Report - benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634

Report Overview

Visited public
2023-12-04 19:57:01
Tags
URL
benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2
Finishing URL
benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2
IP / ASN
139.144.22.37
#0
Title
Benefits Explorer

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.segment.com	1618	1998-07-06	2014-04-11 14:30:48	2023-12-04 18:12:24	2.0 kB	117 kB	143.204.48.96
portal.smartrecognition.com	unknown	2010-04-20	2023-07-03 22:01:00	2023-11-18 06:23:44	730 B	613 B	159.203.118.95
benefitexplorers.com	unknown	unknown	No data	No data	19 kB	295 kB	139.144.22.37
retreaver-live.medigaplife.io	unknown	unknown	No data	No data	1.2 kB	740 B	52.45.236.109
dot.theonenet.work	321670	2020-09-21	2020-11-09 15:52:35	2023-11-08 14:22:56	645 B	586 B	54.230.111.114
bat.bing.com	387	1996-01-29	2014-04-08 11:23:16	2023-12-04 05:12:40	1.7 kB	19 kB	13.107.21.200
dist.routingapi.com	412373	2016-06-17	2018-06-13 23:18:46	2023-11-25 19:23:20	438 B	24 kB	143.204.55.22
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-04 07:58:24	1.8 kB	609 kB	216.58.207.200
www.mgl92gs.com	unknown	unknown	No data	No data	1.0 kB	9.8 kB	34.96.120.38
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-12-04 05:23:47	459 B	100 kB	104.18.40.68
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-12-04 06:43:52	466 B	119 kB	104.18.10.207
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2023-12-04 05:28:09	2.0 kB	138 kB	172.64.204.20
api.routingapi.com	291806	2016-06-17	2017-07-05 21:40:59	2023-11-16 16:32:16	2.2 kB	6.4 kB	54.81.210.46
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-12-04 05:09:20	1.0 kB	111 kB	172.64.140.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-04 19:56:49	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .work TLD
2023-12-04 19:56:49	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .work TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (40)

	URL	From	Size	First Seen	Last Seen
	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	1.3 kB	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 644b332573c5e12d67cc1fa341da5b16 ebfbbc848f773d31e75957c0683ad85f8146b92b 1a6fc631b082858c83eb558ae4d5313df4f4887c07c90825fd81d41a12948d5b Loading...

	benefitexplorers.com/js/jquery.mask.min.js	ScriptElement	8.2 kB	2023-03-07	2025-05-07
Pretty URL benefitexplorers.com/js/jquery.mask.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 14:51 Times Seen713 Hash acb54232967a36f1df1d0c0623a89d65 6bc0ce0a4a1dd27ddb307b80a1247af996eb23bf bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e Loading...

	dist.routingapi.com/jsapi/v1/retreaver.min.js	ScriptElement	23 kB	2023-12-04	2024-08-20
Pretty URL dist.routingapi.com/jsapi/v1/retreaver.min.js IP 143.204.55.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen2 Hash 18dcd2f74d49b6bf9633119906d2e206 be6929367eedc59e5173a40588839106f6b77c53 7db552b39f2cbf5390a3f024f553a488f6efe152cc55e6d0c3a4e09afbf1bcf9 Loading...

	unknown	ScriptElement	3.2 kB	2023-12-04	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 93ff5ef648865ad1c6fdf4bce726d023 d99d9ef3615f4815d6f3baa16856de728bf0c252 9702b4c4ba494350c5601589b58665232b32b1300dc63a6e411dbe18a73d910e Loading...

	unknown	ScriptElement	422 B	2023-12-04	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 28481297724dd4e24f6a90fc624e51f4 8a40025c3e44272e848410e3936056a488b2ea3a 4d873e76eea0c9ae9c18eddde760911ca386edaef42fdfa1686458bbd4a1c953 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	598 B	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 4df91422979c9693e0dabebd3aed9528 5859e80e9caeb117a4b6fa7077781c715d898294 efa1a374f74c4647db1290f453e5be6a06d66431b81f332ef77012df763131ee Loading...

	benefitexplorers.com/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-05-09
Pretty URL benefitexplorers.com/js/bootstrap.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 03:18 Times Seen74807 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	www.googletagmanager.com/gtag/js?id=G-079T7NVZRZ	ScriptElement	284 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-079T7NVZRZ IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2023-12-04 20:57 Times Seen1 Hash f16a1a08e31189b7c53815a360e9e7f9 2644fa7cd52f619f4dd67e811268edf1b37b2f83 33bf648cb181ca09fbcb9ba4455a6f1d0f2737f84dda6c8e7405e3cc5edb4e27 Loading...

	benefitexplorers.com/js/additional-methods.min.js	ScriptElement	18 kB	2023-04-05	2025-05-01
Pretty URL benefitexplorers.com/js/additional-methods.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 10:49 Last Seen2025-05-01 08:17 Times Seen108 Hash 9fd50845f039f9efb9337b58e5e355c9 a7c2e0772f3215aa593e8c142741c6d68e79f6a0 4142040b6091e0b8c51c0d99055effe1df9ea80e88f010c1e92688577a76398f Loading...

	unknown	ScriptElement	413 B	2023-12-04	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash f2f7b58d3565eb1a1a51fd0fb3e61266 53a2639cb2899a0edf902289458e45469d6eb1e8 1f5912d08bd0088d56b9178a3fab229c76b467fed0dc96c683dd12a180041786 Loading...

	www.googletagmanager.com/gtag/js?id=UA-280958866-1&l=dataLayer&cx=c	ScriptElement	178 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=UA-280958866-1&l=dataLayer&cx=c IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2023-12-04 20:57 Times Seen1 Hash fa123bf92ccba097db2a1df1ef3a2559 2170c146dd62872f9ac707d53bfb4ece7b9c578b b5d005fb21bb9a7f3e9f7c9a8e1caa2543bb15e315eba16094859a540d963559 Loading...

	benefitexplorers.com/js/jquery.validate.min.js	ScriptElement	23 kB	2023-04-05	2025-05-08
Pretty URL benefitexplorers.com/js/jquery.validate.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 10:49 Last Seen2025-05-08 18:09 Times Seen1161 Hash c74e1b8c32903df80bfa35b92e96041c 8a474ec9b4f1d3573855f41286e43b0000a1dba5 4ffadde8da37f59253cb4cd5541262b6042ff2ca2308579fadb21bf802dfba89 Loading...

	benefitexplorers.com/js/jquery.scrollintoview.min.js	ScriptElement	3.5 kB	2023-03-07	2025-03-28
Pretty URL benefitexplorers.com/js/jquery.scrollintoview.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2025-03-28 17:23 Times Seen19 Hash 98c7c3b86202a426d48daeb5d6cfb769 ee08e28171cf05e6a186bb2d7066d84835aab530 6736d0e67c5396641c228598701e67f4eb2ecb899c0265519426f08415e7d731 Loading...

	portal.smartrecognition.com/servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=77886668&millis=1701719808845&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	117 B	2023-03-12	2025-04-13
Pretty URL portal.smartrecognition.com/servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=77886668&millis=1701719808845&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 IP 159.203.118.95 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:01 Last Seen2025-04-13 00:44 Times Seen31 Hash b9f6fd3de12e717a6e45c626e932ff52 3b6ba4f89e39d0e0c3cb71ed80aa47ac2cd53dd5 a5141417f05db2ef2616e04564418176625823cd3da4fbf25c6bbd0f0ee35056 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	1.2 kB	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 377b18b0daee1a830a2cf0db8492069c 419b855e8f72a15d4dee997c50a50c678643365e 02cd16dc9059743e8a8ec4b11ee82db0f70439c35610cef14e2ece1ab6edfaad Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	153 B	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 3c6d0db286b59ff799349c10e11f9ff5 f891cb33f028e772438b003a1a2c793ac4a95e3f 6bcac62939056f72672d952f78bad387cd545617981ce8c2b27d17f590a3c829 Loading...

	cdn.segment.com/analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js	ScriptElement	1.2 kB	2023-05-11	2025-04-20
Pretty URL cdn.segment.com/analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 15:19 Last Seen2025-04-20 03:23 Times Seen162 Hash 84d37438649a847ca9278ee90cdda242 0b351acc6d858dc1e934444e64d66dade8f34ed8 7a687cfd95c9751f1bb69d2f32f1d2f64c0d71b398dc086dfe5b19e4971acf84 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 03:18 Times Seen340514 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	bat.bing.com/p/action/295007516.js	ScriptElement	3.7 kB	2023-12-04	2024-08-20
Pretty URL bat.bing.com/p/action/295007516.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 9eae94ee0e3e58430de722da22e05a72 bfe6c659e822676211353fcafa379f66cfb5d67a 950eea6bb50f56537ff889b3c3f27479d191d0f2c8cbcdea01a830de52904cf3 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	341 B	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 695b2f6030fd6ea21ff9e64f55a61bc8 8828d5a79d741612f03b57d32121e50486540730 242c3e85112be85d1611163f3f05e10eafeccb5617b3c71af67cc89ca4c0ef3e Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	1.0 kB	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash d7ecadfb6143bd770a4918ef8e78f34c 7081e591c9df8e92f5146a670bc55ef73f594e98 c5526d40af0357217d8fd2f783e606f1f62c0b0c4b07237969ef8bcb18ff2dde Loading...

	benefitexplorers.com/js/script.js?id=469077f959b21b1b42cc6772f63a1592	ScriptElement	2.2 kB	2023-03-29	2024-08-21
Pretty URL benefitexplorers.com/js/script.js?id=469077f959b21b1b42cc6772f63a1592 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08 Last Seen2024-08-21 08:58 Times Seen7 Hash 21bcf45a77bd8da2bfa03693aa517ac9 576adc2f3df08070c6ac10df0202e343544f6bcb e2813b6562fd8c65eabe841b6a454fe8376ee778ef3d6889de4b615f2bf2d3e7 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5F9SL9D	ScriptElement	260 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5F9SL9D IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2023-12-04 20:57 Times Seen1 Hash 22f1db7a178778249d0c482d47010121 2f428b2c2d993cf5b94e7203135e008783aa671a b50a0badf517c2817d3e4e8a3c49418690970cc60576d4fe73158b69cc9db219 Loading...

	www.googletagmanager.com/gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c	ScriptElement	203 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2023-12-04 20:57 Times Seen1 Hash 6d6b52af87e46cb1641aa0486a68487e f7c7168388501dec3b9c9998e3c891d1b1233bc9 fc7f0cf5bfc53a3966d923d71963868e651b3f94176d3c04fcb046b5e2100bce Loading...

	bat.bing.com/bat.js	ScriptElement	46 kB	2023-11-10	2024-09-19
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 23:20 Last Seen2024-09-19 20:57 Times Seen11863 Hash 7f75f159026f3a2c8cccda487b43157b 021cf5c854db063cd79bf0394c24eb994e095640 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Loading...

	kit.fontawesome.com/b4e85772e4.js	ScriptElement	12 kB	2023-12-04	2023-12-08
Pretty URL kit.fontawesome.com/b4e85772e4.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2023-12-08 02:05 Times Seen4 Hash ca36133dabc0c4bb4439d7f15c944626 fbbd5ff1125237fceef10967c390f9d312c180bf 7433a26f6b8e74cdad2bf884dc4a8cb2e4b3dcdc247bdcbe1e866a8b14fbd23e Loading...

	www.mgl92gs.com/scripts/sdk/everflow.js	ScriptElement	32 kB	2023-12-04	2023-12-08
Pretty URL www.mgl92gs.com/scripts/sdk/everflow.js IP 34.96.120.38 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2023-12-08 02:05 Times Seen4 Hash 48f1d406266c91c6001912c499bfed21 de8228f336a4d8b6dcbf98bf433c0bc97272fd78 4323e8c73404b2e80a204561612217d927ed59bb16e930bf2cd9ccab6818e095 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	1.1 kB	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 3707d1ad7542ca083f57d992afc629c5 aa0d399dacb055a3441b2561d8e5e34aef696544 e6e1ce28fd314154a94a488869f215c1f122bbdb587aa67c454e874c091ca992 Loading...

	benefitexplorers.com/js/jquery-3.4.1.min.js	ScriptElement	88 kB	2023-03-07	2025-05-09
Pretty URL benefitexplorers.com/js/jquery-3.4.1.min.js IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 00:16 Times Seen68084 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz	ScriptElement	1.8 kB	2023-03-08	2025-04-20
Pretty URL cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:23 Last Seen2025-04-20 03:23 Times Seen232 Hash 3fa7abe12ac60941c90bdb6feed82551 d91a1dd00d96e1ae779fa8c08c18236b5744e282 66681843d2dddef898a0e614bc668cab30aceecd7a0d89965b7b0447bfcf14c4 Loading...

	benefitexplorers.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL benefitexplorers.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 03:18 Times Seen341313 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	155 B	2023-12-04	2024-08-20
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash 5d00d8a75a3705942ac93cb4b7667599 1c6f6d3f0f8ebf8ce11a664f53c8a6b224c02866 52ebbd6251971a562790c18b7222f828b4977669b933c446f373bcc67fbe4005 Loading...

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	ScriptElement	86 B	2023-03-29	2024-08-21
Pretty URL benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 21:08 Last Seen2024-08-21 08:58 Times Seen7 Hash c2fa5803fca7090ce9e16cab1e34a5c1 12cd05fa00459ca5e60ff58f1c21028fc6a755fc e41ced9bf62efc77c06dc379ed2f36797afa5f24be439e8846d56057e65c2283 Loading...

	cdn.segment.com/analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js	ScriptElement	110 kB	2023-12-04	2023-12-04
Pretty URL cdn.segment.com/analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2023-12-04 20:57 Times Seen1 Hash 90265cee616c9b13cde8989d3d1d12b5 f5c9946e8be90529a4d3a9da1b4b82468e40bc83 54289820dfeed3f55df09c57a8abf0c2504be528886dec36dc0221da26a34b19 Loading...

	unknown	ScriptElement	2.2 kB	2023-12-04	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:57 Last Seen2024-08-20 16:47 Times Seen4 Hash bc4d21073cae30869c5895ddbf76d7ec 3c7a8e05bfad336efb8098218a1cb19abf7d9d75 cdcf115737ce320529e679fedcb07064910bc27bb9c9c9769db593eb120d9fb6 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4735ea016be1fd6fcd4b0de8da4b7ca9	7 B	2023-03-13 15:03	2025-04-29 14:13
Pretty Observations First Seen2023-03-13 15:03 Last Seen2025-04-29 14:13 Times Seen308 Hash 4735ea016be1fd6fcd4b0de8da4b7ca9 3321d9aeb277fed52ff6f549c17813f18305b34b d0f8f9fef60854dc21f0ead0b90dec0f34b55bbe853b5971d06f3a2754bf4f32 Loading...

	#2 Eval - 55969f661ca3fcbaac4b9205a8b5de78	8 B	2023-03-13 15:03	2025-04-28 05:00
Pretty Observations First Seen2023-03-13 15:03 Last Seen2025-04-28 05:00 Times Seen258 Hash 55969f661ca3fcbaac4b9205a8b5de78 9e70d533a801ab26b98de40bb0fe6e12c98400a4 db98d258d90b4ba04eca37486d76e234c70ce22e4b2da9da49160a51a9047b9d Loading...

	#3 Eval - 2e7f42c4404f8933ea4a32f069446a07	18 B	2023-03-13 15:03	2025-04-28 05:00
Pretty Observations First Seen2023-03-13 15:03 Last Seen2025-04-28 05:00 Times Seen261 Hash 2e7f42c4404f8933ea4a32f069446a07 70469c08a102426fe3aa49a39ed3aeabb54551f5 22edb47523880f1709ff52a6fc073ef279cb78ec41e674f9b5eec1e088c3d321 Loading...

	#4 Eval - a23c53e4fa32b4da3cc75e5554a5c497	12 B	2023-03-13 15:03	2025-04-28 05:00
Pretty Observations First Seen2023-03-13 15:03 Last Seen2025-04-28 05:00 Times Seen258 Hash a23c53e4fa32b4da3cc75e5554a5c497 d406e5bccbac5cf6db3f8ca0ffb124b4424b28d3 ebe68919f264b9c8d9e1e3b1a66a12570b51148613cdcb19c32ae6d5c2cdb930 Loading...

		Size	First Seen	Last Seen
	#1 Write - 0a54b556276c95ed92ae970b4f7ff960	392 B	2024-08-20 16:47	2024-08-20 16:47
Pretty Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash 0a54b556276c95ed92ae970b4f7ff960 6c61fcda15ed806b841cd8ce4675d8fda6f95f8f e631610cce0ebabde233aff95166cb8d5b41f5db92740b680a8ecef5c5064d7b Loading...

HTTP Transactions (44)

	URL	IP	Response	Size
	www.googletagmanager.com/gtag/js?id=G-079T7NVZRZ	216.58.207.200	200 OK	94 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-079T7NVZRZ IP 216.58.207.200:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (5955) Size 94 kB (94120 bytes) Hash f16a1a08e31189b7c53815a360e9e7f9 2644fa7cd52f619f4dd67e811268edf1b37b2f83 33bf648cb181ca09fbcb9ba4455a6f1d0f2737f84dda6c8e7405e3cc5edb4e27 HTTP Headers `GET /gtag/js?id=G-079T7NVZRZ HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 04 Dec 2023 19:56:42 GMT expires: Mon, 04 Dec 2023 19:56:42 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 94120 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.mgl92gs.com/scripts/sdk/everflow.js	34.96.120.38	200 OK	8.6 kB
URL GET HTTP/2 www.mgl92gs.com/scripts/sdk/everflow.js IP 34.96.120.38:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerStarfield Technologies, Inc. Subjectmgl92gs.com Fingerprint02:3B:C2:97:2D:64:EB:64:EA:FC:48:D3:A9:86:9D:62:6A:19:77:57 ValidityMon, 25 Sep 2023 20:03:35 GMT - Wed, 08 May 2024 14:26:50 GMT File type ASCII text, with very long lines (31533) Size 8.6 kB (8638 bytes) Hash e78ccf6402233dc140ee185ae577e25d ac7c01a8babb0a466a722b19ea581c44248fcd83 80d1dff5d7fab3751c558a77b975991db629736302627a30c25c806660be5f7d HTTP Headers `GET /scripts/sdk/everflow.js HTTP/1.1 Host: www.mgl92gs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:42 GMT content-type: text/javascript accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model cache-control: max-age=14400 vary: Origin x-eflow-request-id: 592261db-686d-429a-9489-19881095380d content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	kit.fontawesome.com/b4e85772e4.js	104.18.40.68	200 OK	99 kB
URL GET HTTP/2 kit.fontawesome.com/b4e85772e4.js IP 104.18.40.68:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerDigiCert Inc Subject.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 99 kB (98997 bytes) Hash 56d974e0ac3378499ffdcda081aab356 1c79f1beaf7d6838af77d4d340172a902d380758 f3c447f4b85a151c97ded0846e4118238574626d55f14c0fdf3fb375bcead777 HTTP Headers `GET /b4e85772e4.js HTTP/1.1 Host: kit.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:43 GMT content-type: text/javascript access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token access-control-allow-methods: GET, OPTIONS access-control-allow-origin: * access-control-max-age: 3000 cache-control: max-age=60, public, stale-while-revalidate=30 vary: origin, accept-encoding, access-control-request-headers, access-control-request-method x-request-id: F525JQ77prfDgcahAlOC cf-cache-status: MISS server: cloudflare cf-ray: 83069d3e5e9b5695-OSL content-encoding: gzip X-Firefox-Spdy: h2

	www.mgl92gs.com/sdk/click?_ef_transaction_id=&oid=6&affid=23&__cc=&async=json&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	34.96.120.38	200 OK	85 B
URL GET HTTP/3 www.mgl92gs.com/sdk/click?_ef_transaction_id=&oid=6&affid=23&__cc=&async=json&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 34.96.120.38:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerStarfield Technologies, Inc. Subjectmgl92gs.com Fingerprint02:3B:C2:97:2D:64:EB:64:EA:FC:48:D3:A9:86:9D:62:6A:19:77:57 ValidityMon, 25 Sep 2023 20:03:35 GMT - Wed, 08 May 2024 14:26:50 GMT File type JSON data\012- , ASCII text Size 85 B (85 bytes) Hash 7b34d08eba3684f1c488b45667cf6843 71661e26a218ee8f33e197d6ffa679f852ba4492 78c2b6c180295c6be14b859149b05505d15c780d5ed6f47e993b366a6a0e840b HTTP Headers GET /sdk/click?_ef_transaction_id=&oid=6&affid=23&__cc=&async=json&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 HTTP/1.1 Host: www.mgl92gs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:43 GMT content-type: application/json; charset=utf-8 content-length: 85 accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model access-control-allow-credentials: true access-control-allow-origin: https://benefitexplorers.com set-cookie: uniqueClick=cd23b6a7-d330-4236-af1e-44e766c277ba:1701719803; Path=/; Expires=Tue, 05 Dec 2023 19:56:43 GMT; Secure; SameSite=None transaction_id=01dc3969cb36456db2583d99d78a48c0; Path=/; Expires=Sun, 03 Mar 2024 19:56:43 GMT; Secure; SameSite=None vary: Origin x-eflow-request-id: 7523d10c-fa63-4395-ae9d-f521372c4349 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css	104.18.10.207	200 OK	118 kB
URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP 104.18.10.207:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04 ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT File type ASCII text, with very long lines (65325) Size 118 kB (117647 bytes) Hash 450fc463b8b1a349df717056fbb3e078 895125a4522a3b10ee7ada06ee6503587cbf95c5 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d HTTP Headers `GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:42 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"450fc463b8b1a349df717056fbb3e078" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 10/31/2023 18:48:44 cdn-proxyver: 1.04 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 752 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 6f2d14e9436097e66447b103aa0360de cdn-cache: HIT cf-cache-status: HIT age: 830125 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 83069d3e58a756a2-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	benefitexplorers.com/js/jquery.scrollintoview.min.js	139.144.22.37	200 OK	64 kB
URL GET HTTP/2 benefitexplorers.com/js/jquery.scrollintoview.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type gzip compressed data, from Unix\012- data Size 64 kB (63835 bytes) Hash 1bacdac2a908a71c3d584eea9b44c139 49bb3e48b242b3e4bb6c6fc6441185e1b4129ce0 9128722dfe745899eefbbc13dfc956cd62ebbf9869840629e4118373b6f5bfaf HTTP Headers GET /js/jquery.scrollintoview.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:42 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-da2" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	www.googletagmanager.com/gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c	216.58.207.200	200 OK	74 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c IP 216.58.207.200:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (4189) Size 74 kB (74426 bytes) Hash 6d6b52af87e46cb1641aa0486a68487e f7c7168388501dec3b9c9998e3c891d1b1233bc9 fc7f0cf5bfc53a3966d923d71963868e651b3f94176d3c04fcb046b5e2100bce HTTP Headers `GET /gtag/js?id=G-5FBC7D7ZJF&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 04 Dec 2023 19:56:44 GMT expires: Mon, 04 Dec 2023 19:56:44 GMT cache-control: private, max-age=900 last-modified: Mon, 04 Dec 2023 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 74426 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	benefitexplorers.com/js/bootstrap.min.js	139.144.22.37	200 OK	14 kB
URL GET HTTP/2 benefitexplorers.com/js/bootstrap.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type gzip compressed data, from Unix\012- data Size 14 kB (13837 bytes) Hash da8528e36976b4e631b3ac97c2191d1e 2b0428ebaab7b448bc558a150f796fcb4a094b37 055cb0bf915a99da4045507e344ec6fcb70c244fdb5b9f78f0ee5265dfac0ba0 HTTP Headers GET /js/bootstrap.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:42 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-bf30" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	cdn.segment.com/analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js	143.204.48.96	200 OK	1.4 kB
URL GET HTTP/2 cdn.segment.com/analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js IP 143.204.48.96:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subject.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (1141) Size 1.4 kB (1379 bytes) Hash 84d37438649a847ca9278ee90cdda242 0b351acc6d858dc1e934444e64d66dade8f34ed8 7a687cfd95c9751f1bb69d2f32f1d2f64c0d71b398dc086dfe5b19e4971acf84 HTTP Headers `GET /analytics-next/bundles/remoteMiddleware.bundle.366df96a78421ccf3f3e.js HTTP/1.1 Host: cdn.segment.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-type: application/javascript date: Thu, 03 Aug 2023 18:34:10 GMT access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 x-amz-replication-status: COMPLETED last-modified: Thu, 03 Aug 2023 16:09:52 GMT etag: W/"84d37438649a847ca9278ee90cdda242" x-amz-server-side-encryption: AES256 cache-control: public,max-age=31536000,immutable x-amz-version-id: M7EGdPVbYkVYUy.U5VHTNkRLwhmYIP5a server: AmazonS3 content-encoding: br vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 7rtBYYQo61C1fhBV4WZRf7zeAXGkHbC7rt8d1OniGVETLa5CW-NqLg== age: 10632155 X-Firefox-Spdy: h2

	retreaver-live.medigaplife.io/insert_everflow_clicks?transaction_id=01dc3969cb36456db2583d99d78a48c0	52.45.236.109	200 OK	2 B
URL POST HTTP/2 retreaver-live.medigaplife.io/insert_everflow_clicks?transaction_id=01dc3969cb36456db2583d99d78a48c0 IP 52.45.236.109:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectretreaver-live.medigaplife.io Fingerprint3C:F6:D8:66:F7:4F:68:9B:FC:7C:B6:27:AD:24:BF:1A:4C:D2:B7:2F ValidityMon, 16 Oct 2023 15:22:42 GMT - Sun, 14 Jan 2024 15:22:41 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers OPTIONS /insert_everflow_clicks?transaction_id=01dc3969cb36456db2583d99d78a48c0 HTTP/1.1 Host: retreaver-live.medigaplife.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:44 GMT content-type: text/plain; charset=utf-8 content-length: 2 vary: Origin access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-origin: https://benefitexplorers.com access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	dot.theonenet.work/dot/13503?cbust=2067830187441414&url_path=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2	54.230.111.114	200 OK	15 B
URL GET HTTP/2 dot.theonenet.work/dot/13503?cbust=2067830187441414&url_path=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 IP 54.230.111.114:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectdot.theonenet.work FingerprintE0:14:10:A3:AF:85:8F:6A:91:EE:21:49:81:B7:35:C9:A9:79:5E:59 ValidityMon, 14 Aug 2023 00:00:00 GMT - Wed, 11 Sep 2024 23:59:59 GMT File type JSON data\012- , ASCII text, with no line terminators Size 15 B (15 bytes) Hash 0c776997933eb60833b37beaf43814c8 bff63526eb02853c6b414ccfb4d00ac9ca283930 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa HTTP Headers GET /dot/13503?cbust=2067830187441414&url_path=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 HTTP/1.1 Host: dot.theonenet.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: image/gif content-length: 15 date: Mon, 04 Dec 2023 19:56:44 GMT x-amzn-requestid: 85fad539-e549-4b0d-9222-1962e0a767e5 access-control-allow-origin: * x-amz-apigw-id: PbxHgHO0IAMEXuQ= x-amzn-trace-id: Root=1-656e2efc-5b9d18082c71a79d1626fa47 via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront), 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront) x-cache: Miss from cloudfront x-amz-cf-pop: OSL50-C1, OSL50-P1 x-amz-cf-id: FZiZo-qGrL3OUGSqhip-dzGVo_urcGTNv39V1f-u7PORdr2nLkUsVw== X-Firefox-Spdy: h2

	bat.bing.com/bat.js	13.107.21.200	200 OK	13 kB
URL GET HTTP/2 bat.bing.com/bat.js IP 13.107.21.200:443 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerMicrosoft Corporation Subjectwww.bing.com FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators Size 13 kB (13175 bytes) Hash 7f75f159026f3a2c8cccda487b43157b 021cf5c854db063cd79bf0394c24eb994e095640 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 HTTP Headers `GET /bat.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK cache-control: private,max-age=1800 content-length: 13175 content-type: application/javascript content-encoding: gzip last-modified: Fri, 10 Nov 2023 20:09:55 GMT accept-ranges: bytes etag: "80abcdf1114da1:0" vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: E7AFC59A31034DE5AA8B127369BEED27 Ref B: OSL30EDGE0306 Ref C: 2023-12-04T19:56:44Z date: Mon, 04 Dec 2023 19:56:43 GMT X-Firefox-Spdy: h2

	benefitexplorers.com/files/images/benefitexplorers_fav_icon.png	139.144.22.37	200 OK	25 kB
URL GET HTTP/2 benefitexplorers.com/files/images/benefitexplorers_fav_icon.png IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data Size 25 kB (24702 bytes) Hash 778efc3d7fba796a96faeabd7f06dbe6 f21d2c2da01f5be625e5222854376e9399497fc0 9b995b50547cb4f5df13608dc9cec2bf516df9c00c20ca38232086e51510e373 HTTP Headers GET /files/images/benefitexplorers_fav_icon.png HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6ImhqSEhrTzhVVGRDZkUvUE1DM09rTFE9PSIsInZhbHVlIjoiV2taNVV6R1VBYVhVQldWSnpOaklxTlpsYUYvd1ZPYzZaSVAyM2N5czVJd2pUeUZNZUlBS2NPK2JhclV5NDI5ZTdhNHRvYlRjSnpQSzg4eWFpMVVTRVhsRldhUDRFNG1QRk45ZFo3QlYxeGhwS0RjYlFtRFY2eGxyaWF3NTVtWXEiLCJtYWMiOiI3ZDU2MjkzMDkzODIxMTNkZmY4ZDhjNmI2YWM2NDM4OGI5NGNhOTZiMzU5MmY3MGJkNTEwNGFiMTM1MTZmNGM5IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InBTMnMvT09QcEFNZWxkclZ2QWJ1aWc9PSIsInZhbHVlIjoiU21zRnZPVVpOakZ1cVVGVmIrV2xDVkZQQWUwZFZtbEgvMEJSTUN1QWZWSS93Q2lJYlhWa3lzVldzaHY3NlJsc1lUTTYyWWdJdm1GMmhJMmNFSlRDOXl3MXFtSGpyajREWG9STXkxNEVaRStWNFFMTWJha3lxcDRDUXUxSmxJdGkiLCJtYWMiOiJkZTMyZmU5NTEzZmU5ZjcxODA2ODJjZmE0M2M2OTRlYzM5ZGZlZDlkMzk1ZjY5MDliYjU4MmJmYWY5N2QyMjU1IiwidGFnIjoiIn0%3D; _ga_079T7NVZRZ=GS1.1.1701719809.1.0.1701719809.0.0.0; _ga=GA1.1.694419822.1701719810; CallPixels-ou=aHR0cHM6Ly9iZW5lZml0ZXhwbG9yZXJzLmNvbS9pbmRleDE/b2lkPTYmYWZmaWQ9MjMmc3ViMT01OTcwODUyJnN1YjI9QTlBT3dQUnZyTndsZHhBSjlqOFFHdUN6bjVsJnN1YjM9MTkyNDAzNjM0X2IyYzljZTVlZjYwMjE2NTEzMzZiZTczNWYzNjg4YmQy; _gcl_au=1.1.2064440454.1701719810; ef_witness=1; ef_tid_c_o_6=01dc3969cb36456db2583d99d78a48c0; ef_tid_c_a_1=01dc3969cb36456db2583d99d78a48c0; acatxid=01dc3969cb36456db2583d99d78a48c0; ajs_anonymous_id=adf590a8-72ab-437a-9b00-c6aeb23f5bea Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:44 GMT content-type: image/png content-length: 24702 last-modified: Fri, 15 Sep 2023 07:44:16 GMT etag: "65040b50-607e" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes X-Firefox-Spdy: h2`

	bat.bing.com/action/0?ti=295007516&tm=gtm002&Ver=2&mid=e743eda2-d3ca-43e8-9eee-92e6630c1435&sid=439f606092df11eeae136fdca89f0aa2&vid=439f4f8092df11eea2b3030f7c831de9&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Benefits%20Explorer&p=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2&r=&lt=2907&evt=pageLoad&sv=1&rn=368084	13.107.21.200	204 No Content	0 B
URL GET HTTP/2 bat.bing.com/action/0?ti=295007516&tm=gtm002&Ver=2&mid=e743eda2-d3ca-43e8-9eee-92e6630c1435&sid=439f606092df11eeae136fdca89f0aa2&vid=439f4f8092df11eea2b3030f7c831de9&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Benefits%20Explorer&p=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2&r=&lt=2907&evt=pageLoad&sv=1&rn=368084 IP 13.107.21.200:443 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerMicrosoft Corporation Subjectwww.bing.com FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /action/0?ti=295007516&tm=gtm002&Ver=2&mid=e743eda2-d3ca-43e8-9eee-92e6630c1435&sid=439f606092df11eeae136fdca89f0aa2&vid=439f4f8092df11eea2b3030f7c831de9&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Benefits%20Explorer&p=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2&r=&lt=2907&evt=pageLoad&sv=1&rn=368084 HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 204 No Content cache-control: no-cache, must-revalidate pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT set-cookie: MUID=1C748EE8DA82617B18B99D35DBD56023; domain=.bing.com; expires=Sat, 28-Dec-2024 19:56:45 GMT; path=/; SameSite=None; Secure; Priority=High; strict-transport-security: max-age=31536000; includeSubDomains; preload access-control-allow-origin: * x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: AB2BC679FB3E4558AAF171DEEAB0593F Ref B: OSL30EDGE0306 Ref C: 2023-12-04T19:56:45Z date: Mon, 04 Dec 2023 19:56:44 GMT X-Firefox-Spdy: h2

	retreaver-live.medigaplife.io/insert_everflow_clicks?transaction_id=01dc3969cb36456db2583d99d78a48c0	52.45.236.109	200 OK	20 B
URL POST HTTP/2 retreaver-live.medigaplife.io/insert_everflow_clicks?transaction_id=01dc3969cb36456db2583d99d78a48c0 IP 52.45.236.109:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectretreaver-live.medigaplife.io Fingerprint3C:F6:D8:66:F7:4F:68:9B:FC:7C:B6:27:AD:24:BF:1A:4C:D2:B7:2F ValidityMon, 16 Oct 2023 15:22:42 GMT - Sun, 14 Jan 2024 15:22:41 GMT File type JSON data\012- , ASCII text, with no line terminators Size 20 B (20 bytes) Hash 5820854f62a6eb3d38ba7ba0d1b3ea75 639df0b84fe699b4a290a713fd6b9a94bd4deb95 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d HTTP Headers POST /insert_everflow_clicks?transaction_id=01dc3969cb36456db2583d99d78a48c0 HTTP/1.1 Host: retreaver-live.medigaplife.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Content-Type: application/json Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Content-Length: 0 TE: trailers `HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:49 GMT content-type: application/json content-length: 20 access-control-allow-origin: * access-control-allow-credentials: true strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=b4e85772e4	172.64.204.20	200 OK	1.8 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=b4e85772e4 IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (1803), with no line terminators Size 1.8 kB (1775 bytes) Hash b0e7ed6622101ceea9a31043809aabaf 22fefad8852cf1d903fc7d99970d572ddc6b613c 5f9c11fbca88fe6e6e8ce0de6c76eaca7b8c258572153af5ff88c831316347d0 HTTP Headers `GET /releases/v6.5.1/css/free-v4-font-face.min.css?token=b4e85772e4 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:43 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Thu, 30 Nov 2023 17:25:51 GMT etag: W/"cc84affe95dbdd9726525f57d20b4ea6" x-amz-server-side-encryption: AES256 cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 af69af45a94f94ec264bfb9a5a28f3aa.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P1 x-amz-cf-id: cj1xAxjanwTj9Q5_owwtNWBBhY3yNRUSpkEtBrWTBk1D-KNkF-2fIg== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BRt%2BaM7GKZIJa5DdpBsuOW2ba5qK6JwFTWn%2FDGuAUEnCGwN7jLK8F06%2Fk0HEUDDYZ3xylsSfVL3v1o7tVkSvJKvazEaeB%2FZzjKSUR0x4BJWBo0h81yFwJ7c9E2ztUJlyeX7r2q0kA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 83069d427d396359-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	api.routingapi.com/api/v1/numbers/replace_tags	54.81.210.46	200 OK	1.7 kB
URL POST HTTP/2 api.routingapi.com/api/v1/numbers/replace_tags IP 54.81.210.46:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectapi.routingapi.com Fingerprint9F:86:0F:B4:7C:E2:74:4C:8C:44:F0:AF:AA:93:70:BE:B3:80:41:22 ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 13 Mar 2024 23:59:59 GMT File type troff or preprocessor input, ASCII text, with very long lines (1892), with no line terminators Size 1.7 kB (1668 bytes) Hash f31b1e476529e7956d2aeb0ca6c22d77 4c210a77a7eb53d1181053cca5025e7b11c44468 bff604130091c5b2e79b669ddbbb76e09aaba4cd8a5b5242b1e7d5e0f16cd9b6 HTTP Headers POST /api/v1/numbers/replace_tags HTTP/1.1 Host: api.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 169 Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:45 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate access-control-allow-origin: https://benefitexplorers.com vary: Origin strict-transport-security: max-age=63072000; includeSubDomains referrer-policy: strict-origin-when-cross-origin x-permitted-cross-domain-policies: none x-xss-protection: 0 access-control-max-age: 1728000 x-request-id: f2b6d19e-74ba-4d0b-ac01-28f6efa0ae2f access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS x-download-options: noopen etag: W/"17bdffca5b852101585ac6af2ff0b4b1" x-frame-options: ALLOWALL x-runtime: 0.108675 x-content-type-options: nosniff set-cookie: CallPixels-vid=b94c0899eafcab2389042216e6b9a8c4; path=/; SameSite=Lax x-powered-by: Phusion Passenger(R) Enterprise 6.0.17 server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17 X-Firefox-Spdy: h2

	benefitexplorers.com/page/23/template.css?r=482eeb62c9b9592e36aa954735e3a60b	139.144.22.37	200 OK	6.1 kB
URL GET HTTP/2 benefitexplorers.com/page/23/template.css?r=482eeb62c9b9592e36aa954735e3a60b IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (6808), with no line terminators Size 6.1 kB (6135 bytes) Hash 6089acba903d958354b67f7c929c6ff4 95eba7aea0b176126c9878a0dd5dc71b66b96e98 61ec73de468ea70a0c5323efce8a0e8f593658c64a419aeb089445cd4df77082 HTTP Headers GET /page/23/template.css?r=482eeb62c9b9592e36aa954735e3a60b HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/css; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Mon, 04 Dec 2023 19:56:42 GMT set-cookie: XSRF-TOKEN=eyJpdiI6InJzWm0zc2ZIOE9CeUlFY2tUdGM4Unc9PSIsInZhbHVlIjoiU3IwRkxpOEpMcTMwUjJPUXByakZpb0lNTDJhSUQ5VnNKcCtValBjMS9PVTBQVGp3a3MzMXZQWEhLODE5U0IvdG10Nmd5U0hhRlRMcjJ3by9jNVV3RGRBRUxyRWZ0UVNoK3N6RjFDTFgrSkZrVWFTTGRwMnlNM3pFMGJoNzlteVAiLCJtYWMiOiI2OWFmYmJmYmIyODljYWZiMTRhZTJmMTQzZmY3Y2Y1NzBiOWRjMWU0YjVlNzNmNWVhYTQ4Y2JlMDA3MmYwODYxIiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:42 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6IkttY3JxbGlCYVZ1RWluN09uRGQ2aGc9PSIsInZhbHVlIjoieWNOL2t5djdWSjU1S05sK1V3REMxVUt5b2xwSFVCZGJuUHRXRXVNNERNNzJRdGFxb2ZpSGNDUFFNd09yMm02R3JMazBSZVRKWkE1enZ6a3lsVjZjYmcyemlQZkFBSDVnTVQ5NzFCL0xhdlRWWWtieWRpMmVpY3ZBSk44T2h3cTUiLCJtYWMiOiI5YWYyMDljYTM4ZTNiMzFmYmU5YTVlYjYwNmMwNWNjYzBkYjRiMmY4YWM5NDhiZWIxMDllMjM5ZGE1YjYwYmJkIiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:42 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=UA-280958866-1&l=dataLayer&cx=c	216.58.207.200	200 OK	178 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=UA-280958866-1&l=dataLayer&cx=c IP 216.58.207.200:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (3026) Size 178 kB (178069 bytes) Hash fa123bf92ccba097db2a1df1ef3a2559 2170c146dd62872f9ac707d53bfb4ece7b9c578b b5d005fb21bb9a7f3e9f7c9a8e1caa2543bb15e315eba16094859a540d963559 HTTP Headers `GET /gtag/js?id=UA-280958866-1&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 04 Dec 2023 19:56:43 GMT expires: Mon, 04 Dec 2023 19:56:43 GMT cache-control: private, max-age=900 last-modified: Mon, 04 Dec 2023 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 64871 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	benefitexplorers.com/js/jquery.validate.min.js	139.144.22.37	200 OK	23 kB
URL GET HTTP/2 benefitexplorers.com/js/jquery.validate.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type Size 23 kB (23261 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /js/jquery.validate.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:42 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-5add" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=b4e85772e4	172.64.204.20	200 OK	28 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=b4e85772e4 IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (27377) Size 28 kB (27592 bytes) Hash 604d6da359831b0dc67e0f522f1ff94d 48b776b939a780fde0270dedf7cc163d25e28bb1 5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76 HTTP Headers `GET /releases/v6.5.1/css/free-v4-shims.min.css?token=b4e85772e4 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:43 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Thu, 30 Nov 2023 17:25:51 GMT etag: W/"604d6da359831b0dc67e0f522f1ff94d" x-amz-server-side-encryption: AES256 cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 4e17b9920844b6a8df812cad8c3506ec.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P1 x-amz-cf-id: irEgrbVqjg3jAm_ecl5g3it43h9sEyq0UQRckwwpLr5stk0JlcSLTw== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M1MyYV2KA37sZmXt79045OutNbBd1sc5%2BuNq8dorUM7Fwrb2hcPX2BW6RGSNV011CXwdaQ5epDteWrIaa6b94Z1%2B5gYkP8WiJ7y6SN3Kp6vHAjV8%2Fglf9BPShkc%2FKD%2F9RhJWSb37w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 83069d427d326359-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	dist.routingapi.com/jsapi/v1/retreaver.min.js	143.204.55.22	200 OK	23 kB
URL GET HTTP/2 dist.routingapi.com/jsapi/v1/retreaver.min.js IP 143.204.55.22:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectdist.routingapi.com Fingerprint50:70:31:9D:02:14:6F:1C:79:71:C8:9E:E3:7F:E9:A1:AD:7B:05:E4 ValidityTue, 24 Jan 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT File type ASCII text, with very long lines (23101) Size 23 kB (23129 bytes) Hash 18dcd2f74d49b6bf9633119906d2e206 be6929367eedc59e5173a40588839106f6b77c53 7db552b39f2cbf5390a3f024f553a488f6efe152cc55e6d0c3a4e09afbf1bcf9 HTTP Headers `GET /jsapi/v1/retreaver.min.js HTTP/1.1 Host: dist.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript date: Sun, 03 Dec 2023 22:00:23 GMT server: nginx/1.18.0 (Ubuntu) last-modified: Sun, 03 Dec 2023 10:07:20 GMT etag: W/"656c5358-5a59" content-encoding: gzip vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: ahTtUMnziC8XNpa6uPHw7nIhfJrMPIObeIMH62m3QhfVJwQv3hRp-Q== age: 78980 X-Firefox-Spdy: h2`

	benefitexplorers.com/js/script.js?id=469077f959b21b1b42cc6772f63a1592	139.144.22.37	200 OK	2.2 kB
URL GET HTTP/2 benefitexplorers.com/js/script.js?id=469077f959b21b1b42cc6772f63a1592 IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (2323), with no line terminators Size 2.2 kB (2200 bytes) Hash 63d5a73fd6471bf6b5402fe6e3289682 1e34d6206460ddb2304d57dcade567218ffb5690 c04c8b7461073654cde0b6de086fc20d923b2d929d58a16b2207b06251e12eb5 HTTP Headers GET /js/script.js?id=469077f959b21b1b42cc6772f63a1592 HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:42 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-898" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	benefitexplorers.com/page/23/style.css?r=1b0dac65ab1408f531189c1ba5832129	139.144.22.37	200 OK	92 B
URL GET HTTP/2 benefitexplorers.com/page/23/style.css?r=1b0dac65ab1408f531189c1ba5832129 IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with no line terminators Size 92 B (92 bytes) Hash fab1de1054e7be4accd11a85cf38063f 8e4df545ada08af031ed8aeb6e438b6693b092ab 9459bab8acdc64d0a652002aeeb240c07d35b9be0005e0fca3cdb76d6ccd41bf HTTP Headers GET /page/23/style.css?r=1b0dac65ab1408f531189c1ba5832129 HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/css; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Mon, 04 Dec 2023 19:56:42 GMT set-cookie: XSRF-TOKEN=eyJpdiI6Ikw4QVBmd1lxYWFna3NSQnFKdXlneEE9PSIsInZhbHVlIjoiZEZKYzB6ZE03dlV1Qi9TYloyc1FUNC9yYUdiQnk3RFdlU0UxMWxHYnN3dmJsLy9Bb3BreDZ0NUdQalVKeksxTlNlNkhVMjBMcDZSVGZMSjEzcnhBdGlQemhUemN2YlZYU3BIeWhvQXdsZmxWVzg5UkcxVVVxVTJ6K1VIdWVsbDEiLCJtYWMiOiI3YWMwN2UzYjU2YjgzNWRkYzY3MGJkM2Q5Yzc4ZDM4MmZmZDZiNGI1ZjU0Yzk1ZjFjZjAyMmZmYTZhZjNkMDk4IiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:42 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6IkhyOUxVOG40YXJzTXFTT2tSSUM2L3c9PSIsInZhbHVlIjoicG5jV0IxQWp1bWJNRktEZXpuMVU2YkNpbloyV3lxMmJzai9EbjNaUm9KR2V5V3h1YldUeDJjb0txUHF1SThxbmpIMmM4cnZ1LzlwYVpXTjVMc2tNOHIydmRGMDczQVFIZlJGT1dzcXlXb3R1dm5HZmhwY003STRnbFVETXJ3YVQiLCJtYWMiOiIyNDM3MTJmYjFkNTZiNTVlMDU5Yzg2YWZiMTFkNTRkNjhlY2Q0OTE0NWFhNWZjZWIzMTlhODllM2RkOWRiNDQyIiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:42 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	api.routingapi.com/api/v1/numbers/replace_tags	54.81.210.46	200 OK	0 B
URL OPTIONS HTTP/2 api.routingapi.com/api/v1/numbers/replace_tags IP 54.81.210.46:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectapi.routingapi.com Fingerprint9F:86:0F:B4:7C:E2:74:4C:8C:44:F0:AF:AA:93:70:BE:B3:80:41:22 ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 13 Mar 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /api/v1/numbers/replace_tags HTTP/1.1 Host: api.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:44 GMT content-type: text/plain status: 200 OK cache-control: no-cache access-control-allow-origin: https://benefitexplorers.com strict-transport-security: max-age=63072000; includeSubDomains access-control-max-age: 1728000 x-request-id: e06f7cdd-f12e-4be2-833f-8abbed9a41a4 access-control-allow-credentials: true access-control-allow-headers: content-type access-control-allow-methods: GET, POST, OPTIONS x-runtime: 0.000812 x-powered-by: Phusion Passenger(R) Enterprise 6.0.17 server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17 X-Firefox-Spdy: h2

	benefitexplorers.com/js/additional-methods.min.js	139.144.22.37	200 OK	18 kB
URL GET HTTP/2 benefitexplorers.com/js/additional-methods.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type Size 18 kB (18464 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /js/additional-methods.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:42 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-4820" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	benefitexplorers.com/js/jquery.mask.min.js	139.144.22.37	200 OK	8.2 kB
URL GET HTTP/2 benefitexplorers.com/js/jquery.mask.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (8408), with no line terminators Size 8.2 kB (8185 bytes) Hash 2df11a850b2c383a5496827dc24a5bbb 1370b2368a82d53aa7d22e77f1d3571e94ea5aa6 41fda6e25714b894305cc1c72f0ed1375b919a79cd1889a06bb20dd7b80c5229 HTTP Headers GET /js/jquery.mask.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:42 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-1ff9" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	portal.smartrecognition.com/servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=77886668&millis=1701719808845&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2	159.203.118.95	200 OK	117 B
URL GET HTTP/1.1 portal.smartrecognition.com/servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=77886668&millis=1701719808845&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 IP 159.203.118.95:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectai.smartscrpt.com Fingerprint60:1E:96:4A:08:DE:36:22:DA:50:B4:18:F2:BF:52:F4:D3:66:46:FC ValiditySun, 01 Oct 2023 16:24:24 GMT - Sat, 30 Dec 2023 16:24:23 GMT File type ASCII text, with no line terminators Size 117 B (117 bytes) Hash 1bea7abce6603662587b57b5e31b94f6 94f5495d25b795a2a09609cd8b64eb6c866847e7 14bd7fffc1f8e68afb3ca28368cf05f3584445185dfbb2b293ccc43ee2892322 HTTP Headers GET /servlet/view/dynamic/javascript/zone?zid=7632&pid=5143&custom1=funnel&resolution=1280x1024&random=77886668&millis=1701719808845&referrer=https%3A%2F%2Fbenefitexplorers.com%2Findex1%3Foid%3D6%26affid%3D23%26sub1%3D5970852%26sub2%3DA9AOwPRvrNwldxAJ9j8QGuCzn5l%26sub3%3D192403634_b2c9ce5ef6021651336be735f3688bd2 HTTP/1.1 Host: portal.smartrecognition.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Mon, 04 Dec 2023 19:56:43 GMT Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-cache, no-store Pragma: no-cache Expires: Thu, 31 Dec 1998 11:59:59 GMT X-Robots-Tag: none P3P: CP="NOI DSP COR NID" Set-Cookie: AVPUID=09a92af27fc06a02e972b58ced5fea90; Expires=Tue, 03-Dec-2024 19:56:43 GMT; Path=/; Secure; HttpOnly; SameSite=None DNT: 1 Content-Encoding: gzip`

	use.fontawesome.com/releases/v5.2.0/css/all.css	172.64.140.13	200 OK	47 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.2.0/css/all.css IP 172.64.140.13:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type ASCII text, with very long lines (46750) Size 47 kB (46930 bytes) Hash 20a9ce516eaea76da29a23adc43e8998 cf1a3fd771900af34f2af22142beecfb47367548 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984 HTTP Headers `GET /releases/v5.2.0/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:42 GMT content-type: text/css access-control-allow-origin: * cache-control: max-age=31556926 etag: W/"20a9ce516eaea76da29a23adc43e8998" last-modified: Fri, 22 Sep 2023 01:45:26 GMT vary: Origin, Accept-Encoding cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTvX%2FIkPnqW8c4ibNZKOdqIc5U68Fjtj3euiM9vG25BsWcTKcyo5WKT%2F0ZD6Nb2hJ8XiWdZBE1vftA%2FLxj5SqHsLDo4uDK6aNzgF3WLbsuGw6PmtdvSGxWzeTX27WPLjMrEFxNIr"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 83069d3ed820416d-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=b4e85772e4	172.64.204.20	200 OK	103 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=b4e85772e4 IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (65321) Size 103 kB (103173 bytes) Hash edc53d8d44037708e54122b9e30bb2a1 7210b158d88b1e463ba0b08d26835a9fd4e6c57e b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab HTTP Headers `GET /releases/v6.5.1/css/free.min.css?token=b4e85772e4 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:43 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Thu, 30 Nov 2023 17:25:52 GMT etag: W/"edc53d8d44037708e54122b9e30bb2a1" x-amz-server-side-encryption: AES256 cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 2fe8f7f5aca4ab098dc7bad8e97a06dc.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P1 x-amz-cf-id: kWaUgVYuJJqw-JUIfYftzxLMMoP5tgnLDdvzU8dJEg0mH3mBIGzAag== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3lCTetfreDsMFus4%2BKsFN1ls%2BXVnO%2FgH0M%2B5PqlAytqsQIP%2BsjympIJ280AzWOmRa%2B3mxDbzjDZu58OqKxurCrMHhMHLTcsbp5pQFFUK%2BfhOAjYRkY%2FojwsBvTLLoj%2B%2FaqBsCIFPA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 83069d426cfa6359-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtm.js?id=GTM-5F9SL9D	216.58.207.200	200 OK	260 kB
URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-5F9SL9D IP 216.58.207.200:443 ASN #15169 GOOGLE Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (7426) Size 260 kB (260329 bytes) Hash 22f1db7a178778249d0c482d47010121 2f428b2c2d993cf5b94e7203135e008783aa671a b50a0badf517c2817d3e4e8a3c49418690970cc60576d4fe73158b69cc9db219 HTTP Headers `GET /gtm.js?id=GTM-5F9SL9D HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 04 Dec 2023 19:56:43 GMT expires: Mon, 04 Dec 2023 19:56:43 GMT cache-control: private, max-age=900 last-modified: Mon, 04 Dec 2023 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 90315 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz	143.204.48.96	200 OK	1.8 kB
URL GET HTTP/2 cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz IP 143.204.48.96:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subject.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (1856), with no line terminators Size 1.8 kB (1821 bytes) Hash 73b022824f1e381f977f351c9313a18a b337bbe2e99a92cae2c16ded7455dec129193f30 feed6f03b0d7a38d9c16b05613747179ae30d7a1d1944d5cc50594e506749e1a HTTP Headers GET /next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz HTTP/1.1 Host: cdn.segment.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/javascript content-length: 778 access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 last-modified: Wed, 18 Oct 2023 10:36:34 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: UuFy3klCSY1Iug3r2wasmsc51RZpY.yN accept-ranges: bytes server: AmazonS3 date: Mon, 04 Dec 2023 02:45:37 GMT etag: "3f0dbc48d4537cdf84414eec13b0164c" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: LVEykgfVM8eylhnGViWtG-woxn6plKu7dXkXZv-GN41sfd0cBn3kGQ== age: 61909 X-Firefox-Spdy: h2

	use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2	172.64.140.13	200 OK	62 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2 IP 172.64.140.13:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 62472, version 1.0\012- data Size 62 kB (62472 bytes) Hash b75b4bfe0d58faeced5006c785eaae23 92da6e3c7121e21cdfde25ef08797a3937a683e1 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f HTTP Headers GET /releases/v5.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://use.fontawesome.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:43 GMT content-type: font/woff2 content-length: 62472 access-control-allow-origin: * cache-control: max-age=31556926 etag: "b75b4bfe0d58faeced5006c785eaae23" last-modified: Fri, 22 Sep 2023 01:45:27 GMT vary: Origin, Accept-Encoding cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qe4FSjcqTfmq38On9CnaG2L6X6qtp7o7M1glIoe7SYYp%2FIJ5tx0ayzk%2FbiC8S5Ac4RIu3aSRLrmYubvheihXD74isIu3Ovi%2FlVNPvSpWaK%2BuDbnVaB5AkPCx1LKoXBG5nbJIO7Jx"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 83069d459d07416d-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2	139.144.22.37	200 OK	15 kB
URL User Request GET HTTP/2 benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 IP 139.144.22.37:443 ASN #0 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type Size 15 kB (15135 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Mon, 04 Dec 2023 19:56:42 GMT set-cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:42 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:42 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	api.routingapi.com/api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda	54.81.210.46	200 OK	0 B
URL OPTIONS HTTP/2 api.routingapi.com/api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda IP 54.81.210.46:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectapi.routingapi.com Fingerprint9F:86:0F:B4:7C:E2:74:4C:8C:44:F0:AF:AA:93:70:BE:B3:80:41:22 ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 13 Mar 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda HTTP/1.1 Host: api.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:44 GMT content-type: text/plain status: 200 OK cache-control: no-cache access-control-allow-origin: https://benefitexplorers.com strict-transport-security: max-age=63072000; includeSubDomains access-control-max-age: 1728000 x-request-id: d96449af-f821-4cb1-924f-00f1f36742a8 access-control-allow-credentials: true access-control-allow-headers: content-type access-control-allow-methods: GET, POST, OPTIONS x-runtime: 0.000672 x-powered-by: Phusion Passenger(R) Enterprise 6.0.17 server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17 X-Firefox-Spdy: h2

	benefitexplorers.com/conditionals/check_conditionals	139.144.22.37	200 OK	17 B
URL POST HTTP/2 benefitexplorers.com/conditionals/check_conditionals IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type HTML document, ASCII text, with no line terminators Size 17 B (17 bytes) Hash 977fd571d75951006fee6224e29eecc7 6829def5ec06d211fa90fe69a58213ae901f3ee4 7ded34952def889b456ecda41ebaf8f579c14c4635e3e25f068220ea8d24c04f HTTP Headers POST /conditionals/check_conditionals HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRF-TOKEN: Yt6Af5qtGNkuo2rkCeHaM7wfPfsDFlAEsQ0bWeUI X-Requested-With: XMLHttpRequest Content-Length: 17 Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IjVtT0tqR1VpY2krTjZ2MFB1K05XNXc9PSIsInZhbHVlIjoia3JQVm9nVm5TK2dncFZ0Y1N4UkZSbkZVR29obGRpTkt6Yjh1M0EvSGtoQWs2cTRLK0dCajI0LytIWHJ5ZC9vRGJjVVBkUituZzFST05QQ0FHZU9jRWlhMjJnMkFLMEZzVnFkdlRWbTI1OFFQRkpuSDNwOWZlVTJnako0dndodnIiLCJtYWMiOiJlYjlmOGI1NmM4NDQ3YjUyYmRlMDM2NzFiM2M1OTBkOGMyYmMzZTFlMjRjMzM1NjhmNWZkZjAyY2EzMzMyOGNjIiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6InJyb0g5Z2x0NEZZYnhwT3FzMXY5Mmc9PSIsInZhbHVlIjoiQmFvNzRqQysrUUtmVnJPTU9XWmpzeE8vYXUrSjlPTHdFN1JhdXE5bkhHczNtK2c5N0NQRlpYNlNNb3hNN0g2bkNuak5jZnByK0ZablhOSC9iV0F6Uk1VNnRKY3Y0VEdKM25LUFFIZDM3UklxdVlPbGJCOFY4bFMra3ZQWDZDenMiLCJtYWMiOiI3ZGExZTg4MTk2NDljZDRhZTMzNjk4YWQ1N2RhOTJlMGQ0OTYzYTZmMzI4N2UzYTdiNDhhNGEzOGFlM2FmZDE0IiwidGFnIjoiIn0%3D; _ga_079T7NVZRZ=GS1.1.1701719809.1.0.1701719809.0.0.0; _ga=GA1.1.694419822.1701719810; CallPixels-ou=aHR0cHM6Ly9iZW5lZml0ZXhwbG9yZXJzLmNvbS9pbmRleDE/b2lkPTYmYWZmaWQ9MjMmc3ViMT01OTcwODUyJnN1YjI9QTlBT3dQUnZyTndsZHhBSjlqOFFHdUN6bjVsJnN1YjM9MTkyNDAzNjM0X2IyYzljZTVlZjYwMjE2NTEzMzZiZTczNWYzNjg4YmQy; _gcl_au=1.1.2064440454.1701719810 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Mon, 04 Dec 2023 19:56:44 GMT set-cookie: XSRF-TOKEN=eyJpdiI6ImhqSEhrTzhVVGRDZkUvUE1DM09rTFE9PSIsInZhbHVlIjoiV2taNVV6R1VBYVhVQldWSnpOaklxTlpsYUYvd1ZPYzZaSVAyM2N5czVJd2pUeUZNZUlBS2NPK2JhclV5NDI5ZTdhNHRvYlRjSnpQSzg4eWFpMVVTRVhsRldhUDRFNG1QRk45ZFo3QlYxeGhwS0RjYlFtRFY2eGxyaWF3NTVtWXEiLCJtYWMiOiI3ZDU2MjkzMDkzODIxMTNkZmY4ZDhjNmI2YWM2NDM4OGI5NGNhOTZiMzU5MmY3MGJkNTEwNGFiMTM1MTZmNGM5IiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:44 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6InBTMnMvT09QcEFNZWxkclZ2QWJ1aWc9PSIsInZhbHVlIjoiU21zRnZPVVpOakZ1cVVGVmIrV2xDVkZQQWUwZFZtbEgvMEJSTUN1QWZWSS93Q2lJYlhWa3lzVldzaHY3NlJsc1lUTTYyWWdJdm1GMmhJMmNFSlRDOXl3MXFtSGpyajREWG9STXkxNEVaRStWNFFMTWJha3lxcDRDUXUxSmxJdGkiLCJtYWMiOiJkZTMyZmU5NTEzZmU5ZjcxODA2ODJjZmE0M2M2OTRlYzM5ZGZlZDlkMzk1ZjY5MDliYjU4MmJmYWY5N2QyMjU1IiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:44 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	bat.bing.com/p/action/295007516.js	13.107.21.200	200 OK	3.7 kB
URL GET HTTP/2 bat.bing.com/p/action/295007516.js IP 13.107.21.200:443 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerMicrosoft Corporation Subjectwww.bing.com FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT File type ASCII text, with very long lines (3889), with no line terminators Size 3.7 kB (3731 bytes) Hash 97f40f5324a6a3228ecaa012c74c89f7 b14743b00e051da403be36c43931e6396651cfa6 12f817fe1d0533f233c1a426feef77970acd950fab719e177263f263a75c2b9d HTTP Headers `GET /p/action/295007516.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK cache-control: private,max-age=60 content-type: application/javascript; charset=utf-8 content-encoding: br vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 1209DAE7430D457F8F395C3B442CB079 Ref B: OSL30EDGE0306 Ref C: 2023-12-04T19:56:45Z date: Mon, 04 Dec 2023 19:56:44 GMT X-Firefox-Spdy: h2

	cdn.segment.com/v1/projects/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/settings	143.204.48.96	200 OK	621 B
URL GET HTTP/2 cdn.segment.com/v1/projects/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/settings IP 143.204.48.96:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subject.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT File type troff or preprocessor input, ASCII text, with very long lines (687), with no line terminators Size 621 B (621 bytes) Hash fc2895d63e2d2536b0f949bf0a6be185 0f638cd2cd09d8607436782a83f627b592662cef 2c419c18a35947feebc51d8efc342719ee7b2e55000ed36678f74446cc99e4f3 HTTP Headers `GET /v1/projects/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/settings HTTP/1.1 Host: cdn.segment.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/json; charset=utf-8 content-length: 621 date: Mon, 04 Dec 2023 17:05:01 GMT access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 x-amz-replication-status: COMPLETED last-modified: Sat, 13 May 2023 09:10:07 GMT etag: "3d675ac8ce455f3beb6144200a6974d8" x-amz-server-side-encryption: AES256 cache-control: public, max-age=10800 x-amz-version-id: WTlcMrhaZ01.Ys27e3dwdQK2S9nc4_sr accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: cpIJ6nMEDrMcklHWiG6-xer2IB6spv8OhRaLsQ2hDD7B3amtBtf-Cg== age: 10304 X-Firefox-Spdy: h2

	benefitexplorers.com/files/images/benefitexplorers_logo.svg	139.144.22.37	200 OK	13 kB
URL GET HTTP/2 benefitexplorers.com/files/images/benefitexplorers_logo.svg IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1134) Size 13 kB (12920 bytes) Hash a0c63271a0064a5178043f5c3f17c0ef 566a4ade085bebca4515ea127aa5e8899d98959d 064923611eff461e0cab532994b51ee02fc07d06b4564fd316deb4590732d589 HTTP Headers GET /files/images/benefitexplorers_logo.svg HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:42 GMT content-type: image/svg+xml last-modified: Mon, 31 Jul 2023 14:12:24 GMT vary: Accept-Encoding etag: W/"64c7c148-3278" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=b4e85772e4	172.64.204.20	200 OK	823 B
URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=b4e85772e4 IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (845), with no line terminators Size 823 B (823 bytes) Hash e6d3783736d2fad2b606057fbb27accf 42a95cbe55b5192414282a64e5f0a106ebd0cfcd 428e4fa90d3cad30b14fe0c63a3a23e6487de4dad755477a33a385844e5a91a7 HTTP Headers `GET /releases/v6.5.1/css/free-v5-font-face.min.css?token=b4e85772e4 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://benefitexplorers.com/ Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:43 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Thu, 30 Nov 2023 17:25:51 GMT etag: W/"496965a55b1faa4d5c41073ef276afc0" x-amz-server-side-encryption: AES256 cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token x-cache: Hit from cloudfront via: 1.1 59970c86d3717db509a968eaad0da4de.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P1 x-amz-cf-id: NJdy-7Fu-sAGCy_0SgWj56yH19iZNKPGXZek_vcaf5HCLi-CAm9Dnw== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REvz2Vz6H2U15140%2BgpNouJBnFvb9JWBQdUp2Z48X1PdP8JpGLkAq%2Bgn314ZM4%2BcYomUojk%2BQqJrOe%2FMr4PWGU0Faie2HQSlHJpTUZY04%2FDajaWI%2FmrC%2Bn%2BUB2u7D%2BOO%2FmjM5xsCyA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83069d427d266359-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.segment.com/analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js	143.204.48.96	200 OK	110 kB
URL GET HTTP/2 cdn.segment.com/analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js IP 143.204.48.96:443 ASN #16509 AMAZON-02 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subject.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 110 kB (110023 bytes) Hash 90265cee616c9b13cde8989d3d1d12b5 f5c9946e8be90529a4d3a9da1b4b82468e40bc83 54289820dfeed3f55df09c57a8abf0c2504be528886dec36dc0221da26a34b19 HTTP Headers `GET /analytics.js/v1/zO0I4QUkDIsCGjDQ0P9DaNXJcXR5BPDw/analytics.min.js HTTP/1.1 Host: cdn.segment.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript; charset=utf-8 access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 x-amz-replication-status: COMPLETED last-modified: Fri, 01 Dec 2023 02:46:54 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: hYMz_YvtsImJKbvi11cS1g7cL0VvFXVD server: AmazonS3 content-encoding: br date: Mon, 04 Dec 2023 19:56:44 GMT cache-control: public, max-age=120 etag: W/"90265cee616c9b13cde8989d3d1d12b5" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: uKVWCfCekTTGqYQuGW7fJwkawo4R1_e1iSEkz5PMq4zkLsCRU89-WA== X-Firefox-Spdy: h2

	api.routingapi.com/api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda	54.81.210.46	200 OK	1.6 kB
URL POST HTTP/2 api.routingapi.com/api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda IP 54.81.210.46:443 ASN #14618 AMAZON-AES Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerAmazon Subjectapi.routingapi.com Fingerprint9F:86:0F:B4:7C:E2:74:4C:8C:44:F0:AF:AA:93:70:BE:B3:80:41:22 ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 13 Mar 2024 23:59:59 GMT File type troff or preprocessor input, ASCII text, with very long lines (1779), with no line terminators Size 1.6 kB (1567 bytes) Hash e809f6c721843bd7a272c4dca2eb5289 c5d9c96eda69292fd73f93af72c100942221cea4 3d5981bdae6d0303238de4ee2b761dc6280b4a5a95fe741f34540ea0b974c584 HTTP Headers POST /api/v1/numbers?&campaign_key=51af4552739b0d90c8d1375919934cda HTTP/1.1 Host: api.routingapi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 208 Origin: https://benefitexplorers.com DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Mon, 04 Dec 2023 19:56:44 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate access-control-allow-origin: https://benefitexplorers.com vary: Origin strict-transport-security: max-age=63072000; includeSubDomains referrer-policy: strict-origin-when-cross-origin x-permitted-cross-domain-policies: none x-xss-protection: 0 access-control-max-age: 1728000 x-request-id: d1ed9a88-4255-47b2-83d8-319082708ede access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS x-download-options: noopen etag: W/"0b479bada4d511d68d102b932591f288" x-frame-options: ALLOWALL x-runtime: 0.140997 x-content-type-options: nosniff set-cookie: CallPixels-vid=b94c0899eafcab2389042216e6b9a8c4; path=/; SameSite=Lax x-powered-by: Phusion Passenger(R) Enterprise 6.0.17 server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17 X-Firefox-Spdy: h2

	benefitexplorers.com/js/jquery-3.4.1.min.js	139.144.22.37	200 OK	88 kB
URL GET HTTP/2 benefitexplorers.com/js/jquery-3.4.1.min.js IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type ASCII text, with very long lines (65451) Size 88 kB (88145 bytes) Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a HTTP Headers GET /js/jquery-3.4.1.min.js HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6IkVzWjAzRjZsRktGYjJOT2ZEK2grZUE9PSIsInZhbHVlIjoiMGJPSEIya2pScEphSWltNHRIRWVEMU5JRm5RWGM5dTU4SVg0OHB4OVJncGhXeUthK1JHZFcrQmJlNjlDOU9oNGRuWHZWcTZOWjMxQW15R2R5L29VYjR3WUMzT1NxcGFnT0hOVlczM0tKbjFsNFU0Q1llaXVjdmJrZFhxZ0tXejMiLCJtYWMiOiJhODU0YTVjNTI4MmRhYmZjOGFlMzMxODdlNmQzNWMyODZmNzgxOTZhZDM4NjdmODdmZDkxMWU4NGMwMGQzNTU0IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6Ik9RNjdXU1JkTi9FUVlGK3FkaGhyZkE9PSIsInZhbHVlIjoiVUlwWHQrcHdCQWU2Ukk4anQrY3BVNTA5RTQvZ1IvaWtaYjZyVUJWdmwyY1Q2SFVyL0s5b0w0SG5nbXRrVC9FWGVLNm84RC9oTlJXVkZ6TXlEeTNxdml0MlZld1ZtY2F5NEVnMTBHQ0ZwdDNBdnRiUHJDb1pIYksydUhha2o4UWMiLCJtYWMiOiIzMTliY2E5OWQzZmEwNDQ2ZDI2NGM2MzQ0OGM0YWMxMzk2OTM5YzYxYzM4MWYxNmY3NmQ4MWMwMGE2NDJiNTNjIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Mon, 04 Dec 2023 19:56:42 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 26 Jul 2023 13:20:26 GMT vary: Accept-Encoding etag: W/"64c11d9a-15851" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	benefitexplorers.com/path/23/step/1	139.144.22.37	200 OK	9.4 kB
URL GET HTTP/2 benefitexplorers.com/path/23/step/1 IP 139.144.22.37:443 ASN #0 Requested by https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Certificate IssuerLet's Encrypt Subjectbenefitexplorers.com Fingerprint72:9F:21:B9:07:E3:E9:72:8D:2F:38:54:6F:C9:28:D7:F4:5E:56:EF ValidityWed, 11 Oct 2023 18:47:17 GMT - Tue, 09 Jan 2024 18:47:16 GMT File type HTML document text\012- exported SGML document, ASCII text, with very long lines (10058), with no line terminators Size 9.4 kB (9424 bytes) Hash 6ee6820924e78c45adf027e0b63e8556 f9faf12d8452429ea99f5be2a2463877d09a94a9 c5d8cff3ff1740314455101c8fa222e4412ffff6eaaa1b423e375f0c899f6491 HTTP Headers GET /path/23/step/1 HTTP/1.1 Host: benefitexplorers.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-TOKEN: Yt6Af5qtGNkuo2rkCeHaM7wfPfsDFlAEsQ0bWeUI X-Requested-With: XMLHttpRequest DNT: 1 Connection: keep-alive Referer: https://benefitexplorers.com/index1?oid=6&affid=23&sub1=5970852&sub2=A9AOwPRvrNwldxAJ9j8QGuCzn5l&sub3=192403634_b2c9ce5ef6021651336be735f3688bd2 Cookie: XSRF-TOKEN=eyJpdiI6Ikw4QVBmd1lxYWFna3NSQnFKdXlneEE9PSIsInZhbHVlIjoiZEZKYzB6ZE03dlV1Qi9TYloyc1FUNC9yYUdiQnk3RFdlU0UxMWxHYnN3dmJsLy9Bb3BreDZ0NUdQalVKeksxTlNlNkhVMjBMcDZSVGZMSjEzcnhBdGlQemhUemN2YlZYU3BIeWhvQXdsZmxWVzg5UkcxVVVxVTJ6K1VIdWVsbDEiLCJtYWMiOiI3YWMwN2UzYjU2YjgzNWRkYzY3MGJkM2Q5Yzc4ZDM4MmZmZDZiNGI1ZjU0Yzk1ZjFjZjAyMmZmYTZhZjNkMDk4IiwidGFnIjoiIn0%3D; coreg_software_session=eyJpdiI6IkhyOUxVOG40YXJzTXFTT2tSSUM2L3c9PSIsInZhbHVlIjoicG5jV0IxQWp1bWJNRktEZXpuMVU2YkNpbloyV3lxMmJzai9EbjNaUm9KR2V5V3h1YldUeDJjb0txUHF1SThxbmpIMmM4cnZ1LzlwYVpXTjVMc2tNOHIydmRGMDczQVFIZlJGT1dzcXlXb3R1dm5HZmhwY003STRnbFVETXJ3YVQiLCJtYWMiOiIyNDM3MTJmYjFkNTZiNTVlMDU5Yzg2YWZiMTFkNTRkNjhlY2Q0OTE0NWFhNWZjZWIzMTlhODllM2RkOWRiNDQyIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Mon, 04 Dec 2023 19:56:44 GMT set-cookie: XSRF-TOKEN=eyJpdiI6IjVtT0tqR1VpY2krTjZ2MFB1K05XNXc9PSIsInZhbHVlIjoia3JQVm9nVm5TK2dncFZ0Y1N4UkZSbkZVR29obGRpTkt6Yjh1M0EvSGtoQWs2cTRLK0dCajI0LytIWHJ5ZC9vRGJjVVBkUituZzFST05QQ0FHZU9jRWlhMjJnMkFLMEZzVnFkdlRWbTI1OFFQRkpuSDNwOWZlVTJnako0dndodnIiLCJtYWMiOiJlYjlmOGI1NmM4NDQ3YjUyYmRlMDM2NzFiM2M1OTBkOGMyYmMzZTFlMjRjMzM1NjhmNWZkZjAyY2EzMzMyOGNjIiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:44 GMT; Max-Age=7200; path=/ coreg_software_session=eyJpdiI6InJyb0g5Z2x0NEZZYnhwT3FzMXY5Mmc9PSIsInZhbHVlIjoiQmFvNzRqQysrUUtmVnJPTU9XWmpzeE8vYXUrSjlPTHdFN1JhdXE5bkhHczNtK2c5N0NQRlpYNlNNb3hNN0g2bkNuak5jZnByK0ZablhOSC9iV0F6Uk1VNnRKY3Y0VEdKM25LUFFIZDM3UklxdVlPbGJCOFY4bFMra3ZQWDZDenMiLCJtYWMiOiI3ZGExZTg4MTk2NDljZDRhZTMzNjk4YWQ1N2RhOTJlMGQ0OTYzYTZmMzI4N2UzYTdiNDhhNGEzOGFlM2FmZDE0IiwidGFnIjoiIn0%3D; expires=Mon, 04 Dec 2023 21:56:44 GMT; Max-Age=7200; path=/; httponly x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations