B0731075B15DF68DA961EFD3C3320741412EE5656F6723422083BEE39F9D77EF70963006622552AFCE00E92020677F952B9F1BCB7A658FFC3678F702771BF92206AD7831CF96256455041EAD908670B90D02EE15FC58E3E4380F5F0F2D0E6AAB9FA9DE39B9BFF33A58BC4F7008B5FE7D28F1528DB67E60135766DD8C830989F50CFD4EA548F31BB84DB9895FF430F1A4A8F2C0FE59E665C0C78C07C6361E2E4002EB917E662E76A92E935E540504DDE9C07D8AB5ACD2FB769CFA4BE2AFB7B6F30647AB7EBF70577E75DE34BEE02EF1DC59150CCD6B4BE412AF788C40F577EF5FC8A45052D13EB6BEFC23B44077B817FCB475DC555D3D2FBD2C9BF873FCEECED5922DB723B80264FAA264B971E1B15631111321F72BB33ED46B8F4FFDCD4E5A75519C8EB707D27207ED155C658CAED5591FBF3D64805635A3B4D50B5EE6B7D31A89AE090C5B71CCA9296E0FD90C926CE75DE3D33583D870121DBAA17A1D17101EA31DC1E02CF57F7E89BAD89FB1E944567F10A92B444582F22D7971E213B5BC0C37FB5069392BB91D0AE9161472063C1E181065CCF2E9C4919F64E307307B599FE7994F6C8B9FD8C92CE47DFAC4C3A7E06AB5DA355344007A0A052F908868F7A63D429CB1637C3351F902F5

3 Console Messages

Source Level URL
Text
network error URL: https://cdn.benefithub.com/locales/en/Common.json?ref=1.Release-1037-9327-g90aefc086
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.benefithub.com/locales/en/Navigation.json?ref=1.Release-1037-9327-g90aefc086
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.benefithub.com/locales/en/Categories.json?ref=1.Release-1037-9327-g90aefc086
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.lytics.io
cdn.benefithub.com
cdn.checkout.com
contentlibrary.benefithub.com
fonts.googleapis.com
fonts.gstatic.com
highlands.benefithub.com
maps.googleapis.com
pbk.partnerbookingkit.com
region1.google-analytics.com
resourcesv3.benefithub.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
widget-cdn.partnerbookingkit.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
13.32.27.123
142.250.181.228
142.250.185.195
142.250.185.227
142.250.185.74
142.250.186.42
172.178.14.174
172.217.16.138
172.217.16.206
20.10.131.207
20.110.203.202
2001:4860:4802:34::36
2606:4700:20::681a:216
2620:1ec:29:1::72
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c04::9b
45.60.33.129
52.222.236.128
001c16660bf98c7f5430cc5dc5c61b6db48fda1c45147f0f04c9b901399be00c
03bf37d67d5c7d80b081a0bc3c7109148fb058dea6c09f0746b72973002f69bd
077f2c2291ad5e65109f1526340daea692ae32f7ad08658a7170649a243d1d5c
0cb6b6b9b74b58b0de2ac528735d0d8bb2faccbce58f8fe6e09df1330bb0eea2
0d43990fdcc01493990451019aadda6944f8354acd96f03ac5509e9341c5cf98
0ec30e9cc7121bd3073ef420ae7ed805e1f5f358288fbc9df99776b89cca027c
122ca848df82a1a8fa009bc72b5d0bd4f8825418fdabec82f2a3aed94e400fa9
1bc59c9ab05aac3e92c1232f2f9023838ea0b1de646d0f494a1f14c3b6d13f16
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1db0a398f8a690a8c9813c58a91a2837f8b16e3b064242d4fe48e14cece9dfe3
1e791be508fd633c85f2ed920bbe4b34b84cfbe8ca5b2cf2e317e629198d86d3
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
20b9c8a2a0774a10dbc00748f6e33ecdfbbaea23c9db201862863b8ed4246be6
21ca78e69223ac2a865598a10992efe15339bdce47c028f5afe87ba437ce8da0
28949bee7997a794f6776f51b3663f9a8038af20197e13168e0312a907a3a1db
320ba3c8c4197a4de9e28c0231687541363c1e77cabe2485d34df8a42907cab0
3794286042b5420fecd697d4b6f00499109c3281952734983ff3b1ab49b743cb
38d74ce509e10ebbc1486a147b97ad41a575013e796ff679ac8a07eedd24b385
398583e507cf6466761a4a47e38fe9f4eb39ed242d82fe02d9b9b29d2210633f
3a1937dc3fab16dca62c3a6c8c66c7174c8c7202736ac003ce931dc6b7e93e4e
3a60aa81e88941e37814645a9a58237e61abbcbcca49eee8b79f9a4ff6464fd6
3c0efc87117613e12fb3de53a652f6014d8ebe590327b22ce8f7f1f2c681275c
3c28ea59937953239b8753a3a792744906fe07a0772019f100010c78886a5673
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
401f4c46d69ae23a1067ff19f4a542846e005d6810ef6433c5492b825d31635d
4231986bb2deed76a296345a264cdd35aad377e0d84f4ccb241bec06fc82b901
43717a87f5a33f3bfb7d0be4c054905fe024306b94885c70e8a67f9d02a321f3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45cdb883dfa5ef2e18b0fcd2ae44c5bbee36e41f47d08e0bfe5b0a082e0908d6
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
47bd3f25a08449c696fa1fea0538d8a5252cfbe355b6d3d3aaf96dcc5216fe29
49ef656779a799791bff194d51e11bc7178e3ce3b6c1c354fb0cec30028ff114
4d3418778d79fda7a053094239d63515606c47385e93d65a6f82a7a543ca1fea
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4ec11f21bb2ca960f6995f8b7a76fb5c01b343d842ae182bd29fc47462059dbd
502b8c4c6d9e212c29cb4f53ae8c7fb48e165f750faa37b3573bc696e616733b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50543f030464eb10db48c4e18d22560a49395f664725bb97cea7ed87d9665e79
51ecb1905e6676e26f0af1f8bb656719fb1c89d4444f768670922df65677e53c
552e92b350fd053dfe894534241cb21fb7fc8c4fbddfcfc74f3bec9b640d14f5
5ac7bece26a6beb7261894603e090b5a8ffc6213875f7c3475264e9aae863040
5b7fb2903f566adae50e590c42b14a122c154f5bcf1bd466a327198d4e9db744
5bfb5ab5b5af49546a8d1a65db69b12f6420ea2b14fd3c845bae43fc6d740e3a
5da307deda088cace889da6c72a9f8bc2e8a8d289081e17cdae6f4c476f28106
5e5946ee87ebcfefb18df3c7d593b94d29db5c34671325168053189b58cebf10
5eb4e8a163c821e201375334aa0e088f25a820f81f4fb234ae1ff0d83c243f44
60839c6d74f3420c7b860f47cd381366f7312b95abe96a23414a7a7094c8d37e
60950bfd962aaed42e44d3a81ddde4583d6288fd5e036b3de95294b41655e747
60e06a50e7390cd6faf5c79cff132af466a4385e56189059275fc4df9d9c1b54
613758334233cee0940a35d528c78606a084891099b63a0531d81718c2522ff5
630e4adf0f10ea669fad7776d4b6040d5062b67ee77f6cfab041553c79fda143
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
65f5c5a7ee31104ae62fd7adb8b3e2bb5447939d6d14c19e8c3517031aaff693
6953682c0ea668bba8f2d7259f4227f9edc14e69115084b7d9b7f32a177513b8
6aa41771685d49fc35e7cc56c863573ee1378702476a909831d7f2b93ce2ac09
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aeb678c209c97bff4eca5b033f3d3e9ef6c71cc5836df9afb57f705804d3f9f
6e02652bb3712b0d6c86d46b57605d17f3620592c070f87889855a180047079d
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
728fe00bf983dbff609ee5fe275d39e55860c912cc23d7ec2430a614bbfa6aeb
73361ec61e33325a61b6b6b64de2531285f1462c78909945bec9621ab35cf419
74865d0e48c45c5301f48afebe3c1732700e707e21c741ba11c79ff646d6ad6c
7a3ed23c39cf1cc89d8c3b86f7ae78d679c673416d20f1b4f90ce4e7fcf43d01
7b3bd9b5d73213774207663b6992c023876972c4f590a7d499f437232bc758a8
7be2b36156235240faa6ed6c88fe543c36b3d2794850bc45b18ee77b48b84737
7dbf2f439c91e0bab5374d8f26e1540337ce87f74ace2c03a60a92e6f400c28c
7e16e52a5782dfad085059aecd3348f104ef3e9ca6ded5200319c90177842d59
7e2e1be8384f6f90f4a654fdfb16f0ebd7d4271ec94acd788a109e9c811de755
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7f6c99a386a6949c2ff4bd76ce358413497722b2b11343556dac590eedd26c36
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837963cf2d305a05c4fdda1752769b22e86bfaeacba500fc633e3cf7fb852f28
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
891e8616d4a77b1df95638c5c73903535693c12001bbd378d19c2189b52c442f
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
965d80d22262565b10674008ec49f4a3780d7e4327e2131245925f223e764ea7
98437c8678c8e61f519ec25a0d5ad3f8222649b4539cd5c49245fc8d3bc57ba0
98c5c74e6645eb8febc049e15d3c607b963d55d7a8aaab2a3869e7c7a14e9f0a
99fef3f878b819e7ed61ba40a1d4cb9aa10a115ce5861823f7d67f5623d4440c
9f6593651d2853f390477e1d53e7218a83da3f72d80ae5cce9faf12113a60896
a25ed9afd073124f97ed2d6d44d10a28ac2e40970431813bae60ecf8273dc29b
a3e30e17441c5a29c2f4c95c597d45a220d32a651d9b8ca9c5059d2c745ad3e5
a631864ac9c0c0918dac54e0d8776aa4ff4b6de0fd913ec5276f1d1773b23f7f
a7fc178576c16d67cca4e42b0a3fac60c4c6b734abbee577b34b5395fe6da4e2
a8275a6894a1fdb03a7dc55037f2535c8cb10edb764ab92c06ef534575fcd56a
a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
acf0ddab52fee04c78fd9c58671f746de519baf031d711cc050374e61d08e7c6
ae704aa0842cf7e019d61d268eb9b3203ac02a1785841c298a032209938f978c
aed3bcb734c4a6d9a0b941043094b75498b5b77a6b32aabe5f49d197e5b1d914
b01adfe1e372d509c886ab75ab5df2fc0fc6ea3830a2cca38c9b791191d898a4
b18f04916ef2d67edd192a5ec4fad99b1417b224e7de38092da9e48a02dd57cc
b5ba38e3667117a5d21764f6addab178a3b8107e14cf6452345eca71ed967cca
ba7857e8396ebe2f0c9416e228b402926f5623144106eed605751cb8413a56c1
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb4342490d003f881a1a689d6884bfdd87832d2325a1d7e7d6a2845bf2d6936f
bb9b7162c1a6281bfc0467d0faf131b5811dc02abc6f0a3e859dcb50c9a35f90
be01ca1fde2b4cac1b283abd1358abaac463ae4a40b8da01d0d4295172ea870a
be31cc6f5ad4f089f1a4a804709695eb70f481268e6b28add3be269aff468f30
c0d22cec83d6202205c0c4f032831100c6d7c9fc65d949c8bae6ea0f3ee39516
c1784c39cafdda03071e41c88e35dbda7cea66d9af1485a8f819254d958d7f28
c2c0f55c1ce8f0984d39f251be67d682e99a275e58e5c64de14fdc96b6db4f31
c2e079f3297065592fc6b3f2908c786c8f914583821b6ed2fe02e44cd90f1ab9
c3274a8945ca180b6d77dba581f68f5f4bc58e8f258d5d5e9a05a3e98aebfd44
c4215b212bbcdfc4fc551a0e05016a725539aed5952a8091ab04e41d3042df24
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c473bff7e7207c66b6874d30581be5f553db8ba6c5a18681a13ca88894bc0ec2
c990541a5fb5f2f0cca411d075dc22e91984cb6715f5422c66edb49435dd9c2f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb999307a9fd1d7aa51b3277092caf92b2150d4876176222877d3335857fa20
cce1ea7f44c43020cd61f419966b3eef673afd14159a8161306173c86885927a
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
d21a319b7748e17510b5826ca3eb1b81d4f7497008e4317db681ef7f3bb9f1c4
d3430378f2bce117aa09a1cad910143fd3a68a6a1377c0acae0618f5f96288fd
d52ca34ef5cba6b06b576f7029218b03e42c7eac0fdf9851c76b94fc79ba628e
d953a6326f8061954932d65611dfc2a964c21e5fa158a7e45a93ece64dc818ce
d99fe652558d39c8aedd36a2245436c447e8eb817e1c664b81c652a941615986
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb9f3773c4a68652236524a8e19a85813520dca63848725faf56580dc058dcd
dfea24d62fc9e9b1ea8840899b61b3f36c26e3185c9d7d1f7b75416ed4c0c36b
e0bc60de0d7b7cab94914f7591a114030d613d1c3813a54674285150d11aae6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e743cdf05fd91ee4f378894c83ffb7cdb94c5e89173ec9aa1fcd5af60e691a10
e905bf19cad69bace88333878b67390ea9defb763ad280c2915f3cbeb529fce0
eb212ba60a1ce25b977f4e7cfd896fca4a316e15545b811b22a81cb79d116f2c
edce75834929bcb3998eb37f8eb469cf5c3b3e1ac5cb9e50a1c8dc0fe3de04d9
ee9456e6a8af5039152379285556a15a986a601a75deda94970f2579e02a1c52
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcd965dd09c386ce4cff78a30a91fd44a7728c723e29b3cc01711930b783117
f21e96de7e18878aa5ee76b5e3d44e867cfc5601628904fb7210c4521eee4f7e
f5c50041271633b2056330d71a2c991bc637779c991edb7891c6a33ceab60a6e
f69de23974d4dbaa97c55fa3a62838a0a08f2ed2425fc55490052abfdf874d3f
f6a7ace6067cfa8474a3cc0063f86f7993d5750b237dd1362dcb6ab33292cafb
f78f6d065eb4127eb005315b4070d3cef77952df44292637fea973d7190a6374
fa1bb1b6146aa8a480bc81a6f6442f43f91c4f247613acd8f4077be6dd2ac539
fb44441fca52c22d8b828adff1e5a4d7c6580da39b1bd66ade3cb06ec08421f1
ffc887a5636cc9e05a5ad76661df8bd0a93b83684bdba03c7d3643f716e791e1