urlscan.io logo urlscan.io
SecurityTrails logo

www.plumbenefits.com Open in urlscan Pro
104.18.16.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e.email.plumbenefits.com/click?EbHlubi5sYWlAbGVuZGluZ3RyZWUuY29t/CeyJtaWQiOiIxNjkxNDE3OTQ0MDAwMzE3MzJlYzBjNDk3IiwiY3QiOiJ...
Effective URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Emai...
Submission: On August 07 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 104.18.16.48, located in and belongs to CLOUDFLARENET, US. The main domain is www.plumbenefits.com. The Cisco Umbrella rank of the primary domain is 200002.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 30th 2023. Valid for: a year.
This is the only time www.plumbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 96.47.20.26 46263 (EDIALOG)
12 104.18.16.48 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
18 3
Apex Domain
Subdomains		 Transfer
13 plumbenefits.com
e.email.plumbenefits.com — Cisco Umbrella Rank: 148145
www.plumbenefits.com — Cisco Umbrella Rank: 200002
159 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6398
19 KB
18 2
Domain Requested by
12 www.plumbenefits.com www.plumbenefits.com
4 challenges.cloudflare.com www.plumbenefits.com
challenges.cloudflare.com
1 e.email.plumbenefits.com 1 redirects
18 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-30 -
2024-04-29		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Frame ID: F5130DD434F425EE1461DC8DD2DC9E4E
Requests: 18 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wuakx/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: FC4EC154B2451383D0477C04A5E9CCEC
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/q3wt2/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: B7BD16FA75C7B8EE4E2874BB39F6B443
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://e.email.plumbenefits.com/click?EbHlubi5sYWlAbGVuZGluZ3RyZWUuY29t/CeyJtaWQiOiIxNjkxNDE3OTQ0MDAwMzE3MzJ... HTTP 302
    https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insur... Page URL
  2. https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insur... Page URL

Page Statistics

18
Requests

89 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

178 kB
Transfer

445 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.email.plumbenefits.com/click?EbHlubi5sYWlAbGVuZGluZ3RyZWUuY29t/CeyJtaWQiOiIxNjkxNDE3OTQ0MDAwMzE3MzJlYzBjNDk3IiwiY3QiOiJlYmctcGItODFmM2ZjZTkwOTk3ODQ3MmU4NjI0ZDRlYTJiY2IyODItMSIsInJkIjoibGVuZGluZ3RyZWUuY29tIn0/HWkhfZWJncGJfTkRCQU0wODA3MjAyM2M5OTA2NTRiMSxlYjMsaHR0cHM6Ly93d3cucGx1bWJlbmVmaXRzLmNvbS90cmF2ZWw/qP3RhYj1oJnV0bV9jYW1wYWlnbj1OYXYtSG90ZWxzJnV0bV9tZWRpdW09QXVndXN0LTctMjAyMy1TcG90LVBldC1JbnN1cmFuY2UmdXRtX3NvdXJjZT1FbWFpbCZmcm9tYnVsbGV0aW49MSZjbHRoYXNoPWZlM2Y0OWU1ZTk1MWVjY2I2YmQ3NGQwM2EyMWMwOTFmYmI5ZGI3OWMmY21waWQ9MzA1MTYmdWlkPTE3NjYwOTk0JmNvbnZfc291cmNlPXpldGEmYnRfZWU9ZU1kT0RWSUU1ODREZkdEM3JSRmFNQ0I3JTJCanpLb0prdE9BWEFMTzUlMkZ1YW0waXB2bm5nZzJOTWlNMmhPMGMxWU0mYnRfdHM9MTY5MTQxNzUwOTMyOQ/sei6027941f HTTP 302
    https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329 Page URL
  2. https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://e.email.plumbenefits.com/click?EbHlubi5sYWlAbGVuZGluZ3RyZWUuY29t/CeyJtaWQiOiIxNjkxNDE3OTQ0MDAwMzE3MzJlYzBjNDk3IiwiY3QiOiJlYmctcGItODFmM2ZjZTkwOTk3ODQ3MmU4NjI0ZDRlYTJiY2IyODItMSIsInJkIjoibGVuZGluZ3RyZWUuY29tIn0/HWkhfZWJncGJfTkRCQU0wODA3MjAyM2M5OTA2NTRiMSxlYjMsaHR0cHM6Ly93d3cucGx1bWJlbmVmaXRzLmNvbS90cmF2ZWw/qP3RhYj1oJnV0bV9jYW1wYWlnbj1OYXYtSG90ZWxzJnV0bV9tZWRpdW09QXVndXN0LTctMjAyMy1TcG90LVBldC1JbnN1cmFuY2UmdXRtX3NvdXJjZT1FbWFpbCZmcm9tYnVsbGV0aW49MSZjbHRoYXNoPWZlM2Y0OWU1ZTk1MWVjY2I2YmQ3NGQwM2EyMWMwOTFmYmI5ZGI3OWMmY21waWQ9MzA1MTYmdWlkPTE3NjYwOTk0JmNvbnZfc291cmNlPXpldGEmYnRfZWU9ZU1kT0RWSUU1ODREZkdEM3JSRmFNQ0I3JTJCanpLb0prdE9BWEFMTzUlMkZ1YW0waXB2bm5nZzJOTWlNMmhPMGMxWU0mYnRfdHM9MTY5MTQxNzUwOTMyOQ/sei6027941f HTTP 302
  • https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
travel
www.plumbenefits.com/
Redirect Chain
  • https://e.email.plumbenefits.com/click?EbHlubi5sYWlAbGVuZGluZ3RyZWUuY29t/CeyJtaWQiOiIxNjkxNDE3OTQ0MDAwMzE3MzJlYzBjNDk3IiwiY3QiOiJlYmctcGItODFmM2ZjZTkwOTk3ODQ3MmU4NjI0ZDRlYTJiY2IyODItMSIsInJkIjoibGV...
  • https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=...
8 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cd87004459fa6aeaa473e5b3551c25ba2eb7dc5c1c945b7658d7f6d4383ca8
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7f30e8e47af046a9-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 07 Aug 2023 16:31:24 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=5184000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 16:31:24 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Server
Apache
Strict-Transport-Security
max-age=60
X-Powered-By
PHP/7.3.33
challenges.css
www.plumbenefits.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/cdn-cgi/styles/challenges.css
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Aug 2023 16:29:35 GMT
server
cloudflare
etag
W/"64cd276f-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7f30e8e4bb5646a9-SIN
expires
Mon, 07 Aug 2023 18:31:24 GMT
v1
www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f30e8e47af046a9
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c565e07408e2e8c8ff8fdbb6276ef1e761eb44b29e4e222b2c8eac52356bfa
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329&__cf_chl_rt_tk=K_hDZgQjRdz_fv.pI81pCg6JFPIHpcL7twyxkqkr6Qk-1691425884-0-gaNycGzNDhA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:31:24 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f30e8e4dd0d3f7d-SIN
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/74ac0d47/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f30e8e47af046a9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376

Request headers

Referer
Origin
https://www.plumbenefits.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:31:25 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f30e8e54bdfa198-SIN
alt-svc
h3=":443"; ma=86400
favicon.ico
www.plumbenefits.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.plumbenefits.com/favicon.ico
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
407850be24966f8f856ebd266131f6668046fe464baaf41b2b1c2392c1eefbf3
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:31:24 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7f30e8e52d613f7d-SIN
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
bda71949-5171-4c7b-bf54-587a6be15901
https://www.plumbenefits.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.plumbenefits.com/bda71949-5171-4c7b-bf54-587a6be15901
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
771cc7be64b1cd8
www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/flow/ov1/3105608:1691424792:mgztZzk9PpVs-oT0w4ATd0MpEhxH3buFUpDDenHnj70/7f30e8e47af046a9/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/flow/ov1/3105608:1691424792:mgztZzk9PpVs-oT0w4ATd0MpEhxH3buFUpDDenHnj70/7f30e8e47af046a9/771cc7be64b1cd8
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f30e8e47af046a9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8167438069b2a0f132c51f9ffeeeed82dd1d8b9756494e16aea0974fbc71612e
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge
771cc7be64b1cd8
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 07 Aug 2023 16:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7f30e8e5ef463f7d-SIN
alt-svc
h3=":443"; ma=86400
cf-chl-gen
VjoI51oAfA5V24feIThzJx7q2df0rr9zsVwHTXMVbhoFeni2o4/aJBZvLwOUGuwU$IqZKd6MGmGF9PW+ocTWyHw==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wuakx/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame FC4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wuakx/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f30e8e64eaf4c89-SIN
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 16:31:25 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
771cc7be64b1cd8
www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/flow/ov1/3105608:1691424792:mgztZzk9PpVs-oT0w4ATd0MpEhxH3buFUpDDenHnj70/7f30e8e47af046a9/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/flow/ov1/3105608:1691424792:mgztZzk9PpVs-oT0w4ATd0MpEhxH3buFUpDDenHnj70/7f30e8e47af046a9/771cc7be64b1cd8
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f30e8e47af046a9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6956d3c1364c61d0256abeb43dd90aac0fd3b7617c358c185b9ab0d4c8782dc5
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge
771cc7be64b1cd8
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
WbOBCMVKLMBaWZFdjb0VGigbh4efcsH3a/hbq+4p33J8UJEsMU7XQ1DAdKOCrocoOSwwTtWc+GEqSlg7ypOu7tDwJMOOfM+BWLejwRNvu0Y=$byYvpAnkGJLx40BIBlvFuw==
cf-chl-out-s
rY3csUmwuQiwycC+cg0fqlq6JVkyPPmTaOznZZiGzt8poaT9muugxR6BiYvzW9FsM9V2090n26HkYTN5AoSpLQ==$dRbCdd+EWdU2QoHZMOJNBg==
date
Mon, 07 Aug 2023 16:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
7f30e8e799683f7d-SIN
alt-svc
h3=":443"; ma=86400
Primary Request travel
www.plumbenefits.com/ 		8 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f30e8e47af046a9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77aaa07692c9b043a4124c3be19d4b963513a5f171d1f6a106fdb7fa3c29a830
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7f30e8f7eb203f7d-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 07 Aug 2023 16:31:28 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=5184000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
challenges.css
www.plumbenefits.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/cdn-cgi/styles/challenges.css
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Aug 2023 16:29:28 GMT
server
cloudflare
etag
W/"64cd2768-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7f30e8f81b583f7d-SIN
expires
Mon, 07 Aug 2023 18:31:28 GMT
v1
www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f30e8f7eb203f7d
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b64dc1f73b112b4ce8384e81727fa32102e07d60d756b09f66198aa686b07fe3
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329&__cf_chl_rt_tk=ohfAFBXfZ6QspygmAaVpImnODx1EgWNRVwnyyYqwBrU-1691425887-0-gaNycGzNDiU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:31:28 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f30e8f82b753f7d-SIN
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/74ac0d47/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f30e8f7eb203f7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376

Request headers

Referer
Origin
https://www.plumbenefits.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:31:28 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f30e8f86829a198-SIN
alt-svc
h3=":443"; ma=86400
favicon.ico
www.plumbenefits.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.plumbenefits.com/favicon.ico
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afbd2d829d6aaeea26fc3a43e2e6eb70363ce6c1bf5b8d412d8cbe4ed5ec1505
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:31:28 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7f30e8f86bb73f7d-SIN
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
4df474c9-c0eb-4897-bc5f-c2e3a5d6c9f2
https://www.plumbenefits.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.plumbenefits.com/4df474c9-c0eb-4897-bc5f-c2e3a5d6c9f2
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
824a06eae1450cc
www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/flow/ov1/115411568:1691424724:mGDEuaktHnQYW5Pltuw3j8cV51g6rJwVBcRHOYXhYWI/7f30e8f7eb203f7d/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/flow/ov1/115411568:1691424724:mGDEuaktHnQYW5Pltuw3j8cV51g6rJwVBcRHOYXhYWI/7f30e8f7eb203f7d/824a06eae1450cc
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f30e8f7eb203f7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0cde25aedc6403fedf931f64e19111bbc33b5d9aa8ae7db16a21022793f7076
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge
824a06eae1450cc
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 07 Aug 2023 16:31:28 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7f30e8f90c973f7d-SIN
alt-svc
h3=":443"; ma=86400
cf-chl-gen
nsgFDv5f06xKUTB5Ws7nHkGIT1B3xYRPKpH7PLRHMHJYfRPiYf/aKU+AFZfB+cik$zQ8XZVlind1784N66lMm+w==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/q3wt2/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame B7BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/q3wt2/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f30e8f949c74c89-SIN
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 16:31:28 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
824a06eae1450cc
www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/flow/ov1/115411568:1691424724:mGDEuaktHnQYW5Pltuw3j8cV51g6rJwVBcRHOYXhYWI/7f30e8f7eb203f7d/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/flow/ov1/115411568:1691424724:mGDEuaktHnQYW5Pltuw3j8cV51g6rJwVBcRHOYXhYWI/7f30e8f7eb203f7d/824a06eae1450cc
Requested by
Host: www.plumbenefits.com
URL: https://www.plumbenefits.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f30e8f7eb203f7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7cb1420fbe3e62a889a2ed157715fd65fea3506b39c1b8ce24e700ed99cfdc0
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge
824a06eae1450cc
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
M/4t9nkffFzDsxkC3Rk4R7n4liE57eew1KWJUM5b6nj6mepR8i3EqwxI8084n7uhsqECD7ZW0nEZDPBJ+8gJ7dRNVmpWjI4d9/jO+NZ3DKA=$LAP8MiNWKVwiVqy5D1uGbw==
cf-chl-out-s
+I7Oq982ltvtgm6r9bjPxSu41Pdr2dODZfJ4Xyt1GqQVV3c9qGLrjXwVg3AfaREMeAesb7mSDbfC8LoOP0Iz/XTfLo+BT4Q26/wSvpZoXsWNXLpDx1ka7mc6Mnge/YYYW83UY73B8UByr41F5l0fiJdoZQEmnhIdd7QqU6StqAs=$rkx8mXoBs/z2zZgPgf+iGQ==
date
Mon, 07 Aug 2023 16:31:28 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
7f30e8fa7e7d3f7d-SIN
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| OmMkiGZRYC function| JxrZVR3 function| aJ4 boolean| hB6 function| jONVS1 function| nmb6 function| nS3 function| YwhN0 object| PQf2 object| JkGxse9 object| turnstile boolean| nYmegH0 string| iDYwS6

2 Cookies

Domain/Path Name / Value
.plumbenefits.com/ Name: __cf_bm
Value: 8KgVgrdYjqjLPB_hWZTRhKrc8H9.2Qc0T1YiNt5j9hE-1691425884-0-AZl4cocqtnVRE4hQOSFHENWjMHGQn1wbwadrZc+akfOY/bhGgt9A6WrZEwqLdZ68972t9LsSbRcF/VJRcvcraAE=
www.plumbenefits.com/ Name: cf_chl_rc_ni
Value: 1

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.plumbenefits.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://www.plumbenefits.com/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=August-7-2023-Spot-Pet-Insurance&utm_source=Email&frombulletin=1&clthash=fe3f49e5e951eccb6bd74d03a21c091fbb9db79c&cmpid=30516&uid=17660994&conv_source=zeta&bt_ee=eMdODVIE584DfGD3rRFaMCB7%2BjzKoJktOAXALO5%2Fuam0ipvnngg2NMiM2hO0c1YM&bt_ts=1691417509329
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.plumbenefits.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN