Submitted URL: https://benefitinsite.com/
Effective URL: https://winstonbenefits.com/
Submission: On May 16 via api from US — Scanned from NL

Summary

This website contacted 22 IPs in 4 countries across 19 domains to perform 71 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is winstonbenefits.com.
TLS certificate: Issued by E1 on March 28th 2024. Valid for: 3 months.
This is the only time winstonbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
38 141.193.213.10 209242 (CLOUDFLAR...)
3 184.24.77.156 20940 (AKAMAI-ASN1)
2 104.18.10.207 13335 (CLOUDFLAR...)
3 172.67.39.148 13335 (CLOUDFLAR...)
1 142.250.185.168 15169 (GOOGLE)
2 104.16.139.209 13335 (CLOUDFLAR...)
4 172.217.16.202 15169 (GOOGLE)
1 104.18.141.119 13335 (CLOUDFLAR...)
1 184.24.77.146 20940 (AKAMAI-ASN1)
1 162.159.128.61 13335 (CLOUDFLAR...)
2 104.16.107.254 13335 (CLOUDFLAR...)
1 104.18.138.17 13335 (CLOUDFLAR...)
1 172.64.153.27 13335 (CLOUDFLAR...)
1 104.16.160.168 13335 (CLOUDFLAR...)
1 216.239.34.36 15169 (GOOGLE)
1 173.194.76.157 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
3 104.19.175.188 13335 (CLOUDFLAR...)
1 104.18.80.204 13335 (CLOUDFLAR...)
2 104.16.117.116 13335 (CLOUDFLAR...)
1 104.16.118.116 13335 (CLOUDFLAR...)
71 22
Apex Domain
Subdomains
Transfer
38 winstonbenefits.com
winstonbenefits.com
5 MB
4 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4333
forms-na1.hsforms.com — Cisco Umbrella Rank: 6937
5 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 361
180 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 448
p.typekit.net — Cisco Umbrella Rank: 565
48 KB
3 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2393
forms.hubspot.com — Cisco Umbrella Rank: 5442
3 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4069
28 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4572
forms.hscollectedforms.net — Cisco Umbrella Rank: 4722
26 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2460
js-na1.hs-scripts.com — Cisco Umbrella Rank: 6402
2 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103
83 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
256 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
256 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2225
21 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2189
23 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5201
88 KB
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2031
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6801
154 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
1 benefitinsite.com
benefitinsite.com
544 B
71 19
Domain Requested by
38 winstonbenefits.com winstonbenefits.com
4 maps.googleapis.com winstonbenefits.com
maps.googleapis.com
3 forms.hsforms.com js.hsforms.net
winstonbenefits.com
3 static.addtoany.com winstonbenefits.com
static.addtoany.com
3 use.typekit.net winstonbenefits.com
use.typekit.net
2 track.hubspot.com
2 maxcdn.bootstrapcdn.com winstonbenefits.com
maxcdn.bootstrapcdn.com
1 forms.hubspot.com js.hsleadflows.net
1 js-na1.hs-scripts.com js.hs-analytics.net
1 forms-na1.hsforms.com winstonbenefits.com
1 www.google.de winstonbenefits.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 player.vimeo.com winstonbenefits.com
1 p.typekit.net use.typekit.net
1 js.hsforms.net winstonbenefits.com
1 js.hs-scripts.com winstonbenefits.com
1 www.googletagmanager.com winstonbenefits.com
1 benefitinsite.com 1 redirects
71 24

This site contains links to these domains. Also see Links.

Domain
goo.gl
www.linkedin.com
twitter.com
www.myvipbenefits.com
www.bbinsurance.com
Subject Issuer Validity Valid
winstonbenefits.com
E1
2024-03-28 -
2024-06-26
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-03-27 -
2024-06-25
3 months crt.sh
static.addtoany.com
E1
2024-04-23 -
2024-07-22
3 months crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
hs-scripts.com
E1
2024-04-01 -
2024-06-30
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
hsforms.net
GTS CA 1P5
2024-04-15 -
2024-07-14
3 months crt.sh
player.vimeo.com
E1
2024-03-29 -
2024-06-27
3 months crt.sh
hscollectedforms.net
E1
2024-03-29 -
2024-06-27
3 months crt.sh
hsleadflows.net
E1
2024-04-05 -
2024-07-04
3 months crt.sh
hs-banner.com
E1
2024-04-01 -
2024-06-30
3 months crt.sh
hs-analytics.net
GTS CA 1P5
2024-04-13 -
2024-07-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.google.de
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
hsforms.com
GTS CA 1P5
2024-04-17 -
2024-07-16
3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2024-01-06 -
2024-12-31
a year crt.sh

This page contains 3 frames:

Primary Page: https://winstonbenefits.com/
Frame ID: D6967FCFCD816042FF465A016966049E
Requests: 70 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 9D54FAD23A2E6D43A3A3CEAB3A224001
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/377885765?dnt=1&app_id=122963&controls=1&rel=0&hd=1&autohide=1
Frame ID: 34A6B2B8E462E4FAF27AB0FEDFD4BEC2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Home - Winston Benefits

Page URL History Show full URLs

  1. https://benefitinsite.com/ HTTP 302
    https://winstonbenefits.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

71
Requests

100 %
HTTPS

0 %
IPv6

19
Domains

24
Subdomains

22
IPs

4
Countries

5645 kB
Transfer

9005 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://benefitinsite.com/ HTTP 302
    https://winstonbenefits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
winstonbenefits.com/
Redirect Chain
  • https://benefitinsite.com/
  • https://winstonbenefits.com/
56 KB
13 KB
Document
General
Full URL
https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
92d89b0d7d958eef5d05cde4c79c80089d9ebb11902dbccd3b8694bb3c625228

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
884730471ddd9f1c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 16 May 2024 00:18:07 GMT
link
<https://winstonbenefits.com/wp-json/>; rel="https://api.w.org/" <https://winstonbenefits.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://winstonbenefits.com/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 10
x-cache-group
normal
x-cacheable
SHORT
x-pingback
https://winstonbenefits.com/xmlrpc.php
x-powered-by
WP Engine

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
88473044ea421c90-AMS
content-length
143
content-type
text/html
date
Thu, 16 May 2024 00:18:06 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://winstonbenefits.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QVJDEkfyhgpPhXJry6U11ApMhTqKAOssX5tJeToihZbcnuwT5iAjT8P3pZjNTe5geiJSM0oTrMFI0BtSIqo9oSjC9BHJ9JSQcGfFPZVwpx0N81IXmROrpIWp9co08I6NddeefA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
vaw2rkd.css
use.typekit.net/
3 KB
949 B
Stylesheet
General
Full URL
https://use.typekit.net/vaw2rkd.css
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-156.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
279a39c0cf46dbe8896dd5f43f3ce138e91024b220c81166debd17a9c1cd1b7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 16 May 2024 00:18:07 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
726
style.min.css
winstonbenefits.com/wp-includes/css/dist/block-library/
111 KB
15 KB
Stylesheet
General
Full URL
https://winstonbenefits.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Feb 2024 14:48:23 GMT
server
cloudflare
age
108278
etag
W/"65ddf637-1bae5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f8d9f1c-FRA
alt-svc
h3=":443"; ma=86400
front.min.css
winstonbenefits.com/wp-content/plugins/cookie-notice/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://winstonbenefits.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.16
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Apr 2024 19:12:50 GMT
server
cloudflare
age
985
etag
W/"661d7c32-13c8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f8f9f1c-FRA
alt-svc
h3=":443"; ma=86400
merriweather-plus-montserrat-plus-inconsolata.css
winstonbenefits.com/wp-content/themes/twentysixteen/fonts/
19 KB
1 KB
Stylesheet
General
Full URL
https://winstonbenefits.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Apr 2024 19:16:28 GMT
server
cloudflare
age
76456
etag
W/"661d7d0c-4b81"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f909f1c-FRA
alt-svc
h3=":443"; ma=86400
genericons.css
winstonbenefits.com/wp-content/themes/twentysixteen/genericons/
28 KB
16 KB
Stylesheet
General
Full URL
https://winstonbenefits.com/wp-content/themes/twentysixteen/genericons/genericons.css?ver=20201208
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Apr 2024 19:16:28 GMT
server
cloudflare
age
108278
etag
W/"661d7d0c-6e6b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f919f1c-FRA
alt-svc
h3=":443"; ma=86400
default.css
winstonbenefits.com/wp-content/plugins/tablepress/css/build/
6 KB
2 KB
Stylesheet
General
Full URL
https://winstonbenefits.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.3.1
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5565a2f6d9c7da0b5dd7fc0dc0b441d5d115d87aa1634dc231114cfeecb9d63c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 May 2024 22:32:34 GMT
server
cloudflare
age
540337
etag
W/"6632c302-17c7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f929f1c-FRA
alt-svc
h3=":443"; ma=86400
addtoany.min.css
winstonbenefits.com/wp-content/plugins/add-to-any/
2 KB
599 B
Stylesheet
General
Full URL
https://winstonbenefits.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 May 2024 22:32:25 GMT
server
cloudflare
age
540337
etag
W/"6632c2f9-644"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f939f1c-FRA
alt-svc
h3=":443"; ma=86400
screen.css
winstonbenefits.com/wp-content/themes/winston/assets/css/dist/
838 KB
137 KB
Stylesheet
General
Full URL
https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e42891c01878743982be2b99d9c68f23742cc970b087c17fa8b7c780d5e935

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 16:31:26 GMT
server
cloudflare
age
108278
etag
W/"65bbc75e-d198e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f949f1c-FRA
alt-svc
h3=":443"; ma=86400
dashicons.min.css
winstonbenefits.com/wp-includes/css/
58 KB
35 KB
Stylesheet
General
Full URL
https://winstonbenefits.com/wp-includes/css/dashicons.min.css?ver=6.5.3
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
cloudflare
age
108278
etag
W/"603ffca6-e688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f959f1c-FRA
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/latest/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css?ver=6.5.3
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
874
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
717008
cdn-cachedat
03/18/2024 13:10:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:56 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
151cbba084509525c9d8f957478933e5
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8847304a68be0b30-AMS
cdn-requestpullsuccess
True
page.js
static.addtoany.com/menu/
3 KB
2 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3774
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"e346c2841e4abbb66ee259e9540abb61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilquHBfZwe112MG4lxQJaE1Bl%2F1Semnk9Mh%2BEbXe%2BDx%2BybVbsR4Q5Zk%2F9rOUWhdZ26RQjEtVIN10UNSWhZnKMUDc0iQddFAiLQn431iW1y0ENRlR2c%2FMXDQ7dgMGnGMUgYp3CKA9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
8847304efb3c0b5b-AMS
jquery.min.js
winstonbenefits.com/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://winstonbenefits.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
cloudflare
age
985
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f969f1c-FRA
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
winstonbenefits.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://winstonbenefits.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
age
100880
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a0f989f1c-FRA
alt-svc
h3=":443"; ma=86400
addtoany.min.js
winstonbenefits.com/wp-content/plugins/add-to-any/
129 B
276 B
Script
General
Full URL
https://winstonbenefits.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 May 2024 22:32:25 GMT
server
cloudflare
age
100874
etag
W/"6632c2f9-81"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304f3f0e929f-FRA
alt-svc
h3=":443"; ma=86400
front.min.js
winstonbenefits.com/wp-content/plugins/cookie-notice/js/
8 KB
2 KB
Script
General
Full URL
https://winstonbenefits.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.16
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Apr 2024 19:12:50 GMT
server
cloudflare
age
100880
etag
W/"661d7c32-21fc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304a2fa49f1c-FRA
alt-svc
h3=":443"; ma=86400
functions.js
winstonbenefits.com/wp-content/themes/twentysixteen/js/
7 KB
2 KB
Script
General
Full URL
https://winstonbenefits.com/wp-content/themes/twentysixteen/js/functions.js?ver=20230629
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7487eaab8afc394d9746bcacd476d1ceef806107b0eab0b2059c2b37d10311f6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Apr 2024 19:16:28 GMT
server
cloudflare
age
100874
etag
W/"661d7d0c-1c9e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304f3f0f929f-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
302 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-WRF35LS
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a334de4f29bb25f1ae4ba9c1bea1d941336c700de17c43b22f4018339a384909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102364
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 May 2024 00:18:08 GMT
transparent.png
winstonbenefits.com/wp-content/themes/winston/assets/images/
90 B
201 B
Image
General
Full URL
https://winstonbenefits.com/wp-content/themes/winston/assets/images/transparent.png
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
918a4fbe1d209d6e81e4b08e1d785b324eb7dc02173a37e89d9e76391a086cef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
cf-cache-status
HIT
age
84837
cf-polished
origSize=1078, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
90
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
etag
"639c1278-436"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8847304a2fa69f1c-FRA
service-demo-benefits-admin.png
winstonbenefits.com/wp-content/uploads/2019/10/
11 KB
11 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/10/service-demo-benefits-admin.png
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b957ba61836dff541df58d59631ba3738cd1fc89fd6c74b25f9b32c5383d2d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
cf-cache-status
HIT
age
84837
cf-polished
origFmt=png, origSize=12336
content-disposition
inline; filename="service-demo-benefits-admin.webp"
alt-svc
h3=":443"; ma=86400
content-length
11020
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
etag
"639c1278-3030"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8847304a2fa79f1c-FRA
icon-service-benefits-admin.svg
winstonbenefits.com/wp-content/uploads/2019/10/
2 KB
1 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/10/icon-service-benefits-admin.svg
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ee4147d7c13a15149d75653b28d663b54a4bde465b67cd41785a18d9ed935b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
1145136
etag
W/"639c1278-991"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304b4d8a929f-FRA
alt-svc
h3=":443"; ma=86400
icon-service-employee-eng.svg
winstonbenefits.com/wp-content/uploads/2019/10/
3 KB
1 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/10/icon-service-employee-eng.svg
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afa3440573d8ab782163b344dab303f11c3b5e8f8acd08114aae985d2838f012

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
985
etag
W/"639c1278-aa8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304b4d8b929f-FRA
alt-svc
h3=":443"; ma=86400
service-demo-employee-eng.png
winstonbenefits.com/wp-content/uploads/2019/10/
15 KB
15 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/10/service-demo-employee-eng.png
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d16d170de9caae12542069d829e87e582fcf361dd1b5d2c3e972593ca62b16c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
cf-cache-status
HIT
age
84836
cf-polished
origFmt=png, origSize=16718
content-disposition
inline; filename="service-demo-employee-eng.webp"
alt-svc
h3=":443"; ma=86400
content-length
15288
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 06:38:49 GMT
server
cloudflare
etag
"639c1279-414e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8847304b9dab929f-FRA
service-demo-benefits-comm.png
winstonbenefits.com/wp-content/uploads/2019/10/
13 KB
13 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/10/service-demo-benefits-comm.png
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
825fb9c46669ea9188b2e6cca777c556518d2f4f024cb3d84a3f2f730347c67f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
cf-cache-status
HIT
age
84836
cf-polished
origFmt=png, origSize=15335
content-disposition
inline; filename="service-demo-benefits-comm.webp"
alt-svc
h3=":443"; ma=86400
content-length
13408
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 06:38:49 GMT
server
cloudflare
etag
"639c1279-3be7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8847304f4f16929f-FRA
icon-service-benefits-comm.svg
winstonbenefits.com/wp-content/uploads/2019/10/
3 KB
1 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/10/icon-service-benefits-comm.svg
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c957f9962e91e3b5d70edcbd0ad74a303d1cfed3d4ced077d94c0384a8c420a9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
1145136
etag
W/"639c1278-c82"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304f4f17929f-FRA
alt-svc
h3=":443"; ma=86400
icon-book-demo.svg
winstonbenefits.com/wp-content/uploads/2019/12/
2 KB
951 B
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/12/icon-book-demo.svg
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf542797cb8617fac746fae3db8fc2c0bdea49474d891eff3742a4b061b7d98d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
1145136
etag
W/"639c1278-715"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304f5f18929f-FRA
alt-svc
h3=":443"; ma=86400
icon-watch-video.svg
winstonbenefits.com/wp-content/uploads/2019/12/
2 KB
948 B
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/12/icon-watch-video.svg
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9927407565669318b89c061147f23758d685f40da08d5347da1fae827fb6395

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
108340
etag
W/"639c1278-6fd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304f5f19929f-FRA
alt-svc
h3=":443"; ma=86400
21972-312_SOC_NonCPA.png
winstonbenefits.com/wp-content/uploads/2023/10/
17 KB
17 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2023/10/21972-312_SOC_NonCPA.png
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f02f408293f2ef199360dd847142903d56e53d587eb1873b09862600e72928bd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
cf-cache-status
HIT
age
985
cf-polished
origFmt=png, origSize=33592
content-disposition
inline; filename="21972-312_SOC_NonCPA.webp"
alt-svc
h3=":443"; ma=86400
content-length
16936
cf-bgj
imgq:100,h2pri
last-modified
Tue, 31 Oct 2023 16:32:13 GMT
server
cloudflare
etag
"65412c0d-8338"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8847304f5f1a929f-FRA
129398.js
js.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/129398.js?integration=WordPress&ver=11.1.6
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.139.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c71ec7bc8d72bef06ffdaa62955130a8a560f747d2f0c12bfefcdf0f255f53b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
2ae0985a-36ba-4ce8-8151-613ed6b892b5
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=2064
age
11
x-envoy-upstream-service-time
14
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2ae0985a-36ba-4ce8-8151-613ed6b892b5
cf-bgj
minify
last-modified
Thu, 16 May 2024 00:17:56 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://winstonbenefits.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-d7kd4
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
8847304dcd36b7d9-AMS
expires
Thu, 16 May 2024 00:19:37 GMT
js
maps.googleapis.com/maps/api/
201 KB
68 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDNQmy4MbNgi8t1bF2rXCN5zYAkgdOY0WY
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d4482690843fa65f260b5a8dad9336ccdf494a9b0574f7d529389ebf9b3efe15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69243
x-xss-protection
0
scripts.min.js
winstonbenefits.com/wp-content/themes/winston/assets/js/dist/
38 KB
10 KB
Script
General
Full URL
https://winstonbenefits.com/wp-content/themes/winston/assets/js/dist/scripts.min.js?ver=1
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b0f5f8ad4dc2a94903a64e87289ed7bfcb344df7cb5f5d7f1062b0ed41cbcfa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 03:09:35 GMT
server
cloudflare
age
100875
etag
W/"65bb0b6f-9940"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304e0e9f929f-FRA
alt-svc
h3=":443"; ma=86400
v2.js
js.hsforms.net/forms/embed/
482 KB
154 KB
Script
General
Full URL
https://js.hsforms.net/forms/embed/v2.js?ver=11.1.6
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=8847304f6ed5b968-AMS
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"b0047a8901d8ed9f81db3dcb5982114e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5064/bundles/project-v2.js
date
Thu, 16 May 2024 00:18:08 GMT
x-amz-version-id
4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR
via
1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
c941e64e-e70a-4f57-b1a4-72c84ee87f77
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
c941e64e-e70a-4f57-b1a4-72c84ee87f77
last-modified
Wed, 03 Apr 2024 11:15:05 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7JIhZYqbq3gpydROohtnU7kZAtCMB9ku%2Brx6tOJ3noC9%2BSpOhqRwPWs6OM%2BdgNXw7%2F7OaNZvLpJ58TXh46qVEU7ZPrL736Aa6LN3kclhajnB7n0CzadwIMlhuHxV9ZQ"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx
cf-ray
8847304f6ed5b968-AMS
x-amz-cf-id
OJUpYA2wAqbzlLq_aOXvPolgLhycptTl6urbD9ykYwBTLabG4ZXssQ==
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=vaw2rkd&ht=tk&f=13454.13455.13458.13459&a=86742869&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vaw2rkd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-146.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
last-modified
Fri, 14 Jul 2023 12:44:32 GMT
server
nginx
etag
"64b14330-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
sm.25.html
static.addtoany.com/menu/ Frame 9D54
0
0
Document
General
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://winstonbenefits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
20757
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8847304f69470b7f-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 16 May 2024 00:18:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSeivxXBn8S26LGjslhMi1BIR6MwRd1IOK%2BhrD%2B05RDOl%2FihCgx8zfqtRDd8YzhEqgmJHNDdyQDqdvBIBht82qzh4Zw8vj8EFWvJKOcpbqEcL4J6Z1WH13zWEiUKzgsUa09ueVyX4uf%2B%2BRo%2FBpUFaZzD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.BRQnzO8v.js
static.addtoany.com/menu/modules/
70 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1143
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"25da5432b1057724b8210f17e9b9db05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7PbXvN8%2B9Pa8xfsDFjggAYO0WmV7KcpfOSQNZR1xfVfXXpAsv2oa%2FhFiu5mjChnFiOoY%2FzHsau36ZSaLWwwChmMZVSWeeCEP2NxtigrwX6CKCqeQLTuBbK88LU%2BCFANqG%2FZnM8u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
8847304f69036574-AMS
377885765
player.vimeo.com/video/ Frame 34A6
0
0
Document
General
Full URL
https://player.vimeo.com/video/377885765?dnt=1&app_id=122963&controls=1&rel=0&hd=1&autohide=1
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://winstonbenefits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
8847304fbb9db8c0-AMS
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 May 2024 00:18:08 GMT
Server
cloudflare
Transfer-Encoding
chunked
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires
Fri, 15 Dec 1985 19:30:00 GMT
link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-5b8c477f8d-vqj7k
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-5b8c477f8d-vqj7k
x-player-backend
g
x-served-by
cache-ams21082-AMS
x-timer
S1715818688.964393,VS0,VE367
x-xss-protection
1; mode=block
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/129398.js?integration=WordPress&ver=11.1.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
via
1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
890a9a69-4430-48dc-a971-1a7361b023cd
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=884730517e5966e6-AMS
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
890a9a69-4430-48dc-a971-1a7361b023cd
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-tk5t7
cf-ray
884730517e5966e6-AMS
x-amz-cf-id
w2SGaDCq5GOHjQpPSGblOeohss-SeLXOEMEIWypJ3Qc7xSdBhxP0wg==
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
leadflows.js
js.hsleadflows.net/
551 KB
88 KB
Script
General
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/129398.js?integration=WordPress&ver=11.1.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.138.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
1144
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js&cfRay=884714662e671c77-AMS
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"d252299cef5b9176cf0435e72e0baeeb"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js
date
Thu, 16 May 2024 00:18:08 GMT
x-amz-version-id
FzXUOelq5PzvbDhLOc3Au0ThiCBuXHAc
via
1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
cb086568-f163-4455-a05c-d01ba59f6fe1
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
12
x-evy-trace-route-configuration
listener_https/all
x-request-id
cb086568-f163-4455-a05c-d01ba59f6fe1
last-modified
Wed, 03 Apr 2024 09:27:53 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-w988t
cf-ray
88473051df7eb8a9-AMS
x-amz-cf-id
JPeaho-kX-a1KxGCB2bpQIK7GQ8YCpQee6q66LyGxUdpSDNjQIZH3w==
banner.js
js.hs-banner.com/v2/129398/
71 KB
23 KB
Script
General
Full URL
https://js.hs-banner.com/v2/129398/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/129398.js?integration=WordPress&ver=11.1.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e24ab0f713bfaffea481447977c6c7d9aff076cc617dadbdbb1a517bb47d6947

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
x-amz-version-id
gQeRhstb_zFGu7ExIVkxS6zbD0UCgiEn
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
6VQGFXEBWCV6D9TE
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
dd0b41c3-c73c-4ab1-a124-d851b684f859
age
10
x-envoy-upstream-service-time
95
x-amz-id-2
Z976gbOD5oRLFCsX0BGuw3TxiDFcS7jWamcf11kP1aq7FwN9dkvLRdzJvaIUgWSVqJDRVnspQJ2foQQftJyc/csnPO1Q1ju/lDu9AhMq97M=
x-evy-trace-listener
listener_https
x-request-id
dd0b41c3-c73c-4ab1-a124-d851b684f859
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 15 Apr 2024 13:58:56 GMT
server
cloudflare
etag
W/"e3f4b9afc590322d058a9687972b0a4c"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://winstonbenefits.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
884730517f40b8af-AMS
expires
Thu, 16 May 2024 00:22:58 GMT
129398.js
js.hs-analytics.net/analytics/1715818500000/
67 KB
21 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1715818500000/129398.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/129398.js?integration=WordPress&ver=11.1.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57d3aca192337007769381ed04c249e83bc9b79df8fbe646ea6d076844542ce5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
8EWFPV7PKJ9W9G85
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
4627dd39-b766-4c4a-be6c-5e2877b91af1
age
10
x-envoy-upstream-service-time
66
x-amz-id-2
uCETkm77FyTqMztdx+eM0+DmrDJ+is466Ys4uxtQQYrdY75jfRVIhV+4+nd2vEyCz8SzoTx47jifRN3dYL7a0FDmynJpCxH6
x-evy-trace-listener
listener_https
x-request-id
4627dd39-b766-4c4a-be6c-5e2877b91af1
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 24 Apr 2024 18:12:24 GMT
server
cloudflare
etag
W/"b20ea9142990e6b78db3a35b6c52e490"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-9fld2
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8847305179876570-AMS
expires
Thu, 16 May 2024 00:22:57 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDNQmy4MbNgi8t1bF2rXCN5zYAkgdOY0WY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://winstonbenefits.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
BrandVideoThumbnail_Hero.jpg
winstonbenefits.com/wp-content/uploads/2019/12/
686 KB
686 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/12/BrandVideoThumbnail_Hero.jpg
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
315ef641102a4ced0662ce98dfa823b465c1873a25d0774e98ce7070a6c9e07e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
cf-cache-status
HIT
age
84836
cf-polished
origSize=843062
alt-svc
h3=":443"; ma=86400
content-length
702154
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 06:38:47 GMT
server
cloudflare
etag
"639c1277-cdd36"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8847304f7f26929f-FRA
BrandVideoThumbnail-1600x687.jpg
winstonbenefits.com/wp-content/uploads/2019/12/
218 KB
219 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/12/BrandVideoThumbnail-1600x687.jpg
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
074083bef50dd9729e14d84efc8116e51e2fe7759797dc4ca4e6a95eec6028a6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
cf-cache-status
HIT
age
84836
cf-polished
origSize=226995
alt-svc
h3=":443"; ma=86400
content-length
223676
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 06:38:47 GMT
server
cloudflare
etag
"639c1277-376b3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8847304f7f28929f-FRA
logomark-bg.svg
winstonbenefits.com/wp-content/themes/winston/assets/images/
1 KB
973 B
Image
General
Full URL
https://winstonbenefits.com/wp-content/themes/winston/assets/images/logomark-bg.svg
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b238e72275f2b553e3552cd9ca9945301dfe08103b0ac16c14bdb69a585e2108

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
108277
etag
W/"639c1278-59e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8847304f7f2a929f-FRA
alt-svc
h3=":443"; ma=86400
l
use.typekit.net/af/8dd886/000000000000000000010b5c/27/
23 KB
23 KB
Font
General
Full URL
https://use.typekit.net/af/8dd886/000000000000000000010b5c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vaw2rkd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-156.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
376d6590bd2677d571aa33953ea163add1298a320bd2d22cc6c28f4c9177a804

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/vaw2rkd.css
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
server
nginx
etag
"02ac0f44fc2605ad66d853df88904127aa3b3e9b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23180
9b941ec6-0652-468c-80c6-e7a624c32a75.woff2
winstonbenefits.com/wp-content/themes/winston/assets/fonts/5538957/
31 KB
31 KB
Font
General
Full URL
https://winstonbenefits.com/wp-content/themes/winston/assets/fonts/5538957/9b941ec6-0652-468c-80c6-e7a624c32a75.woff2
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df4e360c6e4171a5db301a97f09a68ad5e7369d1337c5cc9421f376c9f21848

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
100875
etag
"639c1278-7c7c"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
884730503f6f929f-FRA
alt-svc
h3=":443"; ma=86400
content-length
31868
ab57e807-506b-4e1d-aed1-cb2b62dd7258.woff2
winstonbenefits.com/wp-content/themes/winston/assets/fonts/5538983/
31 KB
31 KB
Font
General
Full URL
https://winstonbenefits.com/wp-content/themes/winston/assets/fonts/5538983/ab57e807-506b-4e1d-aed1-cb2b62dd7258.woff2
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc71bbe7d08883195168066a7e4f614423a6112db39541be51f1b58311c23adc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
84837
etag
"639c1278-7ba0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
884730503f71929f-FRA
alt-svc
h3=":443"; ma=86400
content-length
31648
truncated
/
31 KB
31 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

Referer
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
l
use.typekit.net/af/1709eb/000000000000000000010b60/27/
24 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/1709eb/000000000000000000010b60/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vaw2rkd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-156.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/vaw2rkd.css
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
server
nginx
etag
"9bd0488a91630a3c738a4d950e0b0b7930bcb98f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24740
ae8b809e-b8bb-4e75-883c-04fb85429645.woff2
winstonbenefits.com/wp-content/themes/winston/assets/fonts/5538975/
29 KB
30 KB
Font
General
Full URL
https://winstonbenefits.com/wp-content/themes/winston/assets/fonts/5538975/ae8b809e-b8bb-4e75-883c-04fb85429645.woff2
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc042aac239345138496accc9aadc55bb92839a907c712f8db1add1c53aabe3c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
100875
etag
"639c1278-75bc"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
884730503f73929f-FRA
alt-svc
h3=":443"; ma=86400
content-length
30140
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/latest/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/latest/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css?ver=6.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css?ver=6.5.3
Origin
https://winstonbenefits.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
874
age
94805
cdn-cachedat
03/07/2024 09:10:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:56 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
bc4d7699dcb2eb2ff08e6053699d0bf7
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
884730505ba8b98c-AMS
cdn-requestpullsuccess
True
Winston_HomepageHeroVid_V2.mp4
winstonbenefits.com/wp-content/uploads/2019/11/
3 MB
3 MB
Media
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2019/11/Winston_HomepageHeroVid_V2.mp4
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
474dcc8dbcebf8f5e75204ada8cf3105045e0607b06ef855071f833dbc153634

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://winstonbenefits.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
84837
etag
"639c1278-36f0a9"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-3600552/3600553
cache-control
public, max-age=31536000
cf-ray
884730503f66929f-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
3600553
BenAdminAnimation_V2.mp4
winstonbenefits.com/wp-content/uploads/2020/01/
215 KB
0
Media
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2020/01/BenAdminAnimation_V2.mp4
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://winstonbenefits.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:46 GMT
server
cloudflare
age
84837
etag
"639c1276-189345"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1610564/1610565
cache-control
public, max-age=31536000
cf-ray
884730503f67929f-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
1610565
EmpEngEnr_Animation_V2.mp4
winstonbenefits.com/wp-content/uploads/2020/01/
314 KB
0
Media
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2020/01/EmpEngEnr_Animation_V2.mp4
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://winstonbenefits.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:47 GMT
server
cloudflare
age
84837
etag
"639c1277-307437"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-3175478/3175479
cache-control
public, max-age=31536000
cf-ray
884730503f68929f-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
3175479
BenComm_Animation_V3.mp4
winstonbenefits.com/wp-content/uploads/2020/01/
172 KB
0
Media
General
Full URL
https://winstonbenefits.com/wp-content/uploads/2020/01/BenComm_Animation_V3.mp4
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://winstonbenefits.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:46 GMT
server
cloudflare
age
84837
etag
"639c1276-1ea5ea"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2008553/2008554
cache-control
public, max-age=31536000
cf-ray
884730503f69929f-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
2008554
json
forms.hscollectedforms.net/collected-forms/v1/config/
132 B
450 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=129398&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ba504ebcab0768b7b68c93bb54ebdb8a9adbfb807d3c6bf84d0b25a07cf44e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
3b8e965e-288f-4af7-bf51-3b7295ada739
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3b8e965e-288f-4af7-bf51-3b7295ada739
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winstonbenefits.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-rl62l
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
884730538f4b66e6-AMS
collect
region1.analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-T8KNBRX93C&gtm=45Pe45d0v9105898703za200&_p=1715818687882&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=348479292.1715818689&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715818688&sct=1&seg=0&dl=https%3A%2F%2Fwinstonbenefits.com%2F&dt=Home%20-%20Winston%20Benefits&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2646
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-WRF35LS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 00:18:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winstonbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
256 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T8KNBRX93C&cid=348479292.1715818689&gtm=45Pe45d0v9105898703za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-WRF35LS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 00:18:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winstonbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T8KNBRX93C&cid=348479292.1715818689&gtm=45Pe45d0v9105898703za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=306540767
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 00:18:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
forms.hsforms.com/embed/v3/form/129398/e471603e-bf92-42e0-9645-d9f77e067c48/
2 KB
2 KB
XHR
General
Full URL
https://forms.hsforms.com/embed/v3/form/129398/e471603e-bf92-42e0-9645-d9f77e067c48/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js?ver=11.1.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0836d2f608ac4a6a9fcdebfe709d8b193230de34760e983f828016df663f3cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-origin-hublet
na1
date
Thu, 16 May 2024 00:18:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
8a617a6b-af53-4fed-b0c6-ad7ac97da7d2
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8a617a6b-af53-4fed-b0c6-ad7ac97da7d2
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winstonbenefits.com
x-evy-trace-virtual-host
all
access-control-expose-headers
X-Origin-Hublet
access-control-max-age
180
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
x-robots-tag
none
access-control-allow-headers
*
cf-ray
88473055ded60e64-AMS
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-h57s4
loading.svg
winstonbenefits.com/wp-content/themes/winston/assets/images/
1 KB
765 B
Image
General
Full URL
https://winstonbenefits.com/wp-content/themes/winston/assets/images/loading.svg
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9e5d030eada7a475b9da06477e542415711dcf18771532e08819f93227f846

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
age
1145132
etag
W/"639c1278-401"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
884730555906929f-FRA
alt-svc
h3=":443"; ma=86400
slider-controls.png
winstonbenefits.com/wp-content/themes/winston/assets/images/
1 KB
1 KB
Image
General
Full URL
https://winstonbenefits.com/wp-content/themes/winston/assets/images/slider-controls.png
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afa0a1bf2b8ff29e0a3c84e773c765ba81f3fa4c72fa19d27dfdb229e6a0ff62

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/wp-content/themes/winston/assets/css/dist/screen.css?ver=6.5.3
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:08 GMT
cf-cache-status
HIT
age
84836
cf-polished
origFmt=png, origSize=2365
content-disposition
inline; filename="slider-controls.webp"
alt-svc
h3=":443"; ma=86400
content-length
1026
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 06:38:48 GMT
server
cloudflare
etag
"639c1278-93d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
884730555907929f-FRA
counters.gif
forms.hsforms.com/embed/v3/
35 B
881 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
9bd2de70-a69e-46a7-b56e-039e40aaf381
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9bd2de70-a69e-46a7-b56e-039e40aaf381
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fl6gb
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
88473056fbce670c-AMS
counters.gif
forms.hsforms.com/embed/v3/
35 B
846 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
6d8f714b-2d1b-4fc7-af7e-a1bdc1f2bd6f
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6d8f714b-2d1b-4fc7-af7e-a1bdc1f2bd6f
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rcnzv
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
884730570bdb670c-AMS
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
884 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: winstonbenefits.com
URL: https://winstonbenefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
564a6000-1748-49e9-8961-73ca53804c51
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
564a6000-1748-49e9-8961-73ca53804c51
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
8847305748336710-AMS
129398.js
js-na1.hs-scripts.com/
2 KB
659 B
Script
General
Full URL
https://js-na1.hs-scripts.com/129398.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1715818500000/129398.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.139.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9e667090206b8ca117e8607e9061deba70ece900b444de78b90c8a958583d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
7dab780b-166a-4f0c-8dc6-8cdc313e76da
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=2064
age
5647
x-envoy-upstream-service-time
12
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7dab780b-166a-4f0c-8dc6-8cdc313e76da
cf-bgj
minify
last-modified
Wed, 15 May 2024 22:44:02 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://winstonbenefits.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-d7kd4
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
8847305be8f0b7d9-AMS
__ptq.gif
track.hubspot.com/
45 B
732 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=nl-nl&bfp=120088197&v=1.1&a=129398&ct=standard-page&rcu=https%3A%2F%2Fwinstonbenefits.com%2F&pu=https%3A%2F%2Fwinstonbenefits.com%2F&t=Home+-+Winston+Benefits&cts=1715818689899&vi=637c7e49539f12f13a8e1a01304b2afe&nc=true&u=96126531.637c7e49539f12f13a8e1a01304b2afe.1715818689896.1715818689896.1715818689896.1&b=96126531.1.1715818689897&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
74056bcb-ae86-44c2-ae1c-9e0440588ed9
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
18
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
74056bcb-ae86-44c2-ae1c-9e0440588ed9
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0CQnfqELBGWALTPla8Ij8uERmUdgVaMMvSqrTkQ3Thvc%2BwVei2Bc2915laGtkK6apnRNInU3nHG4J3X1uOCTYEhuQH002nsMtIYVF6pjtwIUcwKOpNc%2FX2WnmJ5Bryv%2FNcqn"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-djmcg
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8847305f3f0db89a-AMS
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=e471603e-bf92-42e0-9645-d9f77e067c48&fci=8db90f23-8b24-4e3d-bccc-8662368fc41d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=nl-nl&bfp=120088197&v=1.1&a=129398&ct=standard-page&rcu=https%3A%2F%2Fwinstonbenefits.com%2F&pu=https%3A%2F%2Fwinstonbenefits.com%2F&t=Home+-+Winston+Benefits&cts=1715818689903&vi=637c7e49539f12f13a8e1a01304b2afe&nc=true&u=96126531.637c7e49539f12f13a8e1a01304b2afe.1715818689896.1715818689896.1715818689896.1&b=96126531.1.1715818689897&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
b76df437-e8fd-4f53-9956-c68e9c0278f2
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
9
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b76df437-e8fd-4f53-9956-c68e9c0278f2
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yJbP8PGA%2F8H%2FxzsmmRK0QxFP%2B12qGzHK2Lg%2Ftv0G1bcAOEVlNJd5DIUOg216CwSAPIXNcB052eO72JFnsXru1BBaN6XmNWUR1igVsntLnClXqp1ZJ0q7UF9sU8rbSlrROtd"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-qz296
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8847305f3f0bb89a-AMS
x-robots-tag
none
favicon-32x32.png
winstonbenefits.com/
460 B
711 B
Other
General
Full URL
https://winstonbenefits.com/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b49d5b06ec68813238d4c12c4ab6e99056ed464489d97365a448227842a6bfc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:09 GMT
cf-cache-status
HIT
age
84836
cf-polished
origFmt=png, origSize=1347
content-disposition
inline; filename="favicon-32x32.webp"
alt-svc
h3=":443"; ma=86400
content-length
460
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 06:38:43 GMT
server
cloudflare
etag
"639c1273-543"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8847305c1bc9929f-FRA
json
forms.hubspot.com/lead-flows-config/v1/config/
178 B
1 KB
XHR
General
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=129398&utk=637c7e49539f12f13a8e1a01304b2afe&__hstc=96126531.637c7e49539f12f13a8e1a01304b2afe.1715818689896.1715818689896.1715818689896.1&__hssc=96126531.1.1715818689897&currentUrl=https%3A%2F%2Fwinstonbenefits.com%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9143421f57950c4db94a6040bfe08ecd572559ccacf4733a2c44154bc798df58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 00:18:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
eadb0062-252b-439c-af03-68d51a778f4a
content-encoding
br
x-envoy-upstream-service-time
28
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
eadb0062-252b-439c-af03-68d51a778f4a
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winstonbenefits.com
x-evy-trace-virtual-host
all
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-jbmqh
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ahtZgxuWVlmJULiV%2FIYZy5ILlpMGIGR%2FzdHhxOmR%2BxjPXVIkeFWYO4UwSJkR1zrNFlsGaRz09ZaAVT%2FYiGPmVndWx5qcwwt3MdsrAWWUKwNLpp3NJ4G1GHHSFQuhcW5vGZ3T"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
8847305f38900b5e-AMS
common.js
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/nl_ALL/
256 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/nl_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDNQmy4MbNgi8t1bF2rXCN5zYAkgdOY0WY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f10.1e100.net
Software
sffe /
Resource Hash
dfc9e873d86867a19763c35f5a190ff8b9e3a8e4137d9515ed52aa805ccffb3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:00:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
123446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57327
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:00:46 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/nl_ALL/
182 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/nl_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDNQmy4MbNgi8t1bF2rXCN5zYAkgdOY0WY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f10.1e100.net
Software
sffe /
Resource Hash
29ae0db143d0d9dc6ea8576ae029d266ea38161b5038f3037c99895891b30fc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://winstonbenefits.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
123773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57229
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:55:19 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| a2a_config undefined| $ function| jQuery object| cnArgs object| screenReaderText function| gtag object| dataLayer object| _hsq object| a2a function| a2a_init object| hsFormsOnReady object| leadin_wordpress object| _hsp object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| wpGlobals object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| google_tag_manager object| google_tag_data object| HubSpotForms object| hbspt function| onYouTubeIframeAPIReady object| gaGlobal boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| e boolean| LEAD_FLOW_DOCUMENT_READY_RAN

14 Cookies

Domain/Path Name / Value
.winstonbenefits.com/ Name: __cf_bm
Value: rzULcTtYwToQrRVMkXFmAn4gX0Pw4osh4dSQYROIkH8-1715818686-1.0.1.1-udA52QmtE_rUTHB1CAWDPsrjZSPDRN6Tp9ozJRcupEoEX66in3nuNY6ByfqoMhaISFCtf2nn38UovSv3W6i.UA
.hsforms.net/ Name: __cf_bm
Value: GvBs6LkkqBBM8Wr9POmuRdfulh.u0Mxd.qP5srLa.4Q-1715818688-1.0.1.1-UDa2aNga4Y_h4nENaWQ5.7LIyNV.8ZAIVJXt7kbIuPtGJS8yBawjfuS8mC87bqvDS8axPvbdYMWJshJ9C0fbIA
.vimeo.com/ Name: __cf_bm
Value: pIQJDnhWvCt2XmjWY_jmYnum2GFTzTh5D0Cywb2ZD2o-1715818688-1.0.1.1-dzp_AayJnGJPEkcLtRc_DnpkhO_egp4_OZ8lbLUtPCnIkVW31lWj7hoYgZrWeubo2wrAzu2OUnQcKYRQV_j6nw
.vimeo.com/ Name: _cfuvid
Value: JcXmezU89Yk2EqOK0JvbdCGMIO_LCaJ7GKRVaj66a.o-1715818688332-0.0.1.1-604800000
.winstonbenefits.com/ Name: _ga_T8KNBRX93C
Value: GS1.1.1715818688.1.0.1715818688.60.0.0
.winstonbenefits.com/ Name: _ga
Value: GA1.1.348479292.1715818689
.hsforms.com/ Name: __cf_bm
Value: zZIXlUdw0UfOpk2Djoc2lXj964vTfVYFgeHZnMvgoZQ-1715818689-1.0.1.1-si9mi9.CF.IlOJYOxToaG1zSOTuK4PGhs8ji0EfPSi0z39xgCqSuQRCXCT.uDGjKYQ_2H4WO10eHgDM4v0DN4A
.hsforms.com/ Name: _cfuvid
Value: DiWAgaSE1BDOmROTs3Fe_8eMaQTWkis9oWaRuw1QOgw-1715818689267-0.0.1.1-604800000
.winstonbenefits.com/ Name: __hstc
Value: 96126531.637c7e49539f12f13a8e1a01304b2afe.1715818689896.1715818689896.1715818689896.1
.winstonbenefits.com/ Name: hubspotutk
Value: 637c7e49539f12f13a8e1a01304b2afe
.winstonbenefits.com/ Name: __hssrc
Value: 1
.winstonbenefits.com/ Name: __hssc
Value: 96126531.1.1715818689897
.hubspot.com/ Name: __cf_bm
Value: HFk08tIo2wu6B5NdsdvSxRgaHTv5_F8Sp678EB4tJxI-1715818690-1.0.1.1-OmFQ9t9LH4W3NNA1qbQmzoDasFSciDiobSPD098Z9KyH7i74Fk75oshlmNp5u37Ju_kHb4Ow5rc8iQbu8EpQrg
.hubspot.com/ Name: _cfuvid
Value: yr1bcm1kHatQuO642LUIlIkikfwD11MlwknO75CSQWI-1715818690560-0.0.1.1-604800000

13 Console Messages

Source Level URL
Text
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winstonbenefits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

benefitinsite.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
maps.googleapis.com
maxcdn.bootstrapcdn.com
p.typekit.net
player.vimeo.com
region1.analytics.google.com
static.addtoany.com
stats.g.doubleclick.net
track.hubspot.com
use.typekit.net
winstonbenefits.com
www.google.de
www.googletagmanager.com
104.16.107.254
104.16.117.116
104.16.118.116
104.16.139.209
104.16.160.168
104.18.10.207
104.18.138.17
104.18.141.119
104.18.80.204
104.19.175.188
141.193.213.10
142.250.185.168
142.250.186.35
162.159.128.61
172.217.16.202
172.64.153.27
172.67.39.148
173.194.76.157
184.24.77.146
184.24.77.156
188.114.97.3
216.239.34.36
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
074083bef50dd9729e14d84efc8116e51e2fe7759797dc4ca4e6a95eec6028a6
0836d2f608ac4a6a9fcdebfe709d8b193230de34760e983f828016df663f3cff
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1df4e360c6e4171a5db301a97f09a68ad5e7369d1337c5cc9421f376c9f21848
279a39c0cf46dbe8896dd5f43f3ce138e91024b220c81166debd17a9c1cd1b7c
29ae0db143d0d9dc6ea8576ae029d266ea38161b5038f3037c99895891b30fc6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
315ef641102a4ced0662ce98dfa823b465c1873a25d0774e98ce7070a6c9e07e
376d6590bd2677d571aa33953ea163add1298a320bd2d22cc6c28f4c9177a804
474dcc8dbcebf8f5e75204ada8cf3105045e0607b06ef855071f833dbc153634
4b0f5f8ad4dc2a94903a64e87289ed7bfcb344df7cb5f5d7f1062b0ed41cbcfa
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
5565a2f6d9c7da0b5dd7fc0dc0b441d5d115d87aa1634dc231114cfeecb9d63c
57d3aca192337007769381ed04c249e83bc9b79df8fbe646ea6d076844542ce5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c71ec7bc8d72bef06ffdaa62955130a8a560f747d2f0c12bfefcdf0f255f53b
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
70ee4147d7c13a15149d75653b28d663b54a4bde465b67cd41785a18d9ed935b
71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0
7487eaab8afc394d9746bcacd476d1ceef806107b0eab0b2059c2b37d10311f6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9e5d030eada7a475b9da06477e542415711dcf18771532e08819f93227f846
80e42891c01878743982be2b99d9c68f23742cc970b087c17fa8b7c780d5e935
825fb9c46669ea9188b2e6cca777c556518d2f4f024cb3d84a3f2f730347c67f
8b9e667090206b8ca117e8607e9061deba70ece900b444de78b90c8a958583d7
9143421f57950c4db94a6040bfe08ecd572559ccacf4733a2c44154bc798df58
918a4fbe1d209d6e81e4b08e1d785b324eb7dc02173a37e89d9e76391a086cef
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
92d89b0d7d958eef5d05cde4c79c80089d9ebb11902dbccd3b8694bb3c625228
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9b49d5b06ec68813238d4c12c4ab6e99056ed464489d97365a448227842a6bfc
9d16d170de9caae12542069d829e87e582fcf361dd1b5d2c3e972593ca62b16c
a334de4f29bb25f1ae4ba9c1bea1d941336c700de17c43b22f4018339a384909
afa0a1bf2b8ff29e0a3c84e773c765ba81f3fa4c72fa19d27dfdb229e6a0ff62
afa3440573d8ab782163b344dab303f11c3b5e8f8acd08114aae985d2838f012
b238e72275f2b553e3552cd9ca9945301dfe08103b0ac16c14bdb69a585e2108
b3ba504ebcab0768b7b68c93bb54ebdb8a9adbfb807d3c6bf84d0b25a07cf44e
bc042aac239345138496accc9aadc55bb92839a907c712f8db1add1c53aabe3c
bf542797cb8617fac746fae3db8fc2c0bdea49474d891eff3742a4b061b7d98d
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c957f9962e91e3b5d70edcbd0ad74a303d1cfed3d4ced077d94c0384a8c420a9
c9927407565669318b89c061147f23758d685f40da08d5347da1fae827fb6395
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d4482690843fa65f260b5a8dad9336ccdf494a9b0574f7d529389ebf9b3efe15
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc71bbe7d08883195168066a7e4f614423a6112db39541be51f1b58311c23adc
dfc9e873d86867a19763c35f5a190ff8b9e3a8e4137d9515ed52aa805ccffb3d
e24ab0f713bfaffea481447977c6c7d9aff076cc617dadbdbb1a517bb47d6947
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b957ba61836dff541df58d59631ba3738cd1fc89fd6c74b25f9b32c5383d2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a
f02f408293f2ef199360dd847142903d56e53d587eb1873b09862600e72928bd
f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447