Report - benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634

Report Overview

Visited public
2023-12-08 01:05:51
Tags
URL
benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2
Finishing URL
benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2
IP / ASN
139.144.22.37
#0
Title
Benefits Explorer

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dist.routingapi.com	412373	2016-06-17	2018-06-13 23:18:46	2023-12-05 22:03:49	438 B	24 kB	143.204.55.22
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-07 08:07:58	1.8 kB	326 kB	142.250.74.168
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2023-12-07 17:31:46	2.0 kB	60 kB	172.64.204.20
portal.smartrecognition.com	unknown	2010-04-20	2023-07-03 22:01:00	2023-11-18 06:23:44	728 B	609 B	159.203.118.95
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-12-07 05:12:49	1.0 kB	111 kB	172.64.141.13
dot.theonenet.work	321670	2020-09-21	2020-11-09 15:52:35	2023-11-08 14:22:56	645 B	586 B	54.230.111.89
benefitexplorers.com	unknown	2023-07-25	2023-07-31 15:26:27	2023-12-06 09:18:01	19 kB	282 kB	139.144.22.37
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-12-07 05:09:13	461 B	12 kB	104.18.40.68
cdn.segment.com	1618	1998-07-06	2014-04-11 14:30:48	2023-12-07 18:12:22	2.0 kB	116 kB	143.204.48.96
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-12-07 07:59:32	468 B	146 kB	104.18.11.207
ocsp.starfieldtech.com	6616	2003-03-06	2012-06-22 20:08:50	2023-12-07 05:10:23	346 B	2.7 kB	192.124.249.24
www.mgl92gs.com	unknown	unknown	No data	No data	1.0 kB	33 kB	34.96.120.38
retreaver-live.medigaplife.io	unknown	unknown	No data	No data	1.2 kB	740 B	52.4.129.130
bat.bing.com	387	1996-01-29	2014-04-08 11:23:16	2023-12-07 05:14:24	1.7 kB	19 kB	204.79.197.200
api.routingapi.com	291806	2016-06-17	2017-07-05 21:40:59	2023-11-16 16:32:16	2.2 kB	6.4 kB	18.211.188.160

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-08 01:05:41	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .work TLD
2023-12-08 01:05:41	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .work TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (40)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	3.2 kB	2023-12-04	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 93ff5ef648865ad1c6fdf4bce726d023 d99d9ef3615f4815d6f3baa16856de728bf0c252 9702b4c4ba494350c5601589b58665232b32b1300dc63a6e411dbe18a73d910e Loading...

	cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz	ScriptElement	1.8 kB	2023-03-08	2025-04-20
Pretty URL cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:23 Last Seen2025-04-20 03:23 Times Seen232 Hash 3fa7abe12ac60941c90bdb6feed82551 d91a1dd00d96e1ae779fa8c08c18236b5744e282 66681843d2dddef898a0e614bc668cab30aceecd7a0d89965b7b0447bfcf14c4 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	1.3 kB	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 644b332573c5e12d67cc1fa341da5b16 ebfbbc848f773d31e75957c0683ad85f8146b92b 1a6fc631b082858c83eb558ae4d5313df4f4887c07c90825fd81d41a12948d5b Loading...

	www.googletagmanager.com/gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c	ScriptElement	203 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 02:05 Last Seen2023-12-08 02:05 Times Seen1 Hash e39145d80bec97fdcae1d865c65a773d 9be50664ff15b9284a70c4af43e14bab612ad16e 74bac76dafba564ee68a4dce6fbd96fac46c1a55e108b717c117228144838068 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	598 B	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 4df91422979c9693e0dabebd3aed9528 5859e80e9caeb117a4b6fa7077781c715d898294 efa1a374f74c4647db1290f453e5be6a06d66431b81f332ef77012df763131ee Loading...

	benefitexplorers.com/js/jquery.mask.min.js	ScriptElement	8.2 kB	2023-03-07	2025-05-09
Pretty URL benefitexplorers.com/js/jquery.mask.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 21:05 Times Seen715 Hash acb54232967a36f1df1d0c0623a89d65 6bc0ce0a4a1dd27ddb307b80a1247af996eb23bf bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	1.2 kB	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 377b18b0daee1a830a2cf0db8492069c 419b855e8f72a15d4dee997c50a50c678643365e 02cd16dc9059743e8a8ec4b11ee82db0f70439c35610cef14e2ece1ab6edfaad Loading...

	www.googletagmanager.com/gtag/js?id=G-079T7NVZRZ	ScriptElement	284 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-079T7NVZRZ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 02:05 Last Seen2023-12-08 02:05 Times Seen1 Hash 1c966514ef6ad0c8b478180deb44fc22 a1056b1af0ff9feb3bad9b0b2ee92c12dc41376f 5e5009d8efbc0368b01aa62ddb48ae9bd5f7fda6b608764850a0e4e26fb5f8a9 Loading...

	cdn.segment.com/analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js	ScriptElement	111 kB	2023-12-05	2023-12-08
Pretty URL cdn.segment.com/analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 22:04 Last Seen2023-12-08 02:05 Times Seen3 Hash 313298459ca2843e2c44c2690d51cf35 2b527a4c6c95897c94d5a68a2fb509d7defea291 dff8ac706849233100b49d978dadf63d9361d9e7320a7c8c0c7cd8b72700aab3 Loading...

	benefitexplorers.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL benefitexplorers.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 15:54 Times Seen341951 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	cdn.segment.com/analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js	ScriptElement	1.2 kB	2023-05-11	2025-04-20
Pretty URL cdn.segment.com/analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 15:19 Last Seen2025-04-20 03:23 Times Seen162 Hash 84d37438649a847ca9278ee90cdda242 0b351acc6d858dc1e934444e64d66dade8f34ed8 7a687cfd95c9751f1bb69d2f32f1d2f64c0d71b398dc086dfe5b19e4971acf84 Loading...

	www.mgl92gs.com/scripts/sdk/everflow.js	ScriptElement	32 kB	2023-12-04	2023-12-08
Pretty URL www.mgl92gs.com/scripts/sdk/everflow.js IP 34.96.120.38 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2023-12-08 02:05 Times Seen4 Hash 48f1d406266c91c6001912c499bfed21 de8228f336a4d8b6dcbf98bf433c0bc97272fd78 4323e8c73404b2e80a204561612217d927ed59bb16e930bf2cd9ccab6818e095 Loading...

	benefitexplorers.com/js/jquery.validate.min.js	ScriptElement	23 kB	2023-04-05	2025-05-10
Pretty URL benefitexplorers.com/js/jquery.validate.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 10:49 Last Seen2025-05-10 17:58 Times Seen1166 Hash c74e1b8c32903df80bfa35b92e96041c 8a474ec9b4f1d3573855f41286e43b0000a1dba5 4ffadde8da37f59253cb4cd5541262b6042ff2ca2308579fadb21bf802dfba89 Loading...

	bat.bing.com/bat.js	ScriptElement	46 kB	2023-11-10	2024-09-19
Pretty URL bat.bing.com/bat.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 23:20 Last Seen2024-09-19 20:57 Times Seen11863 Hash 7f75f159026f3a2c8cccda487b43157b 021cf5c854db063cd79bf0394c24eb994e095640 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Loading...

	kit.fontawesome.com/b4e85772e4.js	ScriptElement	12 kB	2023-12-04	2023-12-08
Pretty URL kit.fontawesome.com/b4e85772e4.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2023-12-08 02:05 Times Seen4 Hash ca36133dabc0c4bb4439d7f15c944626 fbbd5ff1125237fceef10967c390f9d312c180bf 7433a26f6b8e74cdad2bf884dc4a8cb2e4b3dcdc247bdcbe1e866a8b14fbd23e Loading...

	portal.smartrecognition.com/servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=33610121&millis=1701997539999&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	117 B	2023-03-12	2025-04-13
Pretty URL portal.smartrecognition.com/servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=33610121&millis=1701997539999&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 IP 159.203.118.95 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:01 Last Seen2025-04-13 00:44 Times Seen31 Hash b9f6fd3de12e717a6e45c626e932ff52 3b6ba4f89e39d0e0c3cb71ed80aa47ac2cd53dd5 a5141417f05db2ef2616e04564418176625823cd3da4fbf25c6bbd0f0ee35056 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	153 B	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 3c6d0db286b59ff799349c10e11f9ff5 f891cb33f028e772438b003a1a2c793ac4a95e3f 6bcac62939056f72672d952f78bad387cd545617981ce8c2b27d17f590a3c829 Loading...

	benefitexplorers.com/js/script.js?id=469077f959b21b1b42cc6772f63a1592	ScriptElement	2.2 kB	2023-03-29	2024-08-21
Pretty URL benefitexplorers.com/js/script.js?id=469077f959b21b1b42cc6772f63a1592 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08 Last Seen2024-08-21 08:58 Times Seen7 Hash 21bcf45a77bd8da2bfa03693aa517ac9 576adc2f3df08070c6ac10df0202e343544f6bcb e2813b6562fd8c65eabe841b6a454fe8376ee778ef3d6889de4b615f2bf2d3e7 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5F9SL9D	ScriptElement	262 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5F9SL9D IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 02:05 Last Seen2023-12-08 02:05 Times Seen1 Hash fd474463b4e362c28c7b5d3fa7df0a45 5766843581057bd6a16b9a474e0cbc6150670ebe b7eb5ab11b9587e3108dbb73f243d91f1c8e45952518c890ee1d59f11a6da170 Loading...

