urlscan.io logo urlscan.io
SecurityTrails logo

www.benefits.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://benefits.com/reviewyourstatement
Effective URL: https://www.benefits.com/reviewyourstatement
Submission: On October 20 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 21 domains to perform 66 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.benefits.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 1st 2022. Valid for: a year.
This is the only time www.benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
15 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 104.131.114.152 14061 (DIGITALOC...)
1 151.101.65.131 54113 (FASTLY)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 13.32.121.113 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.138.17.124 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.65.39.42 16509 (AMAZON-02)
2 104.20.229.67 13335 (CLOUDFLAR...)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:223... 16509 (AMAZON-02)
1 172.217.23.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 52.22.102.144 14618 (AMAZON-AES)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 35.227.225.220 15169 (GOOGLE)
66 26
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
benefits.com
15    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.benefits.com
5    2a06:98c1:3122:e000::c (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    104.131.114.152 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: proxy-6.nyc3.aquaplatform.com
servedby.aqua-adserver.com
1    151.101.65.131 (United States)

ASN54113 (FASTLY, US)
ba3068fe3e2142d68354c198d575728a.js.ubembed.com
9    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    13.32.121.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-113.fra60.r.cloudfront.net
cdn.callrail.com
1    2600:9000:223c:e00:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.customer.io
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.138.17.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-124.fra56.r.cloudfront.net
assets.ubembed.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.65.39.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-42.ams1.r.cloudfront.net
static.hotjar.com
2    104.20.229.67 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:223e:4400:19:6119:81c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
pixel.ampry.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    52.22.102.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-102-144.compute-1.amazonaws.com
renderer.ampry.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    35.227.225.220 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com
track.customer.io
Apex Domain
Subdomains		 Transfer
16 benefits.com
benefits.com
www.benefits.com
70 KB
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 473
p.typekit.net — Cisco Umbrella Rank: 601
240 KB
5 ampry.com
pixel.ampry.com — Cisco Umbrella Rank: 195219
renderer.ampry.com — Cisco Umbrella Rank: 168586
23 KB
5 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720
132 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 379
12 KB
2 gstatic.com
fonts.gstatic.com
37 KB
2 google.nl
www.google.nl — Cisco Umbrella Rank: 8898
565 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
565 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 13039
c.statcounter.com — Cisco Umbrella Rank: 8477
15 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
117 KB
2 customer.io
assets.customer.io — Cisco Umbrella Rank: 15129
track.customer.io — Cisco Umbrella Rank: 12731
3 KB
2 ubembed.com
ba3068fe3e2142d68354c198d575728a.js.ubembed.com
assets.ubembed.com — Cisco Umbrella Rank: 9765
49 KB
2 aqua-adserver.com
servedby.aqua-adserver.com — Cisco Umbrella Rank: 408009
14 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 131
15 KB
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
431 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1140
47 KB
1 callrail.com
cdn.callrail.com — Cisco Umbrella Rank: 8648
397 B
66 21
Domain Requested by
15 www.benefits.com www.benefits.com
9 use.typekit.net www.benefits.com
5 maxcdn.bootstrapcdn.com www.benefits.com
maxcdn.bootstrapcdn.com
4 renderer.ampry.com pixel.ampry.com
3 bat.bing.com www.benefits.com
bat.bing.com
2 fonts.gstatic.com www.benefits.com
2 www.google.nl www.benefits.com
2 www.google.com www.benefits.com
2 www.facebook.com www.benefits.com
2 connect.facebook.net www.benefits.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.benefits.com
www.googletagmanager.com
2 servedby.aqua-adserver.com www.benefits.com
servedby.aqua-adserver.com
1 track.customer.io
1 p.typekit.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 c.statcounter.com www.statcounter.com
1 pixel.ampry.com www.benefits.com
1 www.statcounter.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 assets.ubembed.com ba3068fe3e2142d68354c198d575728a.js.ubembed.com
1 assets.customer.io www.benefits.com
1 cdn.callrail.com www.benefits.com
1 ba3068fe3e2142d68354c198d575728a.js.ubembed.com www.benefits.com
1 benefits.com 1 redirects
66 28

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
benefits.com
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
servedby.aqua-adserver.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-16 -
2022-11-27		 a year crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-10-09 -
2023-11-10		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
swappy.callrail.com
Amazon		 2022-08-10 -
2023-09-08		 a year crt.sh
*.customer.io
Amazon		 2021-12-20 -
2023-01-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
assets.ubembed.com
Amazon		 2022-02-04 -
2023-03-05		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-06 -
2022-12-06		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-29 -
2022-10-27		 3 months crt.sh
*.ampry.com
Amazon		 2022-03-21 -
2023-04-19		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
ampry.com
Amazon		 2022-04-05 -
2023-05-04		 a year crt.sh
api.customer.io
GTS CA 1D4		 2022-09-19 -
2022-12-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.benefits.com/reviewyourstatement
Frame ID: BFB91C9B7BB9681C41852DB07DCF3BB8
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page URL History Show full URLs

  1. http://benefits.com/reviewyourstatement HTTP 301
    https://www.benefits.com/reviewyourstatement Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

67 %
IPv6

21
Domains

28
Subdomains

26
IPs

4
Countries

909 kB
Transfer

2146 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://benefits.com/reviewyourstatement HTTP 301
    https://www.benefits.com/reviewyourstatement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request reviewyourstatement
www.benefits.com/
Redirect Chain
  • http://benefits.com/reviewyourstatement
  • https://www.benefits.com/reviewyourstatement
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
0f4f802e0f1ab6c057e0f3acaccdae0551f65f9656cd72870b4d4096367b44cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
75d2a53a6ae6bf3d-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 15:04:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5snvk3gyjwnG4WcWofti07KIEMGQ%2FmxP%2BNLkxSylWla3E0tUwTh3XtU%2FxqDSdYZFMk5TdgudN8h8gOvU11xknLCujtBFfANNMGj9U73Zfogloc8K6eL93OXJElHwki0bqj0pHndtA4ftBnHK%2FBm"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
75d2a5374d895bf1-FRA
Connection
keep-alive
Content-Type
text/html
Date
Thu, 20 Oct 2022 15:04:20 GMT
Location
https://www.benefits.com/reviewyourstatement
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzDAHLMfLsFN%2FZLjeYdP73qYOqrNThiwXYOBAOacwxEIJ4NA%2BYsSzN9iEWFc6qShLE0BeXsWss4x3Bq%2FsIkJRylgpgrpdgQFOkzLnWd%2Bn4oPq0OtMwrWRqHHSuj3PguW73NskCVHqicLM3Y%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
www.benefits.com/static/css/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/css/style.css
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774948ce22ec4254e77f583ab7e0a85d233bf2f21d99f04c2c772b53e4cb7229

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 28 Oct 2021 18:05:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"617ae654-90ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SPXrfvMlxidvNHP0jrQK0Oc%2B8PreyUS12qo%2BXAAd7wIJd87l%2BLE2%2BUa0TosjqFL9RXlbNtQc9MCPkQ8y%2BKAluDpZirZcNN2bsLYihdvAHgBwuuwI1eOZn916ADbOO%2BJGsmCzBmDpAZvud4zMaL1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
75d2a540b866bf3d-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3122:e000::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617, 617
age
6602331
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f3a3007506374a305b1a96efe5ee1490
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
75d2a54198057278-HAM
cdn-requestpullsuccess
True
master-addon.css
www.benefits.com/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/assets/css/master-addon.css?id=25356015aabd1022c732
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1572b9ac496cb77275ca8f629d4b91109ddae943626638b5caea91ee846c1f0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 01 Feb 2022 22:59:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61f9bb6e-173d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFvegNN9eQycqPdUzriHCtv0fk7wE2HhI49Sw6AzGYDVlWzyEUoJyThkekXIHLVwxGzYKrCJ8ztTjtuTFRbYfxL%2B3Wn4lRByoeLB5s999eq2%2FB9amatCpYWObwbU8FGx8PKNR%2BakHhYiaA1izQtq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
75d2a540b867bf3d-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3122:e000::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723, 617, 617, 617
age
15590960
cdn-cachedat
2021-04-23 06:14:04
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a3c1af6d63b01e5e25db9674cea5e8c4
timing-allow-origin
*
cdn-requestcountrycode
DE
cf-ray
75d2a541980d7278-HAM
cdn-requestpullsuccess
True
spcjs.php
servedby.aqua-adserver.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.aqua-adserver.com/spcjs.php?id=938&target=_blank
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.131.114.152 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
proxy-6.nyc3.aquaplatform.com
Software
nginx/1.19.8 /
Resource Hash
4f58654ee72624aa09d591050830d8d6a35ba4f1ca8273ac8374ae50a3bddd7d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 20 Oct 2022 15:04:22 GMT
content-type
application/x-javascript
server
nginx/1.19.8
expires
Fri, 21 Oct 2022 15:04:22 +0000
jquery-2.1.4.min.js
www.benefits.com/static/js/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/js/jquery-2.1.4.min.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 May 2018 00:51:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5aebaea9-14979"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdKcJhqz3wO5DiKRyK2MBbQWG4ur5lfH8qFvh2dA%2BRFfYnfG1s%2FtMu44vFd1z1Fobyr5p50UK%2FCIS3FkQ4jIhE1JuM8V8H%2F1D1nZBRroQEDD5S5%2FqkTuX5%2FVTeqd2qp3oyfo84T0v2cvv1mx80pp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75d2a540b869bf3d-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.sticky-kit.min.js
www.benefits.com/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/js/jquery.sticky-kit.min.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 May 2018 00:51:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5aebaea9-aee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0b4aXZxyVY7h05%2BUgf%2FSVMUVhbRDB9dmzga3XjacEKhyN2Sa2fGQ91QKamhARAhoLcWx4dIE2PjvhNCAooTuRoITb%2BViAq7OFarcIV5uEIlvIXn3Wm6pNFO2ypFSkn03TGEbu%2FUqvlVF5PkGdIJZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75d2a540b86abf3d-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.validate.min.js
www.benefits.com/static/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/js/jquery.validate.min.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 May 2018 00:51:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5aebaea9-5262"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilt6v3YNv%2F4GS4Fj%2Fme0N%2Fasp3FzHNV0Aoax7Bg8tKP3huJn%2F6TZb%2BZJs6ZCTyvpWhUBCU4hoXnuF30u7oWULzN1mahq%2BtnW3exuLlVGW1ZIORLA%2F3nqJUQMEwljqKrWufLUHKKqbjbE2zzcw0UC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75d2a540b86ebf3d-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
additional-methods.min.js
www.benefits.com/static/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/js/additional-methods.min.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b9a658314baccfef5f3b1d279571f0c1dbe62e6f71735828dd7606e426ba798

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 May 2018 00:51:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5aebaea9-433a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKRtu1M9WK%2BGsyKwoNCvdSr3r4dP%2B4%2FJFvuqxcodeW9As4B9Ea3DeDeKxODhqBBLbKULAyptzC3r8mRevdnDXeEZ5ie%2FjI6I2DKqbUQxx0hmFl4%2Bw8BNhhVEpKRBt2tHEqsETVprD4rUpv57IdGF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75d2a540b870bf3d-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ba3068fe3e2142d68354c198d575728a.js.ubembed.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba3068fe3e2142d68354c198d575728a.js.ubembed.com/
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
45eed02c505440ede29e3aa6f2eb31c9eaace20197fa463f187a50686207672b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
content-encoding
br
x-backend-region
eu_west_1
x-amz-cf-pop
AMS1-P1
age
3251
etag
W/64dc62eb24614169cdfad2f28ec332bb-v0.179.2
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
accept-ranges
none
x-amz-apigw-id
aTp-tEYtDoEF2qQ=
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3122:e000::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722, 617, 617
age
15590955
cdn-cachedat
2021-04-23 05:50:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
80af5e87bae6914b1fa8b0808f091872
timing-allow-origin
*
cdn-requestcountrycode
DE
cf-ray
75d2a54198187278-HAM
cdn-requestpullsuccess
True
logo-top.svg
www.benefits.com/static/images/home/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/logo-top.svg
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25a09d4e27b3e0d46bae6963b853598399dfc591e2a1644218b13b622ad0197

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 17 Sep 2020 00:37:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f62afc4-1638"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MP8KGvSljYVJsFaPdwpXm%2BodvgLRn8MbVFPjsIjgSoknuEaF6qQalv4Mm5UJ8o2KzlIcDnDJv7168wSBep%2B9eeIceGKFIzqSdH3o%2FTE9X%2F11sa5PMXY8gsYU2RUbBVefxEMQiaYLtIyRh6U0uNSJ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
75d2a546f87d9a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookie-consent.css
www.benefits.com/static/css/partials/ 		1 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/css/partials/cookie-consent.css
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f5c054634b10543601c09d88abd939904b898419f16973ecc3536ce2b7095b2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 21 Dec 2021 23:56:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61c26993-5d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gvtq8cr%2BmIHlsbtGCOqD7w96dEp4%2F3MkLmo%2FuOdkf3Jy4KKU5AFQluSZODkT8zeBZqhopLJByf8RtMorQmcHALTXj%2FxZyTiacYoBg%2F9o2kxeF0SK73Id45Pz4iNekoV2IxPFMoy%2BVATEXegJFid"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
75d2a545be119a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.svg
www.benefits.com/static/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/logo.svg
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d6490ee1a555820fa2605ff17757f6c4dcb9f2e0ef37e3df8124edda1a19a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 17 Sep 2020 00:37:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f62afc4-162d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHQueMRb8PyRVxOZA7wB0rDP%2BJGhTv141N%2FP74OPRDWuXXmSFxPsgpgna53OiIKL4yNRdvTFBpC%2FWqE%2F%2BhmeFD8IJJEeeB2whvpPiM0p8OQpTkiefOcjnYXgYuNt%2Bxv8T7YJ0Lv1YU5KKQ8V9OSs"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
75d2a546f8819a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
email-decode.min.js
www.benefits.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 13:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634571bd-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0Xb9XR7000PkgEXITJOGG6U3cwAuxDrqucU27j%2FH%2F3eU5g8clh9KG3fcqPOwBAASb4%2Bi3Y%2B1S8qjlRBDT7vR8tb90pbQ2ibhhQuDBIsjcNzEsIo0O3xuBh10UGq20wFq7BUWmS4Br25Tl7vZb9C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
75d2a546d8509a23-FRA
expires
Sat, 22 Oct 2022 15:04:22 GMT
layout.js
www.benefits.com/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/js/layout.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1ac68c7d20ae793b88b3cd4962e796894351e50f6a5f811fa6820225e4c1ecd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 28 Oct 2021 18:05:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"617ae654-c77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzv%2FmxdZZE8Ns%2FkW7CKNPEpYvEpf1aTS288pctQ5UL2R79zy3AjLaYgwiBIJGnnJDs9dNBLcrrawKUP%2B5mtcaO%2FcbdZk%2BrswfiPSl%2Bb2NvjTqpYnGPpyjPSkoyJpX5MB4KY49OWrv65QAd%2FKT0Un"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75d2a546f8729a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
inline-ad-units.js
www.benefits.com/static/js/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/js/inline-ad-units.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f5f1866cd3a83dee11524e61f610e91537d43a6ddcd568838ad711c7053933

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 21 Sep 2021 18:34:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"614a25a8-493"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GV2yKI%2B8WA18prUdMT2wECeu9iMjNUgFPWbVcEcqd5yn%2B4QzpBwkDkeEK4pQYvqkbmwtx4WpI8ZcH8fGr2YuOiTync5OaKVOMMBvDQjXrMZS0FiVK6594y5xa95bCmZjFWhGsaYEy%2FmImppGKY8O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75d2a546f8769a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collapsible.js
www.benefits.com/static/js/ 		635 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/js/collapsible.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93e8e78c84a558164e890487bc70a055fca12318e4681dce30a83c8c18bea1f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 01 Feb 2022 22:59:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61f9bb6e-27b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Os7s1PgHWU2jjcebwhmEV47QRlfmQWIS6Pj3Xi2A84G4BzF%2FEtCd6d99lD84eAHA2xX28saLANks5ZY%2BY27TJUjPnPaXKVNg7h%2FZeJuU%2B6IUSXQ3FJ%2Fz%2F%2BmwLuTfCiqDp5IklVSF8%2FMJqaEDjbL9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75d2a546f8789a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
external-link.js
www.benefits.com/static/js/ 		510 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/static/js/external-link.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bc343cf4eca86aadf5df313b09eceb08419c6871bf1f37c33a6509784f8580

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/reviewyourstatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 05 Oct 2021 00:45:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"615ba02b-1fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZX1PCzP2c%2BrO75IrRXRwlVC%2BtlIYdV9jeTexQ6v%2B%2B%2FOYirBKpcIK3WM2E9pPIsy%2BNI4oQWg6VIKIwVngGSBH8jMewe%2FKwzjM91c4CgiB%2B5yy3OgmMdoCM%2BNjiRmacRw5xy5lU6cb9F6%2FSVOQ1gu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75d2a546f8799a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rcw5fdk.js
use.typekit.net/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/rcw5fdk.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4e50f24e572a111920aaaf10da4ae746384553e384e8c2c2d6a8b81648cff29a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 20 Oct 2022 15:04:23 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6892
swap.js
cdn.callrail.com/companies/347713511/ca5993592f9105a86814/12/ 		32 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.callrail.com/companies/347713511/ca5993592f9105a86814/12/swap.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
/
Resource Hash
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-runtime
0.010842
date
Thu, 20 Oct 2022 15:04:23 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"d18beba8a6db32dd84b24258cf6542ac"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public
timing-allow-origin
*
x-amz-cf-id
6vcjJ-J5qZv8-lIOKlddA7p7w8M9kiyqrItgQYWzAXhRIsbpMNLA3Q==
x-request-id
9262700c-76a8-4aea-9313-bbe1c0f26be5
spc.php
servedby.aqua-adserver.com/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.aqua-adserver.com/spc.php?zones=8981%7C6753%7C6754%7C7622%7C7621%7C8532%7C8661%7C8662%7C8663%7C8672&source=&r=48550796&target=_blank&charset=UTF-8&loc=https%3A//www.benefits.com/reviewyourstatement
Requested by
Host: servedby.aqua-adserver.com
URL: https://servedby.aqua-adserver.com/spcjs.php?id=938&target=_blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.131.114.152 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
proxy-6.nyc3.aquaplatform.com
Software
nginx/1.19.8 /
Resource Hash
5755c800a0cea2c0027f1607bd305ad3c29f6197a8650babf4496555c9bfec13

Request headers

Referer
https://www.benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 15:04:22 GMT
server
nginx/1.19.8
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
application/x-javascript; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
expires
0
track.js
assets.customer.io/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.customer.io/assets/track.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e00:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62d46dcb412e392747beacffe406f4db3929ee93522f0b9bc59818cd14b15a8c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:33:55 GMT
content-encoding
br
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified
Thu, 13 Oct 2022 17:36:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
45028
etag
W/"afaefc61e40ea0ff91567a4ff174876c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
GpQYrnDBDxMtFeJHOuHiJ5acuZC57r1eP3KQtEnhXS-ncfch5QiFvw==
gtm.js
www.googletagmanager.com/ 		192 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e0a40a288ece94525894434fcb491ae70f6f9c587a0e8f602da44f3c1290147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
71725
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 Oct 2022 15:04:22 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3122:e000::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
79445
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0fa0913726db299a93b063c817dd1ea6
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
75d2a5471a1d91d7-FRA
cdn-requestpullsuccess
True
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3122:e000::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
864
age
482844
cdn-cachedat
08/20/2022 02:30:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18028
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"448c34a56d699c29117adc64c43affeb"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9c193514bc7689af729dd13d9f2618e2
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
75d2a5471a1e91d7-FRA
cdn-requestpullsuccess
True
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.2/ 		174 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by
Host: ba3068fe3e2142d68354c198d575728a.js.ubembed.com
URL: https://ba3068fe3e2142d68354c198d575728a.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 25 May 2022 02:45:33 GMT
content-encoding
gzip
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
last-modified
Tue, 05 Apr 2022 16:31:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
12831529
etag
W/"359008fe01078c59c66e034866170bd2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
9dH_21Zqr8Nqg5kagbTeaFyJ5F6r7QzJ42X5YVaKiaAD29ObAs_5bA==
optimize.js
www.googleoptimize.com/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-5DZDX4V
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0916cdb9fe98db94e43cfb1f2780e19d3dbb10994ef5e461ccbd1086acbbe701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47441
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 Oct 2022 15:04:23 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 13:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6506
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 20 Oct 2022 15:15:57 GMT
hotjar-1122411.js
static.hotjar.com/c/ 		0
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1122411.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-42.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
date
Thu, 20 Oct 2022 15:04:23 GMT
x-content-type-options
nosniff
via
1.1 1a89beee9d72657437f5e91f57220804.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
etag
W/d41d8cd98f00b204e9800998ecf8427e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
0
x-amz-cf-id
AQPRtuf1J9Xf-FDDG9vi0bPZ5RGBjIZdx5TkDyJDkC9DJGJPZeHitQ==
counter.js
www.statcounter.com/counter/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.229.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 15:02:32 GMT
server
cloudflare
age
15536
etag
W/"634ec008-aa70"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
75d2a5483c219261-FRA
expires
Thu, 20 Oct 2022 22:45:27 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 20 Oct 2022 15:04:22 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 20D5DC363EC74E48861C3BF1F2D5DF4A Ref B: AMS04EDGE2705 Ref C: 2022-10-20T15:04:23Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Oct 2022 15:04:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0+rYsU1OB/aaG26kjFZFsIBXtMPOWUYt0wuhODlHF4YoaxG24WzHWArD3qgVIPcmNUaEf7iXLje7zjJcPpPgJA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-371988851
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb447efd0ef7a79ebb483d071d35878938132bb60f2c3659f33d54e94aa64307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47302
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 Oct 2022 15:04:23 GMT
track.js
pixel.ampry.com/static/ 		156 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.ampry.com/static/track.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4400:19:6119:81c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5743bceaaeb8c8f4ceba1bccbc7047abcef3cc3e4ac02db2b3ac7d8cda456b13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 13:18:13 GMT
content-encoding
br
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-version-id
s9XjsQlmDr9GalIfVVPPc_AIi69n_pgj
last-modified
Tue, 27 Sep 2022 10:26:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
1129571
etag
W/"2b6971d0085aabc23586742eab175b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
2NFwRf3SsobQah69izwrZIPRjN2G6tesv67moQkAM98aT7uTMc26IA==
815144366094512
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/815144366094512?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01b5d4aeeb215158da7cab75e101009ec2223c281f926424f04c0bd4e289e6d3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Oct 2022 15:04:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
UoOaCeJtN0cH9frOrL/FMS49FQ43XzQ1uXwxscoBw/TWaJlOJ6zb9wnhGM315YRf7EIQujRcOlZRHuygs8eLwA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
t.php
c.statcounter.com/ 		192 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12231059&u1=E4877D81FDA14F853128F15C72C98D57&java=1&security=06bd3d1e&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.benefits.com/reviewyourstatement&t=404%20Not%20Found&invisible=1&sc_rum_e_s=2802&sc_rum_e_e=2807&sc_rum_f_s=0&sc_rum_f_e=2800&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.229.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.benefits.com
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
75d2a5488cb59261-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
134004590.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/134004590.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 20 Oct 2022 15:04:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 45A048A18D3E47D6B23A65751A1A2C8E Ref B: AMS04EDGE2705 Ref C: 2022-10-20T15:04:23Z
x-cache
CONFIG_NOCACHE
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-371988851
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15192
x-xss-protection
0
server
cafe
etag
699633608045481581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 Oct 2022 15:04:23 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=732207129&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefits.com%2Freviewyourstatement&ul=en-us&de=UTF-8&dt=404%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAACAAI~&jid=701829377&gjid=1293635742&cid=790403729.1666278263&tid=UA-119266907-1&_gid=134588311.1666278263&_r=1&gtm=2wgah0M84KTS9&z=805063963
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 15:04:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-119266907-1&cid=790403729.1666278263&jid=701829377&gjid=1293635742&_gid=134588311.1666278263&_u=aEBAAEAAQAAAACAAI~&z=1873566998
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Oct 2022 15:04:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=815144366094512&ev=PageView&dl=https%3A%2F%2Fwww.benefits.com%2Freviewyourstatement&rl=&if=false&ts=1666278263286&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666278263285.896858075&it=1666278263103&coo=false&rqm=GET
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 20 Oct 2022 15:04:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/371988851/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/371988851/?random=1666278263293&cv=9&fst=1666278263293&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaah0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefits.com%2Freviewyourstatement&tiba=404%20Not%20Found&auid=1553102477.1666278263&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc2b4cfd6fbab94356c124b00f6c46fa675cefd85ac0fc1eabfdc4bbeddef1ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 15:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1039
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-119266907-1&cid=790403729.1666278263&jid=701829377&_u=aEBAAEAAQAAAACAAI~&z=1036669758
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 15:04:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-119266907-1&cid=790403729.1666278263&jid=701829377&_u=aEBAAEAAQAAAACAAI~&z=1036669758
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 15:04:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mem5YaGs126MiZpBA-UN8rsOUuhs.ttf
fonts.gstatic.com/s/opensans/v18/ 		28 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhs.ttf
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/static/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dad7b1c2b7a280cbbea4e1f7c6355e1cc3f35369dc088ee26318e6f147f1e08e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 23:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19180
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 23:51:56 GMT
mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v18/ 		26 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0e.ttf
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/static/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 14:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18276
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 14:50:39 GMT
/
www.google.com/pagead/1p-user-list/371988851/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/371988851/?random=1666278263293&cv=9&fst=1666278000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaah0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefits.com%2Freviewyourstatement&tiba=404%20Not%20Found&async=1&fmt=3&is_vtc=1&random=300601946&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 15:04:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/371988851/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/371988851/?random=1666278263293&cv=9&fst=1666278000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaah0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefits.com%2Freviewyourstatement&tiba=404%20Not%20Found&async=1&fmt=3&is_vtc=1&random=300601946&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 15:04:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
server
nginx
etag
"a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33660
l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
40b87680850d61dff26f2280eaac2487e2261e8771cca1f4eba69dc366cd1fe2

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
server
nginx
etag
"7419d3e31dff61919238b7104d975fb9f66eb724"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35128
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32688
l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
server
nginx
etag
"98ea2e3888e90196090ca6bc7ddc5345e1871a7a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34380
l
use.typekit.net/af/442215/000000000000000000010b5a/27/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/442215/000000000000000000010b5a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8d5da73586712159bb569fbfbd370f05a258113b2591ba238ef4e7bde1db13b7

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
server
nginx
etag
"9523c64514161c03124fab238b18113d17bad9eb"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23800
l
use.typekit.net/af/3df5fe/000000000000000000010b5b/27/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3df5fe/000000000000000000010b5b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
81d0ce06f0a0a9cfc75de2424080e85e28dfa303b2b1b7878c453410d3055c1d

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
server
nginx
etag
"639e52eb61e2e74a6b9e567eea4595b8cedfd8df"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25160
l
use.typekit.net/af/1709eb/000000000000000000010b60/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1709eb/000000000000000000010b60/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
server
nginx
etag
"9bd0488a91630a3c738a4d950e0b0b7930bcb98f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24740
l
use.typekit.net/af/65fc7d/000000000000000000010b61/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/65fc7d/000000000000000000010b61/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
47a1083eea338ac89ca48d39665eeccc7d42506db6c24654c98229c6a78f5177

Request headers

Referer
https://www.benefits.com/
Origin
https://www.benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
server
nginx
etag
"08910aa8e42a32045f6a1944e9821c03acb37f44"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26660
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134004590&Ver=2&mid=3989544b-d27a-4cf5-8692-ef20ba415c8f&sid=7b7e7100508811ed98462b045f9c8196&vid=7b7e9e80508811ed9d462316ffb68ec1&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=404%20Not%20Found&p=https%3A%2F%2Fwww.benefits.com%2Freviewyourstatement&r=&lt=3294&evt=pageLoad&sv=1&rn=246752
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/reviewyourstatement
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 20 Oct 2022 15:04:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 151948759EC84079B775A73B57C649A4 Ref B: AMS04EDGE2705 Ref C: 2022-10-20T15:04:23Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie
renderer.ampry.com/register/conversion/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://renderer.ampry.com/register/conversion/cookie?pixel_code=49199886798e260a77999888fe9da5940eb4bc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.102.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-102-144.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.benefits.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.benefits.com
access-control-max-age
0
cache-control
no-cache, private
date
Thu, 20 Oct 2022 15:04:24 GMT
server
awselb/2.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cookie
renderer.ampry.com/register/conversion/ 		39 B
256 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://renderer.ampry.com/register/conversion/cookie?pixel_code=49199886798e260a77999888fe9da5940eb4bc
Requested by
Host: pixel.ampry.com
URL: https://pixel.ampry.com/static/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.102.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-102-144.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
7d1971b24c491befa0de070b93f69444fe8e3206b88dd67c01f43ab7eb0bbde6

Request headers

Referer
https://www.benefits.com/reviewyourstatement
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 15:04:24 GMT
server
awselb/2.0
vary
Origin
x-ratelimit-remaining
941
content-type
application/json
access-control-allow-origin
https://www.benefits.com
cache-control
no-cache, private
access-control-allow-credentials
true
x-ratelimit-limit
1000
content-length
39
templates
renderer.ampry.com/filter/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://renderer.ampry.com/filter/templates
Requested by
Host: pixel.ampry.com
URL: https://pixel.ampry.com/static/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.102.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-102-144.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
862baa2a822f9797add06fd4bb7d51ca50f371fb06ee77f422f53633a37c57c2

Request headers

Referer
https://www.benefits.com/reviewyourstatement
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 15:04:24 GMT
server
awselb/2.0
vary
Origin
x-ratelimit-remaining
940
content-type
application/json
access-control-allow-origin
https://www.benefits.com
cache-control
no-cache, private
access-control-allow-credentials
true
x-ratelimit-limit
1000
content-length
1535
templates
renderer.ampry.com/filter/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://renderer.ampry.com/filter/templates
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.102.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-102-144.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.benefits.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.benefits.com
access-control-max-age
0
cache-control
no-cache, private
date
Thu, 20 Oct 2022 15:04:24 GMT
server
awselb/2.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p.gif
p.typekit.net/ 		35 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=rcw5fdk&ht=tk&h=www.benefits.com&f=139.140.175.176.10954.13453.13454.13455&a=2085243&js=1.21.0&app=typekit&e=js&_=1666278263723
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 20 Oct 2022 15:04:23 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
page.gif
track.customer.io/events/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.benefits.com%2Freviewyourstatement&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=df348ee0-f0e9-ec18-eb54-67f22c6a5889&site_id=7fc3b27442fdf3b961ae&timestamp=1666278263760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.225.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:04:23 GMT
via
1.1 google
content-type
image/gif
access-control-allow-origin
*
status
200 OK
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=815144366094512&ev=Microdata&dl=https%3A%2F%2Fwww.benefits.com%2Freviewyourstatement&rl=&if=false&ts=1666278263788&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22404%20Not%20Found%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.benefits.com%2Freviewyourstatement%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22404%20Not%20Found%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Benefits.com%22%2C%22alternateName%22%3A%22Your%20Free%20Advocate%20for%20Benefit%20Programs%22%2C%22url%22%3A%22https%3A%2F%2Fbenefits.com%22%7D%5D&sw=1600&sh=1200&v=2.9.87&r=stable&ec=1&o=30&fbp=fb.1.1666278263285.896858075&it=1666278263103&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 20 Oct 2022 15:04:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| OA_zoneids undefined| zonename string| OA_p number| OA_r string| OA_spc function| OA_show function| OA_showpop string| OA_fo string| OA_source object| OA_output function| $ function| jQuery object| _cio object| dataLayer number| c_start object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings number| sc_project number| sc_invisible string| sc_security number| sc_https number| sc_remove_link object| uetq function| fbq function| _fbq string| ampry_acc_code object| ampry_script object| ube object| gaplugins function| _statcounter function| UET function| UET_init function| UET_push object| ueto_82d752625a function| gtag object| google_optimize object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| laravelCookieConsent object| coll object| Typekit number| c_end

19 Cookies

Domain/Path Name / Value
www.benefits.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImZ5NVwvRHNFbGFjaStTREJaamNING1RPT0iLCJ2YWx1ZSI6Ims3ek8rSDVhWDZSQ1BGWVlFbU82cndTb2lEcGNva1o0TURVemlUNXcxZWl2bEkxdEdVQ3c3UEd0TUFaZG1ld01wNGdKdFVDdGo5MEhzMEZ6MGZ4VkFRPT0iLCJtYWMiOiIyMGZkOTQzMDBlNWJmYmE3MTNkZGM1MjM3NDM1YTVhODcxZjRjM2RhZTQ0NzA2ZmMxM2RmNWRiZTgxMGY3YTJiIn0%3D
www.benefits.com/ Name: laravel_session
Value: eyJpdiI6IisrQWNjWVdqQm85b2w1eURPVUtta0E9PSIsInZhbHVlIjoicVpJaHpLeUd0eUJ5SmJ6R0lrTDZ1WnF4QWVMT1p5eGFvZXMwR1hyc2xIUCtNUGp5OEZQcVRPcGdES2lcLzExbU1sZERLbkJzK2RTR0pjXC94MHFoek45dz09IiwibWFjIjoiNGI1OTFiNTJjNDFjOGUyMjQ3NzVkZWJhZDZkMmE5YTdhOTMzYzAwYjBjMjkwZGE0YTdmNGQwYjkwNjY3OGIwZSJ9
servedby.aqua-adserver.com/ Name: OAGEO
Value: 2%7CNL%7CEU%7C1%7C%7C%7C52.3824%7C4.8995%7C100%7CEurope%2FAmsterdam%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
servedby.aqua-adserver.com/ Name: OAID
Value: 01000111010001000101000001010010
.benefits.com/ Name: _gcl_au
Value: 1.1.1553102477.1666278263
.bing.com/ Name: MUID
Value: 1C726E008C196ADB31F97C438D9A6BA3
.benefits.com/ Name: sc_is_visitor_unique
Value: rx12231059.1666278263.E4877D81FDA14F853128F15C72C98D57.1.1.1.1.1.1.1.1.1
.benefits.com/ Name: _ga
Value: GA1.2.790403729.1666278263
.benefits.com/ Name: _gid
Value: GA1.2.134588311.1666278263
.benefits.com/ Name: _gat_UA-119266907-1
Value: 1
.statcounter.com/ Name: is_unique
Value: sc12231059.1666278263.0
.statcounter.com/ Name: is_visitor_unique
Value: 1666278263183558263
.benefits.com/ Name: _fbp
Value: fb.1.1666278263285.896858075
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.benefits.com/ Name: _uetsid
Value: 7b7e7100508811ed98462b045f9c8196
.benefits.com/ Name: _uetvid
Value: 7b7e9e80508811ed9d462316ffb68ec1
.benefits.com/ Name: _cioanonid
Value: df348ee0-f0e9-ec18-eb54-67f22c6a5889
.ampry.com/ Name: visited_urls
Value: eyJpdiI6IlAxbjNmZGhJV1ZSM2ZWWk9rSzVKTGc9PSIsInZhbHVlIjoiWTBOT1o4Y1hIcUdnRGZuNmNiR0NoTGMrT1BoTkt5WWNjMlR3dW5zTk12L1liempmeXZXVjhCa1RyY3RudHh1cCIsIm1hYyI6IjgzODkyMTZjY2Y0N2QwMzhmOTM0NTJhYjJiZGRiZDEzMDViNDI5MWZjYmU0Y2I0YzJhYzRlMDFiNzE0NmMwN2QiLCJ0YWciOiIifQ%3D%3D
.ampry.com/ Name: ampry_unique
Value: eyJpdiI6Ino1dWlERGhyZHRVUk9tQW14dkZ4MkE9PSIsInZhbHVlIjoiWkNDbVdnYVN5ZXlrckZqeUg3YXAwVGZGOWN0Q091ZWNGTXBNUlVEelNFQ0hjN25VT0F1SzlwZERDRCtDSG13TEZDOCtoTmxHalNBbXlzdzJ0dzJsVVVpbnc4OVdMOHN0aTJvYW43M09mUXM9IiwibWFjIjoiMDJiMTk5NDIzOTdlNDU3YjFjZTYzMDhhZWZiNDI4NzdmZmIxMDhhNzAyMDY1MzNlMjE3YTVkMTJiYzE4OTU0MiIsInRhZyI6IiJ9

3 Console Messages

Source Level URL
Text
network error URL: https://www.benefits.com/reviewyourstatement
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://servedby.aqua-adserver.com/spcjs.php?id=938&target=_blank(Line 23)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedby.aqua-adserver.com/spc.php?zones=8981%7C6753%7C6754%7C7622%7C7621%7C8532%7C8661%7C8662%7C8663%7C8672&source=&r=48550796&target=_blank&charset=UTF-8&loc=https%3A//www.benefits.com/reviewyourstatement, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://servedby.aqua-adserver.com/spcjs.php?id=938&target=_blank(Line 23)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedby.aqua-adserver.com/spc.php?zones=8981%7C6753%7C6754%7C7622%7C7621%7C8532%7C8661%7C8662%7C8663%7C8672&source=&r=48550796&target=_blank&charset=UTF-8&loc=https%3A//www.benefits.com/reviewyourstatement, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.customer.io
assets.ubembed.com
ba3068fe3e2142d68354c198d575728a.js.ubembed.com
bat.bing.com
benefits.com
c.statcounter.com
cdn.callrail.com
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
p.typekit.net
pixel.ampry.com
renderer.ampry.com
servedby.aqua-adserver.com
static.hotjar.com
stats.g.doubleclick.net
track.customer.io
use.typekit.net
www.benefits.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.statcounter.com
104.131.114.152
104.20.229.67
108.138.17.124
13.32.121.113
151.101.65.131
172.217.23.98
18.65.39.42
2600:9000:223c:e00:11:9cfd:9400:93a1
2600:9000:223e:4400:19:6119:81c0:93a1
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:809::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9d
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
2a06:98c1:3122:e000::c
35.227.225.220
52.22.102.144
01b5d4aeeb215158da7cab75e101009ec2223c281f926424f04c0bd4e289e6d3
0916cdb9fe98db94e43cfb1f2780e19d3dbb10994ef5e461ccbd1086acbbe701
0f4f802e0f1ab6c057e0f3acaccdae0551f65f9656cd72870b4d4096367b44cd
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b9a658314baccfef5f3b1d279571f0c1dbe62e6f71735828dd7606e426ba798
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598
40b87680850d61dff26f2280eaac2487e2261e8771cca1f4eba69dc366cd1fe2
45eed02c505440ede29e3aa6f2eb31c9eaace20197fa463f187a50686207672b
47a1083eea338ac89ca48d39665eeccc7d42506db6c24654c98229c6a78f5177
4e0a40a288ece94525894434fcb491ae70f6f9c587a0e8f602da44f3c1290147
4e50f24e572a111920aaaf10da4ae746384553e384e8c2c2d6a8b81648cff29a
4f58654ee72624aa09d591050830d8d6a35ba4f1ca8273ac8374ae50a3bddd7d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
5743bceaaeb8c8f4ceba1bccbc7047abcef3cc3e4ac02db2b3ac7d8cda456b13
5755c800a0cea2c0027f1607bd305ad3c29f6197a8650babf4496555c9bfec13
59f5f1866cd3a83dee11524e61f610e91537d43a6ddcd568838ad711c7053933
62d46dcb412e392747beacffe406f4db3929ee93522f0b9bc59818cd14b15a8c
68d6490ee1a555820fa2605ff17757f6c4dcb9f2e0ef37e3df8124edda1a19a3
774948ce22ec4254e77f583ab7e0a85d233bf2f21d99f04c2c772b53e4cb7229
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d1971b24c491befa0de070b93f69444fe8e3206b88dd67c01f43ab7eb0bbde6
81d0ce06f0a0a9cfc75de2424080e85e28dfa303b2b1b7878c453410d3055c1d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
862baa2a822f9797add06fd4bb7d51ca50f371fb06ee77f422f53633a37c57c2
8d5da73586712159bb569fbfbd370f05a258113b2591ba238ef4e7bde1db13b7
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
93e8e78c84a558164e890487bc70a055fca12318e4681dce30a83c8c18bea1f8
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9f5c054634b10543601c09d88abd939904b898419f16973ecc3536ce2b7095b2
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
b25a09d4e27b3e0d46bae6963b853598399dfc591e2a1644218b13b622ad0197
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb447efd0ef7a79ebb483d071d35878938132bb60f2c3659f33d54e94aa64307
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d1ac68c7d20ae793b88b3cd4962e796894351e50f6a5f811fa6820225e4c1ecd
dad7b1c2b7a280cbbea4e1f7c6355e1cc3f35369dc088ee26318e6f147f1e08e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1572b9ac496cb77275ca8f629d4b91109ddae943626638b5caea91ee846c1f0
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f1bc343cf4eca86aadf5df313b09eceb08419c6871bf1f37c33a6509784f8580
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447
fc2b4cfd6fbab94356c124b00f6c46fa675cefd85ac0fc1eabfdc4bbeddef1ee
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c