urlscan.io logo urlscan.io
SecurityTrails logo

thehealthbenefits.net Open in urlscan Pro
54.164.205.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thehealthbenefits.net/
Effective URL: https://thehealthbenefits.net/home
Submission: On November 08 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 18 domains to perform 41 HTTP transactions. The main IP is 54.164.205.7, located in United States and belongs to AMAZON-AES, US. The main domain is thehealthbenefits.net.
TLS certificate: Issued by R3 on September 21st 2023. Valid for: 3 months.
This is the only time thehealthbenefits.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 54.164.205.7 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.90.128.202 14618 (AMAZON-AES)
1 23.201.255.130 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
5 23.36.163.153 20940 (AKAMAI-ASN1)
1 18.66.97.37 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 13.32.27.21 16509 (AMAZON-02)
1 18.66.112.110 16509 (AMAZON-02)
4 34.202.13.83 14618 (AMAZON-AES)
4 34.234.47.49 14618 (AMAZON-AES)
1 13.32.23.225 16509 (AMAZON-02)
1 54.209.189.55 14618 (AMAZON-AES)
1 34.255.204.176 16509 (AMAZON-02)
41 21
10    54.164.205.7 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-205-7.compute-1.amazonaws.com
thehealthbenefits.net
login.healthquotes.us
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    3.90.128.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-128-202.compute-1.amazonaws.com
insurance.mediaalpha.com
1    23.201.255.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-130.deploy.static.akamaitechnologies.com
www.nextinsure.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    23.36.163.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-153.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net
static.hotjar.com
2    2600:9000:223d:5c00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
1    2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
2    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
1    18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net
vc.hotjar.io
4    34.202.13.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-13-83.compute-1.amazonaws.com
create.leadid.com
4    34.234.47.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-47-49.compute-1.amazonaws.com
api.trustedform.com
1    13.32.23.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-225.fra56.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    54.209.189.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-189-55.compute-1.amazonaws.com
deviceid.trueleadid.com
1    34.255.204.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-204-176.eu-west-1.compute.amazonaws.com
metrics.hotjar.io
Apex Domain
Subdomains		 Transfer
8 thehealthbenefits.net
thehealthbenefits.net
839 KB
6 trustedform.com
cdn.trustedform.com — Cisco Umbrella Rank: 28978
api.trustedform.com — Cisco Umbrella Rank: 25271
38 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 742
146 KB
4 leadid.com
create.leadid.com — Cisco Umbrella Rank: 15368
2 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
62 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2687
metrics.hotjar.io — Cisco Umbrella Rank: 9207
328 B
2 healthquotes.us
login.healthquotes.us
33 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 17080
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 27272
39 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 gstatic.com
fonts.gstatic.com
39 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
98 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
43 KB
1 nextinsure.com
www.nextinsure.com — Cisco Umbrella Rank: 50741
33 KB
1 mediaalpha.com
insurance.mediaalpha.com — Cisco Umbrella Rank: 29420
6 KB
41 18
Domain Requested by
8 thehealthbenefits.net 2 redirects thehealthbenefits.net
5 analytics.tiktok.com thehealthbenefits.net
analytics.tiktok.com
4 api.trustedform.com cdn.trustedform.com
4 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 cdn.trustedform.com thehealthbenefits.net
cdn.trustedform.com
2 login.healthquotes.us thehealthbenefits.net
2 connect.facebook.net thehealthbenefits.net
connect.facebook.net
2 fonts.googleapis.com thehealthbenefits.net
client
1 metrics.hotjar.io static.hotjar.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 vc.hotjar.io script.hotjar.com
1 create.lidstatic.com thehealthbenefits.net
1 static.hotjar.com thehealthbenefits.net
1 www.facebook.com thehealthbenefits.net
1 fonts.gstatic.com fonts.googleapis.com
1 id.rlcdn.com thehealthbenefits.net
1 www.googletagmanager.com thehealthbenefits.net
1 www.nextinsure.com thehealthbenefits.net
1 insurance.mediaalpha.com thehealthbenefits.net
41 21

This site contains links to these domains. Also see Links.

Domain
www.medicare.gov
unsubscribes.healthquotes.us
Subject Issuer Validity Valid
healthcoveragemarketplaceinsure.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
mediaalpha.com
Amazon RSA 2048 M01		 2023-06-11 -
2024-07-09		 a year crt.sh
www.quinstreet.com
GeoTrust RSA CA 2018		 2023-11-03 -
2024-07-12		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-17 -
2023-11-15		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
login.healthquotes.us
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
cdn.trustedform.com
Amazon RSA 2048 M02		 2023-03-15 -
2024-04-12		 a year crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-28		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
create.leadid.com
Amazon RSA 2048 M02		 2023-08-21 -
2024-09-17		 a year crt.sh
*.trustedform.com
Amazon RSA 2048 M03		 2023-08-11 -
2024-09-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
deviceid.trueleadid.com
Amazon RSA 2048 M02		 2023-11-08 -
2024-12-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://thehealthbenefits.net/home
Frame ID: 8B7BBF42B57C72D639C39C282AAFC2A7
Requests: 39 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EEA5962E-5D23-E84A-4FD1-4216B85BFA19&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C0AF968B-28F7-6E3F-69FD-FFA0498297AA&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
Frame ID: 367B03DB31431D6667C3F584E84C1E9F
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=EEA5962E-5D23-E84A-4FD1-4216B85BFA19&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C0AF968B-28F7-6E3F-69FD-FFA0498297AA&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
Frame ID: A0C7F63875CC56E07E19EF7202152257
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. http://thehealthbenefits.net/ HTTP 301
    https://thehealthbenefits.net/ HTTP 302
    https://thehealthbenefits.net/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

41
Requests

100 %
HTTPS

35 %
IPv6

18
Domains

21
Subdomains

21
IPs

3
Countries

1385 kB
Transfer

4952 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thehealthbenefits.net/ HTTP 301
    https://thehealthbenefits.net/ HTTP 302
    https://thehealthbenefits.net/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
thehealthbenefits.net/
Redirect Chain
  • http://thehealthbenefits.net/
  • https://thehealthbenefits.net/
  • https://thehealthbenefits.net/home
24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.164.205.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-205-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e99db2b4062aa84dbb98f772b83bafe4f5f123494c89f42652b063fa40736009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 11:52:04 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 11:52:04 GMT
location
/home
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d6a1250b131483bf690875fcdb40533a394fff0880f007f48f9b8f2a1ccd8fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 11:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 11:01:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 11:52:04 GMT
app.css
thehealthbenefits.net/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehealthbenefits.net/css/app.css
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.164.205.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-205-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
33cb51cb7d803d3b98e550274e0a981265a9ffade7542e1e4fe3bd3ae2ad3432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Oct 2023 13:24:31 GMT
server
nginx
etag
W/"65200a8f-9134"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
serve.js
insurance.mediaalpha.com/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.mediaalpha.com/js/serve.js
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.128.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-128-202.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e9056d79b3a1e8855943b732be85eb1c50cfe7257084181678fc6b2f9d61fb9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:05 GMT
content-encoding
gzip
server
Apache
content-length
5519
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
sh
www.nextinsure.com/listingdisplay/loader/ 		112 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nextinsure.com/listingdisplay/loader/sh
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa4ca46b0e424222e07ef9bd49299211bc1b6a429fb19c44458ec0456f06b922
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cfg-version
v107
date
Wed, 08 Nov 2023 11:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src *.googleapis.com 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com; img-src * data:; style-src-elem * 'unsafe-inline';frame-ancestors 'none';form-action 'self';upgrade-insecure-requests;block-all-mixed-content;object-src 'none'; report-uri /ListingDisplay/handlers/csp.ashx;
content-length
33312
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 03:41:57 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=21600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:52:04 GMT
manifest.js
thehealthbenefits.net/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehealthbenefits.net/js/manifest.js
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.164.205.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-205-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ccce6c31b9e7341d8ce1942977391ef4cef104e30698c9fe2786023874d302c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jul 2023 17:13:55 GMT
server
nginx
etag
W/"64c3f753-f7a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
vendor.js
thehealthbenefits.net/js/ 		197 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehealthbenefits.net/js/vendor.js
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.164.205.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-205-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c5f78005c3a55af1ee2e22fd0af1dbf5327d7c873ca381f52d30e61d0f0c03ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jul 2023 17:13:55 GMT
server
nginx
etag
W/"64c3f753-31328"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
app.js
thehealthbenefits.net/js/ 		3 MB
750 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehealthbenefits.net/js/app.js
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.164.205.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-205-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44cb1725ce99b2fbe5b5b69a3fee6ef547695e69133cf54f4edb3de9480fb177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Oct 2023 13:59:52 GMT
server
nginx
etag
W/"652012d8-2f5b5b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
609ce40ecc98d029f2b335bcfa63dab93c760cfb5bdae9f3e55c8f7379b23cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43977
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Nov 2023 11:52:05 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 Nov 2023 11:52:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
rWZdhJ/Cxb2dwYxLcdwxl0jV0HiX6Z3e/RTx+cnfUOE993P7O6+nD6oTZ/+QVw4c42YANqSBVxjc1/aMD2McJQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
712363.gif
id.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712363.gif?cparams=wplId%3D1e45cb2f-10b0-4833-9dba-19a7bea9ca0c
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thehealthbenefits.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:18:41 GMT
x-content-type-options
nosniff
age
495204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39124
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:18:41 GMT
3621213418198140
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3621213418198140?v=2.9.138&r=stable&domain=thehealthbenefits.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cae4bee0bb6d22a5aa349eed21fd4b3302f7fb39148657942c36ecd80c271eee
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 Nov 2023 11:52:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
q+uRYW1lyoBfBVgCp1ZCewXfNTaubPRMI80HGbk4ZY0cCkHHlSRKByIx/73yTmuhHhE7F8tcACYlQvEk7iGd6Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3621213418198140&ev=PageView&dl=https%3A%2F%2Fthehealthbenefits.net%2Fhome&rl=&if=false&ts=1699444325458&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699444325457.1287587642&ler=empty&it=1699444325277&coo=false&rqm=GET
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 08 Nov 2023 11:52:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
icon
fonts.googleapis.com/ 		569 B
462 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 11:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 11:52:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 11:52:05 GMT
phones.js
thehealthbenefits.net/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thehealthbenefits.net/js/phones.js
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/js/manifest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.164.205.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-205-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Jul 2023 00:42:38 GMT
server
nginx
etag
W/"64adf6fe-1b0d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
Aa828nXV6nlaEuDsXivsmhpDyibixfA7JzK8Q1UZ.png
login.healthquotes.us/storage/images/64ece79520fb3/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.healthquotes.us/storage/images/64ece79520fb3/Aa828nXV6nlaEuDsXivsmhpDyibixfA7JzK8Q1UZ.png
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.164.205.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-205-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
35421d7ed702cee140e76dbbe3e365f46d4c886e8b6dc8842adabffcc7501ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 18:29:41 GMT
server
nginx
etag
"64ece795-40e4"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
16612
x-xss-protection
1; mode=block
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHROB2BC77UCDSLJ8GC0&lib=ttq
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-153.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e7b766df12bf5687d7ea7ce9c74126555711cac1dd0d28e9311c03dddf913a5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
dd54570.269ca72d
date
Wed, 08 Nov 2023 11:52:06 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time
108,23.36.161.153
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=12, inner; dur=5
content-length
1592
pragma
no-cache
server
nginx
x-tt-logid
202311081152066C6ED92D1953FEA6D6C9
x-cache-remote
TCP_MISS from a23-59-250-77.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.59.250.77
x-tt-trace-host
01b87769a7f79dff1aa5e504345fe20f97a54bbb7493cf1fc49bc6c657dbf23adc8a9fd510affda9c287491025f4b6d3b69b34cdc5a6ad7d8cc8c5141f8f08d90a2e5e64bc95d147488e663a7bf98b7e241d77e7519b8e895665d911086f4db07575e9055e5181987df182c245986adde3
expires
Wed, 08 Nov 2023 11:52:06 GMT
hotjar-2031930.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2031930.js?sv=6
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
34e8938cdae8d9b6e2796fed6c345a9344102bbe9c49aea32da005bfcf1a7501
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 08 Nov 2023 11:52:06 GMT
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/f2b5d62d5ae87d6bf59de22c96199591
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
5TYMNFb5OnHe7b5-o91ZAJJrfo2ftKgQgAjJpX-Ok6M4829uvnmNlA==
bootstrap.js
cdn.trustedform.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl1&l=16994443259900.09578065388606971&invert_field_sensitivity=false
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:5c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:07 GMT
x-amz-version-id
n.x2mSCmL4llw_0RUugnV3Kjti06QGpX
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 20:13:54 GMT
server
AmazonS3
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"e11406d1e7ba652ddbe0623e1207c210"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
362Dcx-JFWGn2Y66xJTn0u2RJU6-dGVAcbddiBq2l2I2xUKL9tNM9Q==
c0af968b-28f7-6e3f-69fd-ffa0498297aa.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/c0af968b-28f7-6e3f-69fd-ffa0498297aa.js?snippet_version=2
Requested by
Host: thehealthbenefits.net
URL: https://thehealthbenefits.net/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d265a09a0003d319fcb9d677e9ababa31c80f5abaf932b37aa171a803030ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:06 GMT
x-amz-version-id
Zp7PuF49ChTISw0hpISTJ4uPSPta_zdh
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 12 Nov 2021 01:08:23 GMT
server
cloudflare
x-amz-request-id
V60RGKX0K85A42XM
etag
W/"0687ed9b8ada600229be3f4b0e38e835"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
822d9b9deb739bc5-FRA
x-amz-id-2
8BEXoMtw/kAMVH9NBDVI//gd+mEGFsMzxV+41x9Myg6auZK6SJa3b+Q6QCssTXCdzpTa4nWur1Q=
modules.1fc3ddf456a7a825d3df.js
script.hotjar.com/ 		225 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1fc3ddf456a7a825d3df.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2031930.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
fb820ca2334e644726c19850604bb845130c77e478519c3f3feb6fc36df8f22e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 10:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
5880
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57073
last-modified
Wed, 08 Nov 2023 10:13:41 GMT
etag
"a5740b15ec8eb1bdb6802250fd1b5cbc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
WnBy5vs6-pqZt5B_9H6LRGGqqt659Y50pGLlDY-pmN_yHXvgjtHnIg==
2031930
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2031930?s=0.25&r=0.13627425977214558
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1fc3ddf456a7a825d3df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:06 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
U_WzvYgJ_R_u5hABq5Yp75dP5yaB4zS0MUzrwm-LxWh29tYsO3eSPg==
browser-perf.28a8c6b22b3c0474c577.js
script.hotjar.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1fc3ddf456a7a825d3df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 10:24:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
437280
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1589
last-modified
Fri, 03 Nov 2023 10:23:46 GMT
etag
"d065ec1659ab8dbb93042fdf9a225634"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
fAinLQ65MoEXWs0gJp9vv7RiJO-NES3JsrbVLIz-vO_yHDGYLMqhhw==
main.MTBkNWQ3YjBkMA.js
analytics.tiktok.com/i18n/pixel/static/ 		397 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHROB2BC77UCDSLJ8GC0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-153.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4eafd1eb43de86362e510cefbe94652d52ef4ff1cb3f234e9a5a71941d633eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
269caad7
date
Wed, 08 Nov 2023 11:52:06 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231107125934A7D609168BE9775E9849
vary
Accept-Encoding
x-cache
TCP_HIT from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01ec67afbdf32dc68bd6ae4d752e3a0228cf418491b24b3c8559461fb7a1f07211f829c5cbd29e688d4ffb0613d94c8bab819426be82cd760ddeca238a8419b27b66ecadaa6fcd505b6f838a8037a6baed701b5202fbc658468dd1bc2760c8124a
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=18
content-length
108324
identify_052e4.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_052e4.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-153.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75e71db96a17fcba01ea348f496e010c1311dd75207fc513260abde5e38965b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
269cad19
date
Wed, 08 Nov 2023 11:52:06 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231107125934A33995CF7777456655F9
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01ec67afbdf32dc68bd6ae4d752e3a0228cf418491b24b3c8559461fb7a1f07211edc832ab5e06d7cceccf64a739ff87e861ee89ec67d6431137a7b5546d158dc2d50990a10d6a79f8efce633a8a211665044ffd72ef13629939e478556bd2a717
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
36174
pixel
analytics.tiktok.com/api/v2/ 		0
649 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-153.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
269cae02
date
Wed, 08 Nov 2023 11:52:06 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
server-timing
inner; dur=33, cdn-cache; desc=MISS, edge; dur=7, origin; dur=125
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202311081152069D99055770FBC7A06C39
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
125,23.36.161.153
x-tt-trace-host
01b87769a7f79dff1aa5e504345fe20f97cb72050589d82ab9792f7e5515005661f50a3162c85840aea416a43d05050038886a4ac3feaf156991bf4f1e03d472828e1d8d47b92e72090380cdd67151156eb3c1a4066eece75571cb475fad0029cb
access-control-allow-headers
Authorization,*
expires
Wed, 08 Nov 2023 11:52:06 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
794 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-153.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
db1d2af.269cb285
date
Wed, 08 Nov 2023 11:52:07 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time
214,23.36.161.153
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=133, inner; dur=124
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231108115206383658EB018487C062C9
x-cache-remote
TCP_MISS from a23-195-36-144.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
133,23.195.36.144
x-tt-trace-host
01b87769a7f79dff1aa5e504345fe20f97a54bbb7493cf1fc49bc6c657dbf23adcf9cc4303f8bccc49b43192ad4ec871271d34fe79c596b921a7c07b727756e1bce9118cd37e0b81133a0e34d2e82dde1ab141068cbfde7d48de90372ac88ef307f24d1b9cfce4bce87831860a9c686eea
access-control-allow-headers
Authorization,*
expires
Wed, 08 Nov 2023 11:52:07 GMT
GenerateToken
create.leadid.com/2.11.9/ 		36 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=917cd3c0-7c02-4a61-93c3-116bd65141e1&_=622771628
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c0af968b-28f7-6e3f-69fd-ffa0498297aa.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.202.13.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-13-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f0f2d239c616f7527f5380f65c3921df2c791787b787870cb46f18c00c4ebb81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 08 Nov 2023 11:52:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
certs
api.trustedform.com/ 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl1&l=16994443259900.09578065388606971&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.234.47.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-47-49.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
d6cf240cf34964a917abebb6f0d118e2bf03e2018b70b66566d851b331666c87

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Nov 2023 11:52:07 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
trustedform-1.9.4.js
cdn.trustedform.com/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.9.4.js
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl1&l=16994443259900.09578065388606971&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:5c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
r8MZaCt3JQQCXcEtY_1O0o8TfqeIHQ2O
content-encoding
gzip
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
date
Wed, 08 Nov 2023 11:51:46 GMT
last-modified
Tue, 24 Oct 2023 20:13:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
24
etag
W/"f46641519eee44fe450f02ae72e64a74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lESGhXHCXWjoTihGdiE-urmu7YrrTBDOSZzuVGBw-ZnW2RI_GjFB_Q==
snapshot
api.trustedform.com/certs/30cf25cedbe1f6168b7ec5684e73fea9e359bc3f/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/30cf25cedbe1f6168b7ec5684e73fea9e359bc3f/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.234.47.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-47-49.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 11:52:07 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
fingerprints
api.trustedform.com/certs/30cf25cedbe1f6168b7ec5684e73fea9e359bc3f/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/30cf25cedbe1f6168b7ec5684e73fea9e359bc3f/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.234.47.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-47-49.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 11:52:07 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
Aa828nXV6nlaEuDsXivsmhpDyibixfA7JzK8Q1UZ.png
login.healthquotes.us/storage/images/64ece79520fb3/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.healthquotes.us/storage/images/64ece79520fb3/Aa828nXV6nlaEuDsXivsmhpDyibixfA7JzK8Q1UZ.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.164.205.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-205-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
35421d7ed702cee140e76dbbe3e365f46d4c886e8b6dc8842adabffcc7501ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehealthbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 18:29:41 GMT
server
nginx
etag
"64ece795-40e4"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
16612
x-xss-protection
1; mode=block
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 367B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EEA5962E-5D23-E84A-4FD1-4216B85BFA19&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C0AF968B-28F7-6E3F-69FD-FFA0498297AA&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c0af968b-28f7-6e3f-69fd-ffa0498297aa.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-225.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://thehealthbenefits.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
21861
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 08 Nov 2023 05:47:46 GMT
ETag
W/"653c2b77-dbb"
Last-Modified
Fri, 27 Oct 2023 21:28:23 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
X-Amz-Cf-Id
MkbxR3eimGsGpuRXjXdVuG_SrG3CdZW4GEx4468L1AeibLqfIg2FGQ==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.9/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=917cd3c0-7c02-4a61-93c3-116bd65141e1&token=EEA5962E-5D23-E84A-4FD1-4216B85BFA19&_=622771629
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c0af968b-28f7-6e3f-69fd-ffa0498297aa.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.202.13.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-13-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 08 Nov 2023 11:52:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
text/javascript
iframe.html
deviceid.trueleadid.com/ Frame A0C7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=EEA5962E-5D23-E84A-4FD1-4216B85BFA19&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C0AF968B-28F7-6E3F-69FD-FFA0498297AA&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EEA5962E-5D23-E84A-4FD1-4216B85BFA19&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C0AF968B-28F7-6E3F-69FD-FFA0498297AA&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.189.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-189-55.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Wed, 08 Nov 2023 11:52:07 GMT
etag
W/"651c88fc-1049"
expires
Thu, 09 Nov 2023 11:52:07 GMT
last-modified
Tue, 03 Oct 2023 21:34:52 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=3&pid=917cd3c0-7c02-4a61-93c3-116bd65141e1&token=EEA5962E-5D23-E84A-4FD1-4216B85BFA19&_=622771630
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c0af968b-28f7-6e3f-69fd-ffa0498297aa.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.202.13.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-13-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 08 Nov 2023 11:52:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame A0C7 		0
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=17B1014D-89D8-0A9A-D23F-B85698F480B4&lck=C0AF968B-28F7-6E3F-69FD-FFA0498297AA&methods=48&token=EEA5962E-5D23-E84A-4FD1-4216B85BFA19&uuid=3537cd5a02b64008b1c922b03b5db54e
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=EEA5962E-5D23-E84A-4FD1-4216B85BFA19&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C0AF968B-28F7-6E3F-69FD-FFA0498297AA&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.202.13.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-13-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:52:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/30cf25cedbe1f6168b7ec5684e73fea9e359bc3f/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/30cf25cedbe1f6168b7ec5684e73fea9e359bc3f/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.234.47.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-47-49.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 11:52:08 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
/
metrics.hotjar.io/ 		0
70 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://metrics.hotjar.io/?v=6
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2031930.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.255.204.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-204-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehealthbenefits.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 11:52:09 GMT
vary
Origin

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| dataLayer undefined| pass_agegroup_to_google undefined| gtag_report_conversion function| loadScript function| gtag function| getUrlVars function| fbq function| _fbq object| MediaAlphaExchange object| __maxch__thunk function| MediaAlphaExchange__fetchUserID function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__enableDirectLinks function| MediaAlphaExchange__disableDirectLinks function| MediaAlphaExchange__loadDirectLink function| MediaAlphaExchange__lead function| MediaAlphaExchange__loadIVRPool function| MediaAlphaExchange__loadNumPool function| MediaAlphaExchange__load undefined| targetID undefined| targetElt object| ShWebFont object| shNunjucks object| sh function| submitForm object| webpackChunk object| google_tag_manager object| google_tag_data function| _ object| ace object| core function| axios string| TiktokAnalyticsObject object| ttq function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| LeadiDconfig object| LeadiD object| regeneratorRuntime object| defaultStyleFrame

13 Cookies

Domain/Path Name / Value
thehealthbenefits.net/ Name: XSRF-TOKEN
Value: eyJpdiI6IjV6VUtIZmRhN05UdzBJeTMvQWVMR3c9PSIsInZhbHVlIjoiS2xyTG94enpyd1JnWW5abE10Ti9ubEs2eGw1TjR6dUlkZU9VQjZMNXRORENKSFJCZUN4YUNZUDJVVGpRbW9OYjY2TXVzQkZOSG0xTVdwMHMrbUV4Rmp4eUYvaWtUZzY3SkVBdzZWZWsvbHdzUEhYd2p0ei9wZVR3TzJrYXhaTFAiLCJtYWMiOiI1ZDExZDU3ZjBmNjkyMmVmZWMzZjczZmJkNzI1YTcyMWE3ZWNmOTk5MGM4MWM2NmZjZTYxMjlkNmYxODc5MjU3IiwidGFnIjoiIn0%3D
thehealthbenefits.net/ Name: laravel_session
Value: eyJpdiI6ImlpVEF4ZzVBampjVGtjY043Ry9HSUE9PSIsInZhbHVlIjoiNU82Rk9DNmp3b0NTT0g5T0ZodFMwZmZDcFhwcTUwRFRGR3FpYmpFaEV0STRLWmg0dmNkdUpGUDFIOHFpRENZd0NlWGc3VldPZHZZYjB4MXlyb3ZMVUFHbktSc1lERlJtTzhIZllnd3VDRzREc0xFZHg2SE80TjVqMUcwSllRZVYiLCJtYWMiOiJhM2Y4NmY3MTA1NGY1M2JmOWZiM2ViZGY2ZTcwMjVlYmY1YWFlODQ0NmE1NDllMjAwMDM5MjYzMDJhYmRkMmVjIiwidGFnIjoiIn0%3D
.thehealthbenefits.net/ Name: _fbp
Value: fb.1.1699444325457.1287587642
.tiktok.com/ Name: _ttp
Value: 2XtNHGCjyFonB3FXxhmKqy8JLUd
.thehealthbenefits.net/ Name: _hjFirstSeen
Value: 1
.thehealthbenefits.net/ Name: _hjIncludedInSessionSample_2031930
Value: 1
.thehealthbenefits.net/ Name: _hjSession_2031930
Value: eyJpZCI6IjU4ZmMzNmM2LTQxYjItNGE2Zi1iN2U1LWIzYWJjZjQyNDMwMSIsImNyZWF0ZWQiOjE2OTk0NDQzMjYyOTUsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.thehealthbenefits.net/ Name: _hjSessionUser_2031930
Value: eyJpZCI6ImVlNmMxMzJjLTA4ZTMtNThlNi1hNjIwLTYzMDBmOWQ1YWRhYSIsImNyZWF0ZWQiOjE2OTk0NDQzMjYyOTIsImV4aXN0aW5nIjp0cnVlfQ==
.thehealthbenefits.net/ Name: _hjAbsoluteSessionInProgress
Value: 1
.thehealthbenefits.net/ Name: _tt_enable_cookie
Value: 1
.thehealthbenefits.net/ Name: _ttp
Value: axgvg-LKNvnQKXE4GEqosoJsL3W
thehealthbenefits.net/ Name: leadid_token-17B1014D-89D8-0A9A-D23F-B85698F480B4-C0AF968B-28F7-6E3F-69FD-FFA0498297AA
Value: EEA5962E-5D23-E84A-4FD1-4216B85BFA19
.deviceid.trueleadid.com/ Name: uuid
Value: 3537cd5a02b64008b1c922b03b5db54e

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/712363.gif?cparams=wplId%3D1e45cb2f-10b0-4833-9dba-19a7bea9ca0c
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.trustedform.com
cdn.trustedform.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
id.rlcdn.com
insurance.mediaalpha.com
login.healthquotes.us
metrics.hotjar.io
script.hotjar.com
static.hotjar.com
thehealthbenefits.net
vc.hotjar.io
www.facebook.com
www.googletagmanager.com
www.nextinsure.com
13.32.23.225
13.32.27.21
18.66.112.110
18.66.97.37
23.201.255.130
23.36.163.153
2600:9000:223d:5c00:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2a00:1450:4001:811::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.90.128.202
34.202.13.83
34.234.47.49
34.255.204.176
35.244.174.68
54.164.205.7
54.209.189.55
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
33cb51cb7d803d3b98e550274e0a981265a9ffade7542e1e4fe3bd3ae2ad3432
34e8938cdae8d9b6e2796fed6c345a9344102bbe9c49aea32da005bfcf1a7501
35421d7ed702cee140e76dbbe3e365f46d4c886e8b6dc8842adabffcc7501ff4
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71
3d6a1250b131483bf690875fcdb40533a394fff0880f007f48f9b8f2a1ccd8fb
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
44cb1725ce99b2fbe5b5b69a3fee6ef547695e69133cf54f4edb3de9480fb177
4eafd1eb43de86362e510cefbe94652d52ef4ff1cb3f234e9a5a71941d633eb8
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
609ce40ecc98d029f2b335bcfa63dab93c760cfb5bdae9f3e55c8f7379b23cec
75e71db96a17fcba01ea348f496e010c1311dd75207fc513260abde5e38965b3
aa4ca46b0e424222e07ef9bd49299211bc1b6a429fb19c44458ec0456f06b922
b1d265a09a0003d319fcb9d677e9ababa31c80f5abaf932b37aa171a803030ee
c5f78005c3a55af1ee2e22fd0af1dbf5327d7c873ca381f52d30e61d0f0c03ea
cae4bee0bb6d22a5aa349eed21fd4b3302f7fb39148657942c36ecd80c271eee
ccce6c31b9e7341d8ce1942977391ef4cef104e30698c9fe2786023874d302c7
d6cf240cf34964a917abebb6f0d118e2bf03e2018b70b66566d851b331666c87
daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b766df12bf5687d7ea7ce9c74126555711cac1dd0d28e9311c03dddf913a5f
e9056d79b3a1e8855943b732be85eb1c50cfe7257084181678fc6b2f9d61fb9b
e99db2b4062aa84dbb98f772b83bafe4f5f123494c89f42652b063fa40736009
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
f0f2d239c616f7527f5380f65c3921df2c791787b787870cb46f18c00c4ebb81
fb820ca2334e644726c19850604bb845130c77e478519c3f3feb6fc36df8f22e