	unknown	ScriptElement	2.2 kB	2023-12-04	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash bc4d21073cae30869c5895ddbf76d7ec 3c7a8e05bfad336efb8098218a1cb19abf7d9d75 cdcf115737ce320529e679fedcb07064910bc27bb9c9c9769db593eb120d9fb6 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	341 B	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 695b2f6030fd6ea21ff9e64f55a61bc8 8828d5a79d741612f03b57d32121e50486540730 242c3e85112be85d1611163f3f05e10eafeccb5617b3c71af67cc89ca4c0ef3e Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	1.0 kB	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash d7ecadfb6143bd770a4918ef8e78f34c 7081e591c9df8e92f5146a670bc55ef73f594e98 c5526d40af0357217d8fd2f783e606f1f62c0b0c4b07237969ef8bcb18ff2dde Loading...

	benefitexplorers.com/js/jquery-3.4.1.min.js	ScriptElement	88 kB	2023-03-07	2025-05-11
Pretty URL benefitexplorers.com/js/jquery-3.4.1.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 15:20 Times Seen68235 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	benefitexplorers.com/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-05-11
Pretty URL benefitexplorers.com/js/bootstrap.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 15:07 Times Seen74918 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	unknown	ScriptElement	413 B	2023-12-04	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash f2f7b58d3565eb1a1a51fd0fb3e61266 53a2639cb2899a0edf902289458e45469d6eb1e8 1f5912d08bd0088d56b9178a3fab229c76b467fed0dc96c683dd12a180041786 Loading...

	www.googletagmanager.com/gtag/js?id=UA-280958866-1&l=dataLayer&cx=c	ScriptElement	178 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-280958866-1&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 02:05 Last Seen2023-12-08 02:05 Times Seen1 Hash 7c48aa5fe51037a964d9ba1e31fc889b 2b637b70dfe8d8cb7d090e5453a47cb23ca1009e 8e35d88d1f0264b90298143a320d407ee3f01875506cac9d61ad759c52b2600a Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 15:54 Times Seen341150 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	dist.routingapi.com/jsapi/v1/retreaver.min.js	ScriptElement	23 kB	2023-12-08	2023-12-08
Pretty URL dist.routingapi.com/jsapi/v1/retreaver.min.js IP 143.204.55.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 02:05 Last Seen2023-12-08 02:05 Times Seen1 Hash 5fba3b06be83b8b66a6e46f4e8946a72 3f0f63e8ebae6f5549269293c6c0163e5fbe1eba b73d022008f2e129a6dc14a9b33b6acb061afcae960fbd4908df0df404c74555 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	1.1 kB	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 3707d1ad7542ca083f57d992afc629c5 aa0d399dacb055a3441b2561d8e5e34aef696544 e6e1ce28fd314154a94a488869f215c1f122bbdb587aa67c454e874c091ca992 Loading...

	benefitexplorers.com/js/jquery.scrollintoview.min.js	ScriptElement	3.5 kB	2023-03-07	2025-03-28
Pretty URL benefitexplorers.com/js/jquery.scrollintoview.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2025-03-28 17:23 Times Seen19 Hash 98c7c3b86202a426d48daeb5d6cfb769 ee08e28171cf05e6a186bb2d7066d84835aab530 6736d0e67c5396641c228598701e67f4eb2ecb899c0265519426f08415e7d731 Loading...

	bat.bing.com/p/action/295007516.js	ScriptElement	3.7 kB	2023-12-04	2024-08-20
Pretty URL bat.bing.com/p/action/295007516.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 9eae94ee0e3e58430de722da22e05a72 bfe6c659e822676211353fcafa379f66cfb5d67a 950eea6bb50f56537ff889b3c3f27479d191d0f2c8cbcdea01a830de52904cf3 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	155 B	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 5d00d8a75a3705942ac93cb4b7667599 1c6f6d3f0f8ebf8ce11a664f53c8a6b224c02866 52ebbd6251971a562790c18b7222f828b4977669b933c446f373bcc67fbe4005 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	86 B	2023-03-29	2024-08-21
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 21:08 Last Seen2024-08-21 08:58 Times Seen7 Hash c2fa5803fca7090ce9e16cab1e34a5c1 12cd05fa00459ca5e60ff58f1c21028fc6a755fc e41ced9bf62efc77c06dc379ed2f36797afa5f24be439e8846d56057e65c2283 Loading...

	benefitexplorers.com/js/additional-methods.min.js	ScriptElement	18 kB	2023-04-05	2025-05-01
Pretty URL benefitexplorers.com/js/additional-methods.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 10:49 Last Seen2025-05-01 08:17 Times Seen108 Hash 9fd50845f039f9efb9337b58e5e355c9 a7c2e0772f3215aa593e8c142741c6d68e79f6a0 4142040b6091e0b8c51c0d99055effe1df9ea80e88f010c1e92688577a76398f Loading...

	unknown	ScriptElement	422 B	2023-12-04	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 28481297724dd4e24f6a90fc624e51f4 8a40025c3e44272e848410e3936056a488b2ea3a 4d873e76eea0c9ae9c18eddde760911ca386edaef42fdfa1686458bbd4a1c953 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 55969f661ca3fcbaac4b9205a8b5de78	8 B	2023-03-13 15:03	2025-05-10 12:42
Pretty Observations First Seen2023-03-13 15:03 Last Seen2025-05-10 12:42 Times Seen260 Hash 55969f661ca3fcbaac4b9205a8b5de78 9e70d533a801ab26b98de40bb0fe6e12c98400a4 db98d258d90b4ba04eca37486d76e234c70ce22e4b2da9da49160a51a9047b9d Loading...

	#2 Eval - 4735ea016be1fd6fcd4b0de8da4b7ca9	7 B	2023-03-13 15:03	2025-05-10 12:42
Pretty Observations First Seen2023-03-13 15:03 Last Seen2025-05-10 12:42 Times Seen310 Hash 4735ea016be1fd6fcd4b0de8da4b7ca9 3321d9aeb277fed52ff6f549c17813f18305b34b d0f8f9fef60854dc21f0ead0b90dec0f34b55bbe853b5971d06f3a2754bf4f32 Loading...

	#3 Eval - a23c53e4fa32b4da3cc75e5554a5c497	12 B	2023-03-13 15:03	2025-05-10 12:42
Pretty Observations First Seen2023-03-13 15:03 Last Seen2025-05-10 12:42 Times Seen260 Hash a23c53e4fa32b4da3cc75e5554a5c497 d406e5bccbac5cf6db3f8ca0ffb124b4424b28d3 ebe68919f264b9c8d9e1e3b1a66a12570b51148613cdcb19c32ae6d5c2cdb930 Loading...

	#4 Eval - 2e7f42c4404f8933ea4a32f069446a07	18 B	2023-03-13 15:03	2025-05-10 12:42
Pretty Observations First Seen2023-03-13 15:03 Last Seen2025-05-10 12:42 Times Seen263 Hash 2e7f42c4404f8933ea4a32f069446a07 70469c08a102426fe3aa49a39ed3aeabb54551f5 22edb47523880f1709ff52a6fc073ef279cb78ec41e674f9b5eec1e088c3d321 Loading...

		Size	First Seen	Last Seen
	#1 Write - f08a32bf28ac6ea56717f5ac6f707cbd	392 B	2024-08-20 16:24	2024-08-20 16:24
Pretty Observations First Seen2024-08-20 16:24 Last Seen2024-08-20 16:24 Times Seen1 Hash f08a32bf28ac6ea56717f5ac6f707cbd 33896cb7551b22ca7a2bccb8ef83a78071f9fad5 ec5b40076d0aa0d2175559564379f3789d3bee1bcd390c5ec1ef1e0343962b56 Loading...

HTTP Transactions (45)

	URL	IP	Response	Size
	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	139.144.22.37	200 OK	27 kB
URL User Request GET HTTP/2 benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37:443 ASN #0 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type gzip compressed data, from Unix\012- data Size 27 kB (27265 bytes) Hash d020a2770aa03f91c30bed00dd2111cc 73d6b40a270cf9f11521c43f80ef5d12b58a4f0c acc70ba1aa62b2d25c2aa215c471e6cdcb72243fbe23587f2cacbc209e8ce620 HTTP Headers GET /index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Fri, 08 Dec 2023 01:05:32 GMT set-cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:32 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:32 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-079T7NVZRZ	142.250.74.168	200 OK	94 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-079T7NVZRZ IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (5955) Size 94 kB (94122 bytes) Hash 1c966514ef6ad0c8b478180deb44fc22 a1056b1af0ff9feb3bad9b0b2ee92c12dc41376f 5e5009d8efbc0368b01aa62ddb48ae9bd5f7fda6b608764850a0e4e26fb5f8a9 HTTP Headers `GET /gtag/js?id=G-079T7NVZRZ HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 08 Dec 2023 01:05:33 GMT expires: Fri, 08 Dec 2023 01:05:33 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 94122 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.starfieldtech.com/	192.124.249.24		2.1 kB
URL ocsp.starfieldtech.com/ IP 192.124.249.24:0 ASN #30148 SUCURI-SEC File type data Size 2.1 kB (2149 bytes) Hash 13d1f3900c3235f3307f124fabd0813c 2076e9cb64b4749d0bd4539a0e1472a87a35eb4f 5f2d872360340c14ca70069261e15219a3e7d18ef53e7a5f11b6ca15994b853a HTTP Headers `POST / HTTP/1.1 Host: ocsp.starfieldtech.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 76 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: Sucuri/Cloudproxy Date: Fri, 08 Dec 2023 01:05:33 GMT Content-Type: application/ocsp-response Content-Length: 2149 Connection: keep-alive X-Sucuri-ID: 19024 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Thu, 07 Dec 2023 09:54:26 GMT Expires: Fri, 08 Dec 2023 09:54:26 GMT ETag: "2076e9cb64b4749d0bd4539a0e1472a87a35eb4f" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"`

	ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=b4e85772e4	172.64.204.20	200 OK	26 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=b4e85772e4 IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (65321) Size 26 kB (25465 bytes) Hash edc53d8d44037708e54122b9e30bb2a1 7210b158d88b1e463ba0b08d26835a9fd4e6c57e b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab HTTP Headers `GET /releases/v6.5.1/css/free.min.css?token=b4e85772e4 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:33 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Thu, 30 Nov 2023 17:25:52 GMT etag: W/"edc53d8d44037708e54122b9e30bb2a1" x-amz-server-side-encryption: AES256 cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 70c71215ba79c388660ce7c2f052e258.cloudfront.net (CloudFront) x-amz-cf-pop: LHR5-P6 x-amz-cf-id: n4Wso6CaEEqvHBzIFLAfqaNSYm6fTa3qzjjW-ku8Py1W55LuCOEklA== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGHfL0Scm5l0%2Flzzr%2FrsLe0CNYyZStDNTXHMm3LBk6QR%2BT3PXR8Utuj%2BpfknTDJhXDqrgowtlWaDEYMqY35OamaZwyXcF3LiP2HJlRtLndL786T%2F2t8Jrb%2BcG%2FmlHjke%2Fv3khPzvxg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 832119c79edd23e2-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	portal.smartrecognition.com/servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=33610121&millis=1701997539999&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2	159.203.118.95	200 OK	115 B
URL GET HTTP/1.1 portal.smartrecognition.com/servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=33610121&millis=1701997539999&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 IP 159.203.118.95:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectai.smartscrpt.com Fingerprint60:1E:96:4A:08:DE:36:22:DA:50:B4:18:F2:BF:52:F4:D3:66:46:FC ValiditySun, 01 Oct 2023 16:24:24 GMT - Sat, 30 Dec 2023 16:24:23 GMT File type ASCII text Size 115 B (115 bytes) Hash b9f6fd3de12e717a6e45c626e932ff52 3b6ba4f89e39d0e0c3cb71ed80aa47ac2cd53dd5 a5141417f05db2ef2616e04564418176625823cd3da4fbf25c6bbd0f0ee35056 HTTP Headers GET /servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=33610121&millis=1701997539999&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 HTTP/1.1 Host: portal.smartrecognition.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Fri, 08 Dec 2023 01:05:34 GMT Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-cache, no-store Pragma: no-cache Expires: Thu, 31 Dec 1998 11:59:59 GMT X-Robots-Tag: none P3P: CP="NOI DSP COR NID" Set-Cookie: AVPUID=0d6a0eea7094ac04ceec94a0c6a80906; Expires=Sat, 07-Dec-2024 01:05:34 GMT; Path=/; Secure; HttpOnly; SameSite=None DNT: 1 Content-Encoding: gzip`

	www.googletagmanager.com/gtm.js?id=GTM-5F9SL9D	142.250.74.168	200 OK	90 kB
URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-5F9SL9D IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (8710) Size 90 kB (90467 bytes) Hash fd474463b4e362c28c7b5d3fa7df0a45 5766843581057bd6a16b9a474e0cbc6150670ebe b7eb5ab11b9587e3108dbb73f243d91f1c8e45952518c890ee1d59f11a6da170 HTTP Headers `GET /gtm.js?id=GTM-5F9SL9D HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 08 Dec 2023 01:05:34 GMT expires: Fri, 08 Dec 2023 01:05:34 GMT cache-control: private, max-age=900 last-modified: Fri, 08 Dec 2023 00:06:22 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 90467 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.mgl92gs.com/sdk/click?_ef_transaction_id=&oid=6&affid=23&__cc=&async=json&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	34.96.120.38	200 OK	85 B
URL GET HTTP/3 www.mgl92gs.com/sdk/click?_ef_transaction_id=&oid=6&affid=23&__cc=&async=json&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 34.96.120.38:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerStarfield Technologies, Inc. Subjectmgl92gs.com Fingerprint02:3B:C2:97:2D:64:EB:64:EA:FC:48:D3:A9:86:9D:62:6A:19:77:57 ValidityMon, 25 Sep 2023 20:03:35 GMT - Wed, 08 May 2024 14:26:50 GMT File type JSON data\012- , ASCII text Size 85 B (85 bytes) Hash e181922322468fab4f59cea75afb9dcb 37636e609e05dddc68c849ab989e6197a4b8c5db 120b73418584a404aefc6ea8977228ef61beff73b15361eecaeaf7ce9375a302 HTTP Headers GET /sdk/click?_ef_transaction_id=&oid=6&affid=23&__cc=&async=json&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 HTTP/1.1 Host: www.mgl92gs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:34 GMT content-type: application/json; charset=utf-8 content-length: 85 accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model access-control-allow-credentials: true access-control-allow-origin: https://benefitexplorers.com set-cookie: uniqueClick=cb9d017d-9f1a-452a-928d-2a8743d00d74:1701997534; Path=/; Expires=Sat, 09 Dec 2023 01:05:34 GMT; Secure; SameSite=None transaction_id=b1fd6c6315bc41c596298fda66fe494d; Path=/; Expires=Thu, 07 Mar 2024 01:05:34 GMT; Secure; SameSite=None vary: Origin x-eflow-request-id: d9150693-5453-4627-b579-870f0866c1a4 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.googletagmanager.com/gtag/js?id=UA-280958866-1&l=dataLayer&cx=c	142.250.74.168	200 OK	65 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=UA-280958866-1&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (3026) Size 65 kB (64867 bytes) Hash 7c48aa5fe51037a964d9ba1e31fc889b 2b637b70dfe8d8cb7d090e5453a47cb23ca1009e 8e35d88d1f0264b90298143a320d407ee3f01875506cac9d61ad759c52b2600a HTTP Headers `GET /gtag/js?id=UA-280958866-1&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 08 Dec 2023 01:05:34 GMT expires: Fri, 08 Dec 2023 01:05:34 GMT cache-control: private, max-age=900 last-modified: Fri, 08 Dec 2023 00:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 64867 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2	172.64.141.13	200 OK	62 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2 IP 172.64.141.13:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 62472, version 1.0\012- data Size 62 kB (62472 bytes) Hash b75b4bfe0d58faeced5006c785eaae23 92da6e3c7121e21cdfde25ef08797a3937a683e1 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f HTTP Headers GET /releases/v5.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://use.fontawesome.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:34 GMT content-type: font/woff2 content-length: 62472 access-control-allow-origin: * cache-control: max-age=31556926 etag: "b75b4bfe0d58faeced5006c785eaae23" last-modified: Fri, 22 Sep 2023 01:45:27 GMT vary: Origin, Accept-Encoding cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHD1zWd2kKy0f0PeyV5dSqluOpd5Z8QYATS%2BSa%2BpraeisPDmgkP0mawn0xwL0XoA5FO7B%2FyeDLYxYyJII90x5GaTPdW2QuxUg%2BHeGfENdWr0WbREnFXwW%2BzxbX%2FQ692vF4GE4k2O"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 832119ce4e4823c9-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c	142.250.74.168	200 OK	74 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (4189) Size 74 kB (74425 bytes) Hash e39145d80bec97fdcae1d865c65a773d 9be50664ff15b9284a70c4af43e14bab612ad16e 74bac76dafba564ee68a4dce6fbd96fac46c1a55e108b717c117228144838068 HTTP Headers `GET /gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 08 Dec 2023 01:05:34 GMT expires: Fri, 08 Dec 2023 01:05:34 GMT cache-control: private, max-age=900 last-modified: Fri, 08 Dec 2023 00:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 74425 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	retreaver-live.medigaplife.io/insert_everflow_clicks?transaction_id=b1fd6c6315bc41c596298fda66fe494d	52.4.129.130	200 OK	2 B
URL OPTIONS HTTP/2 retreaver-live.medigaplife.io/insert_everflow_clicks?transaction_id=b1fd6c6315bc41c596298fda66fe494d IP 52.4.129.130:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectretreaver-live.medigaplife.io Fingerprint3C:F6:D8:66:F7:4F:68:9B:FC:7C:B6:27:AD:24:BF:1A:4C:D2:B7:2F ValidityMon, 16 Oct 2023 15:22:42 GMT - Sun, 14 Jan 2024 15:22:41 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers OPTIONS /insert_everflow_clicks?transaction_id=b1fd6c6315bc41c596298fda66fe494d HTTP/1.1 Host: retreaver-live.medigaplife.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:35 GMT content-type: text/plain; charset=utf-8 content-length: 2 vary: Origin access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-origin: https://benefitexplorers.com access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	dot.theonenet.work/dot/13503?cbust=2858096271875118&url_path=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2	54.230.111.89	200 OK	15 B
URL GET HTTP/2 dot.theonenet.work/dot/13503?cbust=2858096271875118&url_path=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 IP 54.230.111.89:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectdot.theonenet.work FingerprintE0:14:10:A3:AF:85:8F:6A:91:EE:21:49:81:B7:35:C9:A9:79:5E:59 ValidityMon, 14 Aug 2023 00:00:00 GMT - Wed, 11 Sep 2024 23:59:59 GMT File type JSON data\012- , ASCII text, with no line terminators Size 15 B (15 bytes) Hash 0c776997933eb60833b37beaf43814c8 bff63526eb02853c6b414ccfb4d00ac9ca283930 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa HTTP Headers GET /dot/13503?cbust=2858096271875118&url_path=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 HTTP/1.1 Host: dot.theonenet.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: image/gif content-length: 15 date: Fri, 08 Dec 2023 01:05:35 GMT x-amzn-requestid: ec8a637a-bda4-42f5-8c0a-549b0c73259b access-control-allow-origin: * x-amz-apigw-id: PmXK8F4_oAMERkw= x-amzn-trace-id: Root=1-65726bdf-5fc1557b5e61e7170eab37c2 via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront), 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) x-cache: Miss from cloudfront x-amz-cf-pop: OSL50-C1, OSL50-P1 x-amz-cf-id: bqgqcasTKBSbpct0Ardj2L5Jl1qzVSKViGJ5w9f3lFaSGh2iT-6o0Q== X-Firefox-Spdy: h2

	cdn.segment.com/v1/projects/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/settings	143.204.48.96	200 OK	621 B
URL GET HTTP/2 cdn.segment.com/v1/projects/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/settings IP 143.204.48.96:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subject.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT File type JSON data\012- , ASCII text, with very long lines (621), with no line terminators Size 621 B (621 bytes) Hash 3d675ac8ce455f3beb6144200a6974d8 053be6c0451523947d6199c8ff1c24ca117b1544 17fd134e18bae0756bc3ac07f6b71e81fc877f8df99509a22dbdb1835a27b40f HTTP Headers `GET /v1/projects/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/settings HTTP/1.1 Host: cdn.segment.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/json; charset=utf-8 content-length: 621 access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 x-amz-replication-status: COMPLETED last-modified: Sat, 13 May 2023 09:10:07 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: WTlcMrhaZ01.Ys27e3dwdQK2S9nc4_sr accept-ranges: bytes server: AmazonS3 date: Fri, 08 Dec 2023 01:05:36 GMT cache-control: public, max-age=10800 etag: "3d675ac8ce455f3beb6144200a6974d8" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: cJ06676ow6yxz8YMCdGV514hXZIdPUgN3XNqbIaUQedRCzOmWjsf7Q== X-Firefox-Spdy: h2

	cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz	143.204.48.96	200 OK	778 B
URL GET HTTP/2 cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz IP 143.204.48.96:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subject.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (1751) Size 778 B (778 bytes) Hash 3fa7abe12ac60941c90bdb6feed82551 d91a1dd00d96e1ae779fa8c08c18236b5744e282 66681843d2dddef898a0e614bc668cab30aceecd7a0d89965b7b0447bfcf14c4 HTTP Headers GET /next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz HTTP/1.1 Host: cdn.segment.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK content-type: application/javascript content-length: 778 access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 last-modified: Wed, 18 Oct 2023 10:36:34 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: UuFy3klCSY1Iug3r2wasmsc51RZpY.yN accept-ranges: bytes server: AmazonS3 date: Thu, 07 Dec 2023 02:59:13 GMT etag: "3f0dbc48d4537cdf84414eec13b0164c" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: YSWtxfgKFAV4kC14aHoN9hiNbWqCN_xkq2XLt0Xs8fRUXpGxJbB81A== age: 79855 X-Firefox-Spdy: h2

	bat.bing.com/bat.js	204.79.197.200	200 OK	13 kB
URL GET HTTP/2 bat.bing.com/bat.js IP 204.79.197.200:443 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerMicrosoft Corporation Subjectwww.bing.com FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators Size 13 kB (13175 bytes) Hash 7f75f159026f3a2c8cccda487b43157b 021cf5c854db063cd79bf0394c24eb994e095640 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 HTTP Headers `GET /bat.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK cache-control: private,max-age=1800 content-length: 13175 content-type: application/javascript content-encoding: gzip last-modified: Fri, 10 Nov 2023 20:09:55 GMT accept-ranges: bytes etag: "80abcdf1114da1:0" vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: D1D20CB7890042AFA37521F3B676838C Ref B: OSL30EDGE0510 Ref C: 2023-12-08T01:05:35Z date: Fri, 08 Dec 2023 01:05:35 GMT X-Firefox-Spdy: h2

	benefitexplorers.com/files/images/benefitexplorers_fav_icon.png	139.144.22.37	200 OK	25 kB
URL GET HTTP/2 benefitexplorers.com/files/images/benefitexplorers_fav_icon.png IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data Size 25 kB (24702 bytes) Hash 778efc3d7fba796a96faeabd7f06dbe6 f21d2c2da01f5be625e5222854376e9399497fc0 9b995b50547cb4f5df13608dc9cec2bf516df9c00c20ca38232086e51510e373 HTTP Headers GET /files/images/benefitexplorers_fav_icon.png HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IktMaWRoMFIwdVF6ZVhtUkJWTFVreHc9PSIsInZhbHVlIjoid3AyUHZzZmJiOUZ3SGhYRjBpbnE1amRpcHlSV2p6NHIzajB6MGdLajg4RnVvdlI1KzgxWGVsc2pXcjlLRCtBaVlYRXB6cjJYb00rQXJ2dDFnbEMzS09LR0FJYnNmeWFBOUdIcTZROEZ2NGphNm12WXdUSEtMLzk4Z1NLTTNRbEYiLCJtYWMiOiIyZjFlYTg4ZjRhODRkOTgxMDEzOWQ3MDc0OTE1ZGNkMzk5OWNmN2ExYTAzMTY2NGI1ZWRkNjBlOWFhMjAzNzczIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6ImlzWkdLU0ZZRmNnVUhyRnkyQmhzNHc9PSIsInZhbHVlIjoiUDJIUkUxWDhuWW94Znp4T2xuUFZDSVJKcEpRMU9VUW5OT0VFVTJxbXJ1Q20xS041amRBK2Fjcmo3YzZTSjAvblE5bVpiN0lic0pEa0llcS84QjllSkt1ejQ1VjlJTXJnaUEvMkh3UmJZM2dPSkV2c2IzWFF2SExoUGY0OWZNc2QiLCJtYWMiOiIzNzc2NjYwYWU2MDhiYjNhM2MwNDBjYmMyMzhlMzEyY2NkNzIxNDRhYTIzNjU0YTZlYzFkOWU4YjUzYTM4YmUyIiwidGFnIjoiIn0%3D; ef_witness=1; ef_tid_c_o_6=b1fd6c6315bc41c596298fda66fe494d; ef_tid_c_a_1=b1fd6c6315bc41c596298fda66fe494d; acatxid=b1fd6c6315bc41c596298fda66fe494d; _ga_079T7NVZRZ=GS1.1.1701997541.1.0.1701997541.0.0.0; _ga=GA1.1.1160252619.1701997541; _gcl_au=1.1.1166681619.1701997541; CallPixels-ou=aHR0cHM6Ly9iZW5lZml0ZXhwbG9yZXJzLmNvbS9pbmRleDE/b2lkPTYmYWZmaWQ9MjMmc3ViMT01OTcwODUyJnN1YjI9OVF2d0U2Qm5HWUNvYjc3aWFuSHRleDhqQUFyJnN1YjM9MTkyNDAzNjM0X2IyYzljZTVlZjYwMjE2NTEzMzZiZTczNWYzNjg4YmQy; ajs_anonymous_id=3adb85ca-f20b-4b58-9480-7572c0902509 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:35 GMT content-type: image/png content-length: 24702 last-modified: Fri, 15 Sep 2023 07:44:16 GMT etag: "65040b50-607e" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes X-Firefox-Spdy: h2`

	bat.bing.com/action/0?ti=295007516&tm=gtm002&Ver=2&mid=817edca6-ee11-4415-b7cb-703d3377a6c2&sid=e8c5ac90956511ee90cdc78b92803efb&vid=e8c5c1e0956511ee9fda0b3e26b6aa67&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Benefits%20Explorer&p=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2&r=&lt=3844&evt=pageLoad&sv=1&rn=329516	204.79.197.200	204 No Content	0 B
URL GET HTTP/2 bat.bing.com/action/0?ti=295007516&tm=gtm002&Ver=2&mid=817edca6-ee11-4415-b7cb-703d3377a6c2&sid=e8c5ac90956511ee90cdc78b92803efb&vid=e8c5c1e0956511ee9fda0b3e26b6aa67&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Benefits%20Explorer&p=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2&r=&lt=3844&evt=pageLoad&sv=1&rn=329516 IP 204.79.197.200:443 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerMicrosoft Corporation Subjectwww.bing.com FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /action/0?ti=295007516&tm=gtm002&Ver=2&mid=817edca6-ee11-4415-b7cb-703d3377a6c2&sid=e8c5ac90956511ee90cdc78b92803efb&vid=e8c5c1e0956511ee9fda0b3e26b6aa67&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Benefits%20Explorer&p=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3D9QvwE6BnGYCob77ianHtex8jAAr%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2&r=&lt=3844&evt=pageLoad&sv=1&rn=329516 HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 204 No Content cache-control: no-cache, must-revalidate pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT set-cookie: MUID=359F7E8F15526D6722636D6E14A76C7D; domain=.bing.com; expires=Wed, 01-Jan-2025 01:05:36 GMT; path=/; SameSite=None; Secure; Priority=High; strict-transport-security: max-age=31536000; includeSubDomains; preload access-control-allow-origin: * x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 906A86F1F28245A58171FE1EB199493A Ref B: OSL30EDGE0510 Ref C: 2023-12-08T01:05:36Z date: Fri, 08 Dec 2023 01:05:36 GMT X-Firefox-Spdy: h2

	retreaver-live.medigaplife.io/insert_everflow_clicks?transaction_id=b1fd6c6315bc41c596298fda66fe494d	52.4.129.130	200 OK	20 B
URL OPTIONS HTTP/2 retreaver-live.medigaplife.io/insert_everflow_clicks?transaction_id=b1fd6c6315bc41c596298fda66fe494d IP 52.4.129.130:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectretreaver-live.medigaplife.io Fingerprint3C:F6:D8:66:F7:4F:68:9B:FC:7C:B6:27:AD:24:BF:1A:4C:D2:B7:2F ValidityMon, 16 Oct 2023 15:22:42 GMT - Sun, 14 Jan 2024 15:22:41 GMT File type JSON data\012- , ASCII text, with no line terminators Size 20 B (20 bytes) Hash 5820854f62a6eb3d38ba7ba0d1b3ea75 639df0b84fe699b4a290a713fd6b9a94bd4deb95 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d HTTP Headers POST /insert_everflow_clicks?transaction_id=b1fd6c6315bc41c596298fda66fe494d HTTP/1.1 Host: retreaver-live.medigaplife.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Content-Type: application/json Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Content-Length: 0 TE: trailers `HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:40 GMT content-type: application/json content-length: 20 access-control-allow-origin: * access-control-allow-credentials: true strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	api.routingapi.com/api/v1/numbers/replace_tags	18.211.188.160	200 OK	1.7 kB
URL POST HTTP/2 api.routingapi.com/api/v1/numbers/replace_tags IP 18.211.188.160:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectapi.routingapi.com Fingerprint9F:86:0F:B4:7C:E2:74:4C:8C:44:F0:AF:AA:93:70:BE:B3:80:41:22 ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 13 Mar 2024 23:59:59 GMT File type troff or preprocessor input, ASCII text, with very long lines (1892), with no line terminators Size 1.7 kB (1668 bytes) Hash 6bf58cc1bd68c55a2adf716a0034d83a c6515ddf8c8db96eb36ea4a0f7c8c0eae4cf2f9d 4885140b7e496d9f8d1458429ed3073929e202b5c74457cf121ffc44a7ddb88d HTTP Headers POST /api/v1/numbers/replace_tags HTTP/1.1 Host: api.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 169 Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:36 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate access-control-allow-origin: https://benefitexplorers.com vary: Origin strict-transport-security: max-age=63072000; includeSubDomains referrer-policy: strict-origin-when-cross-origin x-permitted-cross-domain-policies: none x-xss-protection: 0 access-control-max-age: 1728000 x-request-id: 56b7f5a3-128d-45b4-9e8c-25391ef60dee access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS x-download-options: noopen etag: W/"2769a0387c1ba7d4febfd77ea74031de" x-frame-options: ALLOWALL x-runtime: 0.082234 x-content-type-options: nosniff set-cookie: CallPixels-vid=72f77aba12fda8057f3ddd21751b5aa3; path=/; SameSite=Lax x-powered-by: Phusion Passenger(R) Enterprise 6.0.17 server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17 X-Firefox-Spdy: h2

	benefitexplorers.com/path/23/step/1	139.144.22.37	200 OK	9.4 kB
URL GET HTTP/2 benefitexplorers.com/path/23/step/1 IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type HTML document text\012- exported SGML document, ASCII text, with very long lines (10058), with no line terminators Size 9.4 kB (9424 bytes) Hash ec3985f8bddeff71393ac6e24041dbda 77a02872c1ec318ce819152283ad415e4f499bda efb9251b71b12bdfd06a7c74146a768c5b3decb25fc89b437b0938b5f4477d67 HTTP Headers GET /path/23/step/1 HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-TOKEN: 2JkvAZ6sFKOTbZKG5CHKJbUSSagM0DowdhTVKgqJ X-Requested-With: XMLHttpRequest DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6Ikt4dWh6bDk2TWlZRVFhRGxhaDNaSFE9PSIsInZhbHVlIjoibTBRaGJPUThER1poZDJUUHhMRGo3cFcxZ2p1NXZBVit2bStEWDVQQ0RtRlk2RlQxN0dpWHY4ejRUOUVYbE1IOGtid09HeGJXVU9LdzY4M2pGUkNXQWNVWHFlWSsyZm5iWEoyV3c4MXVCc1U4WW9mOCtiZGQyRnFtNlBIYjMrSEEiLCJtYWMiOiJjZDRlZTFlZTA2NmJmYTM5NTFhY2NjZDc4OTQyMDE4NzQxMmJlZDk4MDI1YzE4YTRlODcxYjM4ZjVmOGM2NmY3IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6ImhrcmIrZzlITlNXR0FxSEZOZFJBWHc9PSIsInZhbHVlIjoiYktuK0J6NnEwK0Q0dGY0OGxtbk5CZ0Z5MmRGZ2tpVXZJaW54NExXaFdHRkYzNENYUTVwOFl2VVpmU3hkdlJ4VWtvMDduMzlNT3A3YjJxL1I2NUEyYUJHSW9pZjA2SVMyOExmSUgxUVNITWZJWjdpQjBWajJWOGFpWWYreDJOOWMiLCJtYWMiOiI5ODNiZTc1YWM2NWE0ZGY0NDkyZmRmOTMzMDI0M2YzMjE2NzUyZGRjY2MwMzA1OGM1OTc3MjZiNTFiZDMxNzQzIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Fri, 08 Dec 2023 01:05:34 GMT set-cookie: XSRF-TOKEN=eyJpdiI6InNvNkkxajhZNm5hb0FLNXZ4Vi9ZRmc9PSIsInZhbHVlIjoiNEVVYWJ6dEwyV2pDQUdMLzhNR0xaL3RMbVNhRWFSWFlLYnh6V3VtVjdHWVVFSlRFMDUwT00vMVdiaVcrMFY5aFNCOFowR0RCeUFocE9XY2x2QytSdnZJSXhQRk5wRUZtWmkrTlIyQkpoaEFqQ01iQWdCZk8wUnRzdFNIb3dvdngiLCJtYWMiOiI3MGY1YjkxMzRjZTdlN2Y2ZjFmNjM4NjFlNmM2MTJhMjNiM2NmNmZjMjdmY2IzMmZmYzZhNTA0ZDMwYTc4M2I3IiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:34 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6ImQrTzlBL1dOb0FNNUZxVS9PNmY1N1E9PSIsInZhbHVlIjoiZG9lUGFIb0hrdllYTGg2TzBHeUk3bjVRNXJ6M0t0NHZjMGEvd0NrbFVSZnFUblNyYXBmcGNidXdPUG5Ec3diU3EvN0hTZ2YwS3RKOUtWa1BNZXJPS2RtdExxVzB6Q2YxeHNmcEhIQ1pCNWVXN0dyOFJoMTI2UDI2NEhiWit5SWsiLCJtYWMiOiI5Y2VjYWI2MDE3ZGMwNjMxOGM3ODM2ZjVkMzY3MmZiMDQ4ZmFiMzg2OTFkMmE5MGQ1ZjQ4MmZlNTJkY2NmNzQ5IiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:34 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	kit.fontawesome.com/b4e85772e4.js	104.18.40.68	200 OK	12 kB
URL GET HTTP/2 kit.fontawesome.com/b4e85772e4.js IP 104.18.40.68:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerDigiCert Inc Subject.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT File type ASCII text, with very long lines (11461) Size 12 kB (11890 bytes) Hash ca36133dabc0c4bb4439d7f15c944626 fbbd5ff1125237fceef10967c390f9d312c180bf 7433a26f6b8e74cdad2bf884dc4a8cb2e4b3dcdc247bdcbe1e866a8b14fbd23e HTTP Headers `GET /b4e85772e4.js HTTP/1.1 Host: kit.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:33 GMT content-type: text/javascript access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token access-control-allow-methods: GET, OPTIONS access-control-allow-origin: * access-control-max-age: 3000 cache-control: max-age=60, public, stale-while-revalidate=30 vary: origin, accept-encoding, access-control-request-headers, access-control-request-method x-request-id: F525JQ77prfDgcahAlOC cf-cache-status: MISS server: cloudflare cf-ray: 832119c55ce3569a-OSL content-encoding: gzip X-Firefox-Spdy: h2

	cdn.segment.com/analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js	143.204.48.96	200 OK	111 kB
URL GET HTTP/2 cdn.segment.com/analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js IP 143.204.48.96:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subject.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 111 kB (110756 bytes) Hash 313298459ca2843e2c44c2690d51cf35 2b527a4c6c95897c94d5a68a2fb509d7defea291 dff8ac706849233100b49d978dadf63d9361d9e7320a7c8c0c7cd8b72700aab3 HTTP Headers `GET /analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js HTTP/1.1 Host: cdn.segment.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript; charset=utf-8 date: Fri, 08 Dec 2023 01:05:35 GMT access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 x-amz-replication-status: COMPLETED last-modified: Tue, 05 Dec 2023 00:13:32 GMT etag: W/"313298459ca2843e2c44c2690d51cf35" x-amz-server-side-encryption: AES256 cache-control: public, max-age=120 x-amz-version-id: rFIKxtNficGfBMuagqAg2wBLhFJdW1bC server: AmazonS3 content-encoding: br vary: Accept-Encoding x-cache: Miss from cloudfront via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: WKozVpjM-PRtsP3T63z-_GnPvWoKTk2ZzRA-Hs35f3qQxg4N7MuxHg== X-Firefox-Spdy: h2

	api.routingapi.com/api/v1/numbers/replace_tags	18.211.188.160	200 OK	0 B
URL OPTIONS HTTP/2 api.routingapi.com/api/v1/numbers/replace_tags IP 18.211.188.160:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectapi.routingapi.com Fingerprint9F:86:0F:B4:7C:E2:74:4C:8C:44:F0:AF:AA:93:70:BE:B3:80:41:22 ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 13 Mar 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /api/v1/numbers/replace_tags HTTP/1.1 Host: api.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:35 GMT content-type: text/plain status: 200 OK cache-control: no-cache access-control-allow-origin: https://benefitexplorers.com strict-transport-security: max-age=63072000; includeSubDomains access-control-max-age: 1728000 x-request-id: 3eb84d9d-152c-4ca1-9170-53a91e47254f access-control-allow-credentials: true access-control-allow-headers: content-type access-control-allow-methods: GET, POST, OPTIONS x-runtime: 0.001043 x-powered-by: Phusion Passenger(R) Enterprise 6.0.17 server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17 X-Firefox-Spdy: h2

	benefitexplorers.com/js/additional-methods.min.js	139.144.22.37	200 OK	18 kB
URL GET HTTP/2 benefitexplorers.com/js/additional-methods.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type Size 18 kB (18464 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /js/additional-methods.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:33 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-4820" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=b4e85772e4	172.64.204.20	200 OK	823 B
URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=b4e85772e4 IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (845), with no line terminators Size 823 B (823 bytes) Hash e6d3783736d2fad2b606057fbb27accf 42a95cbe55b5192414282a64e5f0a106ebd0cfcd 428e4fa90d3cad30b14fe0c63a3a23e6487de4dad755477a33a385844e5a91a7 HTTP Headers `GET /releases/v6.5.1/css/free-v5-font-face.min.css?token=b4e85772e4 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:33 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Thu, 30 Nov 2023 17:25:51 GMT etag: W/"496965a55b1faa4d5c41073ef276afc0" x-amz-server-side-encryption: AES256 cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token x-cache: Hit from cloudfront via: 1.1 9438e1326f4ba7255618d848e9c0f7f2.cloudfront.net (CloudFront) x-amz-cf-pop: LHR5-P6 x-amz-cf-id: hkS-BMSFKRHW1GW9KbZjWnsrc9-zpnhLaRA10FhXrs1QloFpZbaduw== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BUOG8NS5xuxlvV1iWx%2BxQqqFqDp9eVVNU4r52jXIuBTt7%2B4K%2BfICDNVG8O3qaqqVXqfmsPC6epKHaNn4qd97sBZu9QFzDGniUc6zteR5yeVeqq%2BND7Zxc%2FYi3zTTWPzdU%2F9awDFcA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 832119c79ed923e2-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=b4e85772e4	172.64.204.20	200 OK	28 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=b4e85772e4 IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (27377) Size 28 kB (27592 bytes) Hash 604d6da359831b0dc67e0f522f1ff94d 48b776b939a780fde0270dedf7cc163d25e28bb1 5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76 HTTP Headers `GET /releases/v6.5.1/css/free-v4-shims.min.css?token=b4e85772e4 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:33 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Thu, 30 Nov 2023 17:25:51 GMT etag: W/"604d6da359831b0dc67e0f522f1ff94d" x-amz-server-side-encryption: AES256 cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 3a8edb2ed8e3cac4b967a90c120d1724.cloudfront.net (CloudFront) x-amz-cf-pop: LHR5-P6 x-amz-cf-id: vkcFRdq4J7T4NEjCKkTyHv7CmBWONYRrkqmErRUP0MMpmCgrykO8ow== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wv62LsyO27BcdXqHAKvgJutvCWWPammJEUsO7vXEx1vxMD6ARsIb56ICyEGleyoKs5cdQxz3NcUQMadfrwq76%2B90AHOobssbxQUFT9A7qzdtGlDFePDmWVmF%2FbYyoCrSvz7Jp03UXA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 832119c79ee023e2-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	benefitexplorers.com/conditionals/check_conditionals	139.144.22.37	200 OK	17 B
URL POST HTTP/2 benefitexplorers.com/conditionals/check_conditionals IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type HTML document, ASCII text, with no line terminators Size 17 B (17 bytes) Hash 977fd571d75951006fee6224e29eecc7 6829def5ec06d211fa90fe69a58213ae901f3ee4 7ded34952def889b456ecda41ebaf8f579c14c4635e3e25f068220ea8d24c04f HTTP Headers POST /conditionals/check_conditionals HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRF-TOKEN: 2JkvAZ6sFKOTbZKG5CHKJbUSSagM0DowdhTVKgqJ X-Requested-With: XMLHttpRequest Content-Length: 17 Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6InNvNkkxajhZNm5hb0FLNXZ4Vi9ZRmc9PSIsInZhbHVlIjoiNEVVYWJ6dEwyV2pDQUdMLzhNR0xaL3RMbVNhRWFSWFlLYnh6V3VtVjdHWVVFSlRFMDUwT00vMVdiaVcrMFY5aFNCOFowR0RCeUFocE9XY2x2QytSdnZJSXhQRk5wRUZtWmkrTlIyQkpoaEFqQ01iQWdCZk8wUnRzdFNIb3dvdngiLCJtYWMiOiI3MGY1YjkxMzRjZTdlN2Y2ZjFmNjM4NjFlNmM2MTJhMjNiM2NmNmZjMjdmY2IzMmZmYzZhNTA0ZDMwYTc4M2I3IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6ImQrTzlBL1dOb0FNNUZxVS9PNmY1N1E9PSIsInZhbHVlIjoiZG9lUGFIb0hrdllYTGg2TzBHeUk3bjVRNXJ6M0t0NHZjMGEvd0NrbFVSZnFUblNyYXBmcGNidXdPUG5Ec3diU3EvN0hTZ2YwS3RKOUtWa1BNZXJPS2RtdExxVzB6Q2YxeHNmcEhIQ1pCNWVXN0dyOFJoMTI2UDI2NEhiWit5SWsiLCJtYWMiOiI5Y2VjYWI2MDE3ZGMwNjMxOGM3ODM2ZjVkMzY3MmZiMDQ4ZmFiMzg2OTFkMmE5MGQ1ZjQ4MmZlNTJkY2NmNzQ5IiwidGFnIjoiIn0%3D; ef_witness=1; ef_tid_c_o_6=b1fd6c6315bc41c596298fda66fe494d; ef_tid_c_a_1=b1fd6c6315bc41c596298fda66fe494d; acatxid=b1fd6c6315bc41c596298fda66fe494d; _ga_079T7NVZRZ=GS1.1.1701997541.1.0.1701997541.0.0.0; _ga=GA1.1.1160252619.1701997541; _gcl_au=1.1.1166681619.1701997541 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Fri, 08 Dec 2023 01:05:34 GMT set-cookie: XSRF-TOKEN=eyJpdiI6IktMaWRoMFIwdVF6ZVhtUkJWTFVreHc9PSIsInZhbHVlIjoid3AyUHZzZmJiOUZ3SGhYRjBpbnE1amRpcHlSV2p6NHIzajB6MGdLajg4RnVvdlI1KzgxWGVsc2pXcjlLRCtBaVlYRXB6cjJYb00rQXJ2dDFnbEMzS09LR0FJYnNmeWFBOUdIcTZROEZ2NGphNm12WXdUSEtMLzk4Z1NLTTNRbEYiLCJtYWMiOiIyZjFlYTg4ZjRhODRkOTgxMDEzOWQ3MDc0OTE1ZGNkMzk5OWNmN2ExYTAzMTY2NGI1ZWRkNjBlOWFhMjAzNzczIiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:34 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6ImlzWkdLU0ZZRmNnVUhyRnkyQmhzNHc9PSIsInZhbHVlIjoiUDJIUkUxWDhuWW94Znp4T2xuUFZDSVJKcEpRMU9VUW5OT0VFVTJxbXJ1Q20xS041amRBK2Fjcmo3YzZTSjAvblE5bVpiN0lic0pEa0llcS84QjllSkt1ejQ1VjlJTXJnaUEvMkh3UmJZM2dPSkV2c2IzWFF2SExoUGY0OWZNc2QiLCJtYWMiOiIzNzc2NjYwYWU2MDhiYjNhM2MwNDBjYmMyMzhlMzEyY2NkNzIxNDRhYTIzNjU0YTZlYzFkOWU4YjUzYTM4YmUyIiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:34 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	use.fontawesome.com/releases/v5.2.0/css/all.css	172.64.141.13	200 OK	47 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.2.0/css/all.css IP 172.64.141.13:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type ASCII text, with very long lines (46750) Size 47 kB (46930 bytes) Hash 20a9ce516eaea76da29a23adc43e8998 cf1a3fd771900af34f2af22142beecfb47367548 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984 HTTP Headers `GET /releases/v5.2.0/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:33 GMT content-type: text/css access-control-allow-origin: * cache-control: max-age=31556926 etag: W/"20a9ce516eaea76da29a23adc43e8998" last-modified: Fri, 22 Sep 2023 01:45:26 GMT vary: Origin, Accept-Encoding cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wvs78Eh9bwz7YulQ%2BX0FiC7kWVuhvd76S85ozP4ejKNC7LSRvOR8hx131SSIxD%2F3uLyMzzuSrIVc0jv%2Buq2r4nIVTnN3NKm%2F%2BpPdykI5tJAEISY07uKYlCgm8p%2FIwa6vZsPDc7l3"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 832119c6388b23c9-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	benefitexplorers.com/js/jquery-3.4.1.min.js	139.144.22.37	200 OK	88 kB
URL GET HTTP/2 benefitexplorers.com/js/jquery-3.4.1.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (65451) Size 88 kB (88145 bytes) Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a HTTP Headers GET /js/jquery-3.4.1.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:33 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-15851" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	cdn.segment.com/analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js	143.204.48.96	200 OK	1.2 kB
URL GET HTTP/2 cdn.segment.com/analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js IP 143.204.48.96:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subject.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT File type troff or preprocessor input, ASCII text, with very long lines (1239), with no line terminators Size 1.2 kB (1214 bytes) Hash 12a8e0448ff1d5aeff6b51f67c131bd2 03199dcb64bfb54d5b1992b27ee54b5995a9c254 1d4ba749a05064d6c607950d1d3dd0c5b4f6491c610ba1ebf5977a201695950e HTTP Headers `GET /analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js HTTP/1.1 Host: cdn.segment.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript date: Thu, 03 Aug 2023 18:34:10 GMT access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 x-amz-replication-status: COMPLETED last-modified: Thu, 03 Aug 2023 16:09:52 GMT etag: W/"84d37438649a847ca9278ee90cdda242" x-amz-server-side-encryption: AES256 cache-control: public,max-age=31536000,immutable x-amz-version-id: M7EGdPVbYkVYUy.U5VHTNkRLwhmYIP5a server: AmazonS3 content-encoding: br vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: pQtQeDOPx6o26C9cw24842ZKxU1IgLKdE7Mm5xK2gn-K1nRQFdDbUg== age: 10909886 X-Firefox-Spdy: h2

	benefitexplorers.com/page/23/template.css?r=482eeb62c9b9592e36aa954735e3a60b	139.144.22.37	200 OK	6.1 kB
URL GET HTTP/2 benefitexplorers.com/page/23/template.css?r=482eeb62c9b9592e36aa954735e3a60b IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (6808), with no line terminators Size 6.1 kB (6135 bytes) Hash 6089acba903d958354b67f7c929c6ff4 95eba7aea0b176126c9878a0dd5dc71b66b96e98 61ec73de468ea70a0c5323efce8a0e8f593658c64a419aeb089445cd4df77082 HTTP Headers GET /page/23/template.css?r=482eeb62c9b9592e36aa954735e3a60b HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/css; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Fri, 08 Dec 2023 01:05:33 GMT set-cookie: XSRF-TOKEN=eyJpdiI6Ikt4dWh6bDk2TWlZRVFhRGxhaDNaSFE9PSIsInZhbHVlIjoibTBRaGJPUThER1poZDJUUHhMRGo3cFcxZ2p1NXZBVit2bStEWDVQQ0RtRlk2RlQxN0dpWHY4ejRUOUVYbE1IOGtid09HeGJXVU9LdzY4M2pGUkNXQWNVWHFlWSsyZm5iWEoyV3c4MXVCc1U4WW9mOCtiZGQyRnFtNlBIYjMrSEEiLCJtYWMiOiJjZDRlZTFlZTA2NmJmYTM5NTFhY2NjZDc4OTQyMDE4NzQxMmJlZDk4MDI1YzE4YTRlODcxYjM4ZjVmOGM2NmY3IiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:33 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6ImhrcmIrZzlITlNXR0FxSEZOZFJBWHc9PSIsInZhbHVlIjoiYktuK0J6NnEwK0Q0dGY0OGxtbk5CZ0Z5MmRGZ2tpVXZJaW54NExXaFdHRkYzNENYUTVwOFl2VVpmU3hkdlJ4VWtvMDduMzlNT3A3YjJxL1I2NUEyYUJHSW9pZjA2SVMyOExmSUgxUVNITWZJWjdpQjBWajJWOGFpWWYreDJOOWMiLCJtYWMiOiI5ODNiZTc1YWM2NWE0ZGY0NDkyZmRmOTMzMDI0M2YzMjE2NzUyZGRjY2MwMzA1OGM1OTc3MjZiNTFiZDMxNzQzIiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:33 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	www.mgl92gs.com/scripts/sdk/everflow.js	34.96.120.38	200 OK	32 kB
URL GET HTTP/2 www.mgl92gs.com/scripts/sdk/everflow.js IP 34.96.120.38:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerStarfield Technologies, Inc. Subjectmgl92gs.com Fingerprint02:3B:C2:97:2D:64:EB:64:EA:FC:48:D3:A9:86:9D:62:6A:19:77:57 ValidityMon, 25 Sep 2023 20:03:35 GMT - Wed, 08 May 2024 14:26:50 GMT File type ASCII text, with very long lines (31533) Size 32 kB (31534 bytes) Hash 48f1d406266c91c6001912c499bfed21 de8228f336a4d8b6dcbf98bf433c0bc97272fd78 4323e8c73404b2e80a204561612217d927ed59bb16e930bf2cd9ccab6818e095 HTTP Headers `GET /scripts/sdk/everflow.js HTTP/1.1 Host: www.mgl92gs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:33 GMT content-type: text/javascript accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model cache-control: max-age=14400 vary: Origin x-eflow-request-id: 6a48e035-9bcc-446f-8648-194e7a88c71c content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	benefitexplorers.com/js/jquery.mask.min.js	139.144.22.37	200 OK	8.2 kB
URL GET HTTP/2 benefitexplorers.com/js/jquery.mask.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (8408), with no line terminators Size 8.2 kB (8185 bytes) Hash 2df11a850b2c383a5496827dc24a5bbb 1370b2368a82d53aa7d22e77f1d3571e94ea5aa6 41fda6e25714b894305cc1c72f0ed1375b919a79cd1889a06bb20dd7b80c5229 HTTP Headers GET /js/jquery.mask.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:33 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-1ff9" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=b4e85772e4	172.64.204.20	200 OK	1.8 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=b4e85772e4 IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (1803), with no line terminators Size 1.8 kB (1775 bytes) Hash b0e7ed6622101ceea9a31043809aabaf 22fefad8852cf1d903fc7d99970d572ddc6b613c 5f9c11fbca88fe6e6e8ce0de6c76eaca7b8c258572153af5ff88c831316347d0 HTTP Headers `GET /releases/v6.5.1/css/free-v4-font-face.min.css?token=b4e85772e4 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:33 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Thu, 30 Nov 2023 17:25:51 GMT etag: W/"cc84affe95dbdd9726525f57d20b4ea6" x-amz-server-side-encryption: AES256 cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 6699805b9870134f60ff76c262d76a02.cloudfront.net (CloudFront) x-amz-cf-pop: LHR5-P6 x-amz-cf-id: HNh-5P5HvbVulxn_qhKvdKrYNBtgUQ6f7Z7lRJ3HYR2SHwJYXWt0rg== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opl9F1XnGTvyZjmhtZK23o6KW6hI%2FvJjsMZai0PR%2Bz2Ovgl%2BQXxHcJr1RmpaKRZHJbaWJtZAt%2FwAsRlbdQT3TKk0RpaHVH4HlX%2FpbrToaH8GRANpP1wz1IW53Id0AbjNPfv240HIsg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 832119c79edb23e2-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	dist.routingapi.com/jsapi/v1/retreaver.min.js	143.204.55.22	200 OK	23 kB
URL GET HTTP/2 dist.routingapi.com/jsapi/v1/retreaver.min.js IP 143.204.55.22:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectdist.routingapi.com Fingerprint50:70:31:9D:02:14:6F:1C:79:71:C8:9E:E3:7F:E9:A1:AD:7B:05:E4 ValidityTue, 24 Jan 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT File type ASCII text, with very long lines (23101) Size 23 kB (23129 bytes) Hash 5fba3b06be83b8b66a6e46f4e8946a72 3f0f63e8ebae6f5549269293c6c0163e5fbe1eba b73d022008f2e129a6dc14a9b33b6acb061afcae960fbd4908df0df404c74555 HTTP Headers `GET /jsapi/v1/retreaver.min.js HTTP/1.1 Host: dist.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript date: Thu, 07 Dec 2023 22:03:56 GMT server: nginx/1.18.0 (Ubuntu) last-modified: Thu, 07 Dec 2023 08:32:26 GMT etag: W/"6571831a-5a59" content-encoding: gzip vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: lgUMEuSxqivHvwohxAJHg980-9jZL_gf2xD05_K2jlJSqhY2KKzz5w== age: 10899 X-Firefox-Spdy: h2`

	benefitexplorers.com/js/jquery.validate.min.js	139.144.22.37	200 OK	23 kB
URL GET HTTP/2 benefitexplorers.com/js/jquery.validate.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type Size 23 kB (23261 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /js/jquery.validate.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:33 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-5add" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	api.routingapi.com/api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda	18.211.188.160	200 OK	1.6 kB
URL POST HTTP/2 api.routingapi.com/api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda IP 18.211.188.160:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectapi.routingapi.com Fingerprint9F:86:0F:B4:7C:E2:74:4C:8C:44:F0:AF:AA:93:70:BE:B3:80:41:22 ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 13 Mar 2024 23:59:59 GMT File type troff or preprocessor input, ASCII text, with very long lines (1779), with no line terminators Size 1.6 kB (1567 bytes) Hash cd651b9ed9f9cbe24314c2662a64c7e4 9bab156898184e9a407d2965b6979455401593c3 422ca93605ec5a88c5779e01739bd5210003c8d5d1e1265e61845479fb528df0 HTTP Headers POST /api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda HTTP/1.1 Host: api.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 227 Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:35 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate access-control-allow-origin: https://benefitexplorers.com vary: Origin strict-transport-security: max-age=63072000; includeSubDomains referrer-policy: strict-origin-when-cross-origin x-permitted-cross-domain-policies: none x-xss-protection: 0 access-control-max-age: 1728000 x-request-id: 73b875a2-002a-4c6d-bdaa-5144aa7da5ae access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS x-download-options: noopen etag: W/"a0695bf6d4774a52524be63c7731915e" x-frame-options: ALLOWALL x-runtime: 0.146123 x-content-type-options: nosniff set-cookie: CallPixels-vid=72f77aba12fda8057f3ddd21751b5aa3; path=/; SameSite=Lax x-powered-by: Phusion Passenger(R) Enterprise 6.0.17 server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17 X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css	104.18.11.207	200 OK	145 kB
URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP 104.18.11.207:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04 ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT File type ASCII text, with very long lines (65325) Size 145 kB (144877 bytes) Hash 450fc463b8b1a349df717056fbb3e078 895125a4522a3b10ee7ada06ee6503587cbf95c5 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d HTTP Headers `GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:33 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"450fc463b8b1a349df717056fbb3e078" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 10/31/2023 18:48:44 cdn-proxyver: 1.04 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 752 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 6f2d14e9436097e66447b103aa0360de cdn-cache: HIT cf-cache-status: HIT age: 1107856 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 832119c55fc356c3-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	benefitexplorers.com/js/script.js?id=469077f959b21b1b42cc6772f63a1592	139.144.22.37	200 OK	2.2 kB
URL GET HTTP/2 benefitexplorers.com/js/script.js?id=469077f959b21b1b42cc6772f63a1592 IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (2323), with no line terminators Size 2.2 kB (2200 bytes) Hash 63d5a73fd6471bf6b5402fe6e3289682 1e34d6206460ddb2304d57dcade567218ffb5690 c04c8b7461073654cde0b6de086fc20d923b2d929d58a16b2207b06251e12eb5 HTTP Headers GET /js/script.js?id=469077f959b21b1b42cc6772f63a1592 HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:33 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-898" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	bat.bing.com/p/action/295007516.js	204.79.197.200	200 OK	3.7 kB
URL GET HTTP/2 bat.bing.com/p/action/295007516.js IP 204.79.197.200:443 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerMicrosoft Corporation Subjectwww.bing.com FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT File type ASCII text, with very long lines (3889), with no line terminators Size 3.7 kB (3731 bytes) Hash 97f40f5324a6a3228ecaa012c74c89f7 b14743b00e051da403be36c43931e6396651cfa6 12f817fe1d0533f233c1a426feef77970acd950fab719e177263f263a75c2b9d HTTP Headers `GET /p/action/295007516.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK cache-control: private,max-age=60 content-type: application/javascript; charset=utf-8 content-encoding: br vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 7A56365E53D14A6581F19B76CA3FBD15 Ref B: OSL30EDGE0510 Ref C: 2023-12-08T01:05:36Z date: Fri, 08 Dec 2023 01:05:36 GMT X-Firefox-Spdy: h2

	benefitexplorers.com/page/23/style.css?r=1b0dac65ab1408f531189c1ba5832129	139.144.22.37	200 OK	92 B
URL GET HTTP/2 benefitexplorers.com/page/23/style.css?r=1b0dac65ab1408f531189c1ba5832129 IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with no line terminators Size 92 B (92 bytes) Hash fab1de1054e7be4accd11a85cf38063f 8e4df545ada08af031ed8aeb6e438b6693b092ab 9459bab8acdc64d0a652002aeeb240c07d35b9be0005e0fca3cdb76d6ccd41bf HTTP Headers GET /page/23/style.css?r=1b0dac65ab1408f531189c1ba5832129 HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/css; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Fri, 08 Dec 2023 01:05:33 GMT set-cookie: XSRF-TOKEN=eyJpdiI6IkFwSmYvUGxlOFBBNXpCUVgzYlQvYlE9PSIsInZhbHVlIjoiUkVoajhMWmRSWDMxd2NFQnhKdXJQQm9MNE51V0R6Qmx5cXM3YVVoUGlqQ0FLWUhHOXF5T3ZJY0hwVVFVTnJ5d0FNUEkwZnJEKzVPOUE4dExvUktIRkUzMFNZUGtGWC82ZklOYWFQaldDU21nandaUVlKUkJKTE5xWGloaDhreUoiLCJtYWMiOiJmYjZmYjRjNDlkNTM4ZmQ0MGIzY2VjZDhiODA0ZGM3ZTY3Njk5MTZiMGM0MzUzZjk1OTY5YjVhZWE3OTBmNThjIiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:33 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6ImZUQjhsNVZxakNKOTFESy9LYWRmR3c9PSIsInZhbHVlIjoiOHg2d0tjRjJJU2NRbk5PVkUyNjZUdS8vWTRVc1FINVVDWDhzWXRHaTdTdHFvSGtBVGFsT3V0amxhMGtlNDFKS2hBTlVWZDRrWFU2WU9rZ2NKYkM0bE5aVlFwMkVVdGtrNWQyOTVldXByNTNxWGZrSlUybjNmQmh1QnhtV1dKNi8iLCJtYWMiOiIyMjZjMzUyMGE4MWE5NDc3ZTc2YzcwNzQ4ZDRlM2I5YjZlODg5MWQxZGJiNjNmMTYzMzY0MDJjMmQxNjAzZDFhIiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 03:05:33 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	benefitexplorers.com/files/images/benefitexplorers_logo.svg	139.144.22.37	200 OK	13 kB
URL GET HTTP/2 benefitexplorers.com/files/images/benefitexplorers_logo.svg IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1134) Size 13 kB (12920 bytes) Hash a0c63271a0064a5178043f5c3f17c0ef 566a4ade085bebca4515ea127aa5e8899d98959d 064923611eff461e0cab532994b51ee02fc07d06b4564fd316deb4590732d589 HTTP Headers GET /files/images/benefitexplorers_logo.svg HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:33 GMT content-type: image/svg+xml last-modified: Mon, 31 Jul 2023 14:12:24 GMT vary: Accept-Encoding etag: W/"64c7c148-3278" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	benefitexplorers.com/js/bootstrap.min.js	139.144.22.37	200 OK	49 kB
URL GET HTTP/2 benefitexplorers.com/js/bootstrap.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (48664) Size 49 kB (48944 bytes) Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b HTTP Headers GET /js/bootstrap.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:33 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-bf30" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	benefitexplorers.com/js/jquery.scrollintoview.min.js	139.144.22.37	200 OK	3.5 kB
URL GET HTTP/2 benefitexplorers.com/js/jquery.scrollintoview.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (3530), with no line terminators Size 3.5 kB (3490 bytes) Hash 9948e795bb7d1a1bc209524605870d88 c956ae3041adb216d1efdbbb8b2c5b714558ca1d 802d495ba49a79f00b38993ec87485f61e2f56fbb8e2ebe0aa4f23157384017d HTTP Headers GET /js/jquery.scrollintoview.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImVJdnM2MmRLK2ROR2JPaGR6aFNiaWc9PSIsInZhbHVlIjoicVBGMXV0K2pGQmlTZlNlZDlzdUU5b3locjNncVNWaGRGWHNhV3BRNFg1V2ZvVjgyZXpCK0ZiQUhpK2pRcE5SK3ZyUURHREo2QVJySWxYZVBJSkZWUHhRMWFpMXpIbXl3V1k0a0Jwa21hK2NMMGYybSs0RFlkZnRTa0dVZXpKOEwiLCJtYWMiOiJjNjZkNDI5YTc1ZDQ4ZmU3MTVjY2JlYTk5NGRlN2ZjYTAwYTk2NmNmODlmYWM5NjM5OTA4ZGJmOTI5MTVhNjMxIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InpLRXVxQzE1OGtGYkpJM25Vdk5jMkE9PSIsInZhbHVlIjoiVHdUTldzakN3eTBabjc2VGhGVHFNZC9XQ1haUW1PUnAzNjJRQkVZMUFFa1U2Nzk2REplZmFMdWFNTllGT2lpSG9PSmlLSXJBejkvOTZIRTJHeTRxcEtSUU0yS1EvaUNNVXdtdlFQMFlpUENoV1lWdmZ2elRua2lCWDJxTjhkRjIiLCJtYWMiOiI4NzFlODI4Y2E3MTU3ODNkNGMyOGY1MWM1NmUzNjJlN2ViN2IwMmUxNGEzYzE0MWFjMmIyMjA2ZTY0MjIxMjRhIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 08 Dec 2023 01:05:33 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-da2" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	api.routingapi.com/api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda	18.211.188.160	200 OK	0 B
URL OPTIONS HTTP/2 api.routingapi.com/api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda IP 18.211.188.160:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=9QvwE6BnGYCob77ianHtex8jAAr&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectapi.routingapi.com Fingerprint9F:86:0F:B4:7C:E2:74:4C:8C:44:F0:AF:AA:93:70:BE:B3:80:41:22 ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 13 Mar 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda HTTP/1.1 Host: api.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 08 Dec 2023 01:05:35 GMT content-type: text/plain status: 200 OK cache-control: no-cache access-control-allow-origin: https://benefitexplorers.com strict-transport-security: max-age=63072000; includeSubDomains access-control-max-age: 1728000 x-request-id: 413a6ca0-b885-43f8-b3ce-1875e22916d8 access-control-allow-credentials: true access-control-allow-headers: content-type access-control-allow-methods: GET, POST, OPTIONS x-runtime: 0.001061 x-powered-by: Phusion Passenger(R) Enterprise 6.0.17 server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (40)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash