benefit-flow.com Open in urlscan Pro
2600:9000:224a:de00:7:5459:42c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://benefit-flow.com/
Submission: On October 11 via manual (October 11th 2023, 4:02:40 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 48 HTTP transactions. The main IP is 2600:9000:224a:de00:7:5459:42c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is benefit-flow.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on December 2nd 2022. Valid for: a year.

This is the only time benefit-flow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2600:9000:224... 2600:9000:224a:de00:7:5459:42c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	18.173.233.98 18.173.233.98	16509 (AMAZON-02) (AMAZON-02)
1	23.208.149.253 23.208.149.253	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	35.180.145.57 35.180.145.57	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	54.208.80.245 54.208.80.245	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.222.236.125 52.222.236.125	16509 (AMAZON-02) (AMAZON-02)
4	15.188.19.202 15.188.19.202	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	15

14 2600:9000:224a:de00:7:5459:42c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

benefit-flow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-98.dus51.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.208.149.253 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-149-253.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.180.145.57 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-180-145-57.eu-west-3.compute.amazonaws.com

stonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.80.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-80-245.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-125.fra56.r.cloudfront.net

s.stonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.188.19.202 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-19-202.eu-west-3.compute.amazonaws.com

api.stonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	benefit-flow.com benefit-flow.com	3 MB
11	tawk.to embed.tawk.to — Cisco Umbrella Rank: 10237 va.tawk.to — Cisco Umbrella Rank: 9820	140 KB
9	stonly.com stonly.com — Cisco Umbrella Rank: 34077 s.stonly.com — Cisco Umbrella Rank: 52977 api.stonly.com — Cisco Umbrella Rank: 37125	130 KB
3	appcues.com fast.appcues.com — Cisco Umbrella Rank: 5346	134 KB
2	smartlook.com rec.smartlook.com — Cisco Umbrella Rank: 33150	20 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1044 heapanalytics.com — Cisco Umbrella Rank: 946	37 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	167 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	254 B
1	gstatic.com fonts.gstatic.com	48 KB
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 6377	1 KB
48	11

	Domain	Requested by
14	benefit-flow.com	benefit-flow.com
8	embed.tawk.to	benefit-flow.com embed.tawk.to
4	api.stonly.com	stonly.com
4	stonly.com	benefit-flow.com stonly.com
3	va.tawk.to	embed.tawk.to
3	fast.appcues.com	benefit-flow.com fast.appcues.com
2	rec.smartlook.com	benefit-flow.com rec.smartlook.com
2	www.googletagmanager.com	benefit-flow.com www.googletagmanager.com
2	fonts.googleapis.com	benefit-flow.com
1	s.stonly.com	stonly.com
1	region1.google-analytics.com	www.googletagmanager.com
1	heapanalytics.com	benefit-flow.com
1	fonts.gstatic.com	fonts.googleapis.com
1	chimpstatic.com	benefit-flow.com
1	cdn.heapanalytics.com	benefit-flow.com
48	15

This site contains no links.

Subject Issuer	Validity	Valid
benefit-flow.com Amazon RSA 2048 M01	`2022-12-02` - `2023-12-31`	a year	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-05` - `2024-09-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
wildcardsan.us15.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-15` - `2023-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
stonly.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
1610534878.rsc.cdn77.org R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://benefit-flow.com/
Frame ID: 333C927FAB6DF36FF539F33FACE5905B
Requests: 44 HTTP requests in this frame

Frame: https://s.stonly.com/stonly-stat-id.html?widgetId=ff6c1e34-8073-11ec-82f1-064cee365e5a&v=1.5
Frame ID: 9208A6DABC5B603A912BB957EA681047
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BenefitFlow

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

Page Statistics

48
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

3313 kB
Transfer

6938 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
benefit-flow.com/ 5 KB
3 KB 288ms
24ms Document
text/html 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6784d723f58925e212334d2557535c8c09fca841e92beceb7fde2c7ffe305e05

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34478
content-encoding: gzip
content-type: text/html
date: Wed, 11 Oct 2023 06:27:57 GMT
etag: W/"1b8701b8b44758c75ac32efca57ec194"
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-id: u5eEsUqKEoVpb8SxKDxiFvWQqYqWgna1pxHDkewHNCuEHAsAbcCrtg==
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 146739.js Show response
fast.appcues.com/ 22 KB
5 KB 77ms
7ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/146739.js
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 1c42467c33203f462afaf733e6c7c85ce2cd0b9f7257b99e8fb938faa58c262d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:34 GMT
content-encoding: gzip
via: 1.1 varnish
age: 34
x-cache: HIT
content-length: 5180
x-request-id: F40Y_5PtkJWQUJ9OxHWD
x-served-by: cache-fra-etou8220106-FRA
server: Cowboy
x-timer: S1697040155.748800,VS0,VE1
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 1

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@500&display=swap

Requested by

Host: benefit-flow.com
URL: https://benefit-flow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eeec46530340c420257c12e2e5725b5d34f54ab34fb1936b4ec6abe884c273f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 16:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 14:33:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 16:02:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
717 B 49ms
26ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;600;700&display=swap

Requested by

Host: benefit-flow.com
URL: https://benefit-flow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99a1ff8f4784e07f81c3aa41500c6dd07a40449197128922f87e2a28ba5006e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 16:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 15:32:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 16:02:34 GMT

GET
H2 200 index-9967723b.js Show response
benefit-flow.com/assets/ 2 MB
621 KB 16ms
15ms Script
application/javascript 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit-flow.com/assets/index-9967723b.js
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bddf6b5ba3045d38ce3b66f56e6b5eae4c9252db84a54b2cbb3ddce7e300bf9d

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 23:29:23 GMT
content-encoding: gzip
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 59592
etag: W/"2e8e27d77537ffa7ba720b01a6d11a79"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: h8MgiIi1-aQ_Q39in7Tl_034F1g7SYV9z6tPaek3P38dfNOVjLv7Yw==

GET
H2 200 index-a61d01ca.css
benefit-flow.com/assets/ 263 KB
38 KB 35ms
35ms Stylesheet
text/css 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit-flow.com/assets/index-a61d01ca.css
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a61d01ca4ef236b573916ce551c0d58fcc48fcb6695c42f81b74b1d74141cf32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 02:26:46 GMT
content-encoding: gzip
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 48949
x-amz-server-side-encryption: AES256
etag: W/"abdc6a4eafeac7fd6ac12a235112b442"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: RouCoGAjQcormb3tg-LOVTrbXRmQ2oT004TnnAEHhcoAT9iztgF0ug==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
80 KB 69ms
46ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBDJ4DH

Requested by

Host: benefit-flow.com
URL: https://benefit-flow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d846d74b37f0875f25ae30dc939ad29835dd1e83f7da056efe53e2fc90737a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81848
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Oct 2023 16:02:34 GMT

GET
H2 200 heap-1717383574.js Show response
cdn.heapanalytics.com/js/ 114 KB
37 KB 49ms
19ms Script
application/javascript 18.173.233.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1717383574.js

Requested by

Host: benefit-flow.com
URL: https://benefit-flow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.233.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-233-98.dus51.r.cloudfront.net

Software

nginx / Express

Resource Hash

b6757e3f9e7ba34713c364412fce53d4234787266db0627ff420b3494b6a61fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:00 GMT
content-encoding: br
via: 1.1 708a97ceafd2f423a137287e2e17ee80.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: DUS51-P3
age: 34
x-powered-by: Express
etag: W/"1c699-dwk+VmhPPUUKHzCWJ1SUDN17GzA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: yu5KD7EikgEwlu0ObAgGZmNQxTHnnoCmHPCnFDO8RSrbwmeiR636KA==

GET
H/1.1 200
OK cb385619a25bcf74ae1e8454e.js Show response
chimpstatic.com/mcjs-connected/js/users/4a08258966f6c6ab4b80e9bb1/ 2 KB
1 KB 329ms
20ms Script
application/javascript 23.208.149.253
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/4a08258966f6c6ab4b80e9bb1/cb385619a25bcf74ae1e8454e.js
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.208.149.253 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-149-253.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 110, 101
Date: Wed, 11 Oct 2023 16:02:35 GMT
Content-Encoding: gzip
x-amz-request-id: 3MT47DEAES0QZWTK
X-EdgeConnect-MidMile-RTT: 0, 1
Connection: keep-alive
Content-Length: 653
x-amz-id-2: Iz763hEdQywmF6++NjnDQipEJ5BVq5L+O3oh/MemixBmwS30LS+K6YmDn31AbuC8EqTe/nHMwiA=
Last-Modified: Wed, 09 Jun 2021 15:13:28 GMT
Server: AmazonS3
ETag: "4b60d3ea13c42468679685c32a1680ac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Expires: Wed, 11 Oct 2023 16:32:35 GMT

GET
H2 200 1f7p4jprv Show response
embed.tawk.to/60c1191065b7290ac63516c5/ 2 KB
925 B 149ms
130ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/60c1191065b7290ac63516c5/1f7p4jprv

Requested by

Host: benefit-flow.com
URL: https://benefit-flow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd4d877962150c285218f9e791a87971e43a76a226d7f11358ecfeeb5c93a23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-65040be8d34"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8148540769904d7c-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK version Show response
stonly.com/js/widget/v2/ 8 B
347 B 143ms
83ms XHR
application/octet-stream 35.180.145.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stonly.com/js/widget/v2/version?v=1697040154697
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 6deab4ef2c91e0e4fef74943eae7dac85c5daffa29a03233388b854b4b6c117d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 16:02:34 GMT
Last-Modified: Wed, 11 Oct 2023 05:11:55 GMT
Server: nginx
ETag: "65262e9b-8"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 appcues.main.1bb0995c43fc47e9ba9254dbe0466535d421573a.js Show response
fast.appcues.com/generic/main/4.60.36/ 446 KB
126 KB 25ms
6ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.60.36/appcues.main.1bb0995c43fc47e9ba9254dbe0466535d421573a.js
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/146739.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 167fd1a5bc484235f6ce39554c5dd1865b0b80d0181ab5d5362c4e2ee3157948

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:34 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: R1X2KHM818YXHD5N
age: 73028
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 128882
x-amz-id-2: rYSyKAc/9CN1XjBTf93TYEgagBFZcVGfWCBcXhF0D9TFK2KI8NannVZEOcoKEjWKZ5mWSGqzlRY=
x-served-by: cache-fra-etou8220034-FRA
last-modified: Tue, 10 Oct 2023 18:52:52 GMT
server: AmazonS3
x-timer: S1697040155.785545,VS0,VE0
etag: "fa78ec18f740d711d8ca5d9c340edcf5"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 209

GET
H2 200 index-00f95953.js Show response
benefit-flow.com/assets/ 10 KB
4 KB 17ms
16ms Script
application/javascript 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit-flow.com/assets/index-00f95953.js
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/assets/index-9967723b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8585e6a4bc1cdbfe50b12d8a294a8e95a0dce4c92761adebc3026e7921493489

Request headers

Referer: https://benefit-flow.com/assets/index-9967723b.js
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:01:45 GMT
content-encoding: gzip
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 25249
etag: W/"bd249b19ccb17519c0a3cc49ef40e804"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -Tt4dUQrNft_LAKEQEjJJi4bR5hvsuWUbdthg5sGDl0-19LDInGsLg==

GET
H/1.1 200
OK stonly-widget.js Show response
stonly.com/js/widget/v2/ 39 KB
13 KB 63ms
31ms Script
application/javascript 35.180.145.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stonly.com/js/widget/v2/stonly-widget.js?v=ef634653

Requested by

Host: benefit-flow.com
URL: https://benefit-flow.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-180-145-57.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

a93dc92a549d63421fb0aabfbef5119b3eaa234b5321fd6b3d2572c2f1a59ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 16:02:34 GMT
Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Last-Modified: Wed, 11 Oct 2023 05:11:55 GMT
Server: nginx
ETag: W/"65262e9b-9c93"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Wed, 25 Oct 2023 16:02:34 GMT

GET
H2 200 container.1bb0995c43fc47e9ba9254dbe0466535d421573a.css
fast.appcues.com/generic/main/4.60.36/ 16 KB
2 KB 9ms
9ms Stylesheet
text/css 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.60.36/container.1bb0995c43fc47e9ba9254dbe0466535d421573a.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.60.36/appcues.main.1bb0995c43fc47e9ba9254dbe0466535d421573a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1074165b8f28dc80ad82a7ccb527d38b7879d779bd39afbfc2a92bb4c58225ad

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: V5ZN9DCJZ1VF7FRR
age: 73179
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2046
x-amz-id-2: wKyf4lo7Lau6/aeDyKRSKQ4rhG0aqP3PORrQDFxh370sj+S5z66BLpGdjHI96YleHJy9Lm8mgqR1NT6pdjS2DA==
x-served-by: cache-fra-etou8220034-FRA
last-modified: Tue, 10 Oct 2023 18:52:52 GMT
server: AmazonS3
x-timer: S1697040155.024975,VS0,VE0
etag: "88957db107ec269f9ac1b2f27b6fc782"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css; charset=utf-8;
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 7576

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 4 KB
2 KB 31ms
6ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: benefit-flow.com
URL: https://benefit-flow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

a1b5dd889ed08b151702eb0c762bea0467f55112daeb67d6100a0f4f8f1d23de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 68
x-accel-date: 1697040087
x-77-nzt: AZySIYg3Nzf/RAAAAA
x-accel-expires: @1697040687
x-77-age: 68
last-modified: Wed, 11 Oct 2023 13:45:07 GMT
server: CDN77-Turbo
etag: W/"6526a6e3-10f6"
x-77-nzt-ray: f6587a1de5d172251bc72665103b2006
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
86 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V5BB8HD5X4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBDJ4DH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8874607d1dbd47f8c772a4abc3cf0549cd904aba60812901cc349c921d7fcf57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 16:02:35 GMT

GET
H2 200 Roboto-Italic-8aaf23ac.ttf
benefit-flow.com/assets/ 167 KB
92 KB 23ms
22ms Font
application/font-sfnt 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit-flow.com/assets/Roboto-Italic-8aaf23ac.ttf
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/assets/index-a61d01ca.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8aaf23ac2ee9b3ef1b61c2390b3e6e02c0aa6a409d591c7fd7f3d4d7cf51e00b

Request headers

Referer: https://benefit-flow.com/assets/index-a61d01ca.css
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:01:46 GMT
content-encoding: gzip
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 25249
etag: W/"465d1affcd03e9c6096f3313a47e0bf5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/font-sfnt
x-amz-cf-id: 6WMV6vhBUtwQaypKEXkT81psBDyYTCRaxeEUY9k8BxJtJQ-jymiyFA==

GET
H2 200 Roboto-Bold-baf44ce8.ttf
benefit-flow.com/assets/ 163 KB
87 KB 18ms
17ms Font
application/font-sfnt 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit-flow.com/assets/Roboto-Bold-baf44ce8.ttf
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/assets/index-a61d01ca.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4

Request headers

Referer: https://benefit-flow.com/assets/index-a61d01ca.css
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:01:46 GMT
content-encoding: gzip
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 25250
x-amz-server-side-encryption: AES256
etag: W/"9ece5b48963bbc96309220952cda38aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/font-sfnt
x-amz-cf-id: sej0c84pZ_KOCgU1ziLyRb1OcWYKH-VGUKAAhVO999IovnsXW1jqHQ==

GET
H2 200 Roboto-Regular-319cff6e.ttf
benefit-flow.com/assets/ 164 KB
87 KB 18ms
17ms Font
application/font-sfnt 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit-flow.com/assets/Roboto-Regular-319cff6e.ttf
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/assets/index-a61d01ca.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481

Request headers

Referer: https://benefit-flow.com/assets/index-a61d01ca.css
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:01:46 GMT
content-encoding: gzip
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 25250
etag: W/"f36638c2135b71e5a623dca52b611173"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/font-sfnt
x-amz-cf-id: UtOz7oJjlCdPAOs3mGyNbSheiWkaOBu6lD3fdn7C-9wPumPBsvUiUQ==

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
48 KB 32ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:18:14 GMT
x-content-type-options: nosniff
age: 510261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:18:14 GMT

GET
H2 200 Gilroy-Bold-97ff627e.woff
benefit-flow.com/assets/ 37 KB
38 KB 16ms
16ms Font
application/font-woff 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit-flow.com/assets/Gilroy-Bold-97ff627e.woff
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/assets/index-a61d01ca.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97ff627efe96ef598a8bc4eeb98f24b498ca3731799bb364901b8ba586d09d86

Request headers

Referer: https://benefit-flow.com/assets/index-a61d01ca.css
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:01:46 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 25250
etag: "38026626932431fe477ebb1be40350db"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/font-woff
accept-ranges: bytes
content-length: 38372
x-amz-cf-id: MCBCYm0netgFhnZq-K5byrL4dXQuO-f2Pxa3GCyDnMEMHcEwQrX0wQ==

GET
H2 200 01_BenefitFlow_Logo-e4f18f97.png
benefit-flow.com/assets/ 19 KB
19 KB 26ms
21ms Image
image/png 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefit-flow.com/assets/01_BenefitFlow_Logo-e4f18f97.png
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4f18f9719a5807a787fa6a17a25b293617a450ead3dea36747bc01c0b6824ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:01:46 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 25250
x-amz-server-side-encryption: AES256
etag: "17ea31d2358524852f433418a43ad070"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 19043
x-amz-cf-id: _Pb4HQd83xkqyij2sM7MueBdmGCak4UHHZItzZ-3DQ5k-mJeFTEWAQ==

GET
H2 200 frame1-60ba7da2.png
benefit-flow.com/assets/ 44 KB
44 KB 22ms
18ms Image
image/png 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefit-flow.com/assets/frame1-60ba7da2.png
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60ba7da2b56c9fb54ef7f0de4f1ec2cc03fb732692f5f58cf89d9176673cc9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:02 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 34
etag: "adf0a3e89d38d763b3ca6aaffdc60e78"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 44642
x-amz-cf-id: MeS0_7GelqM1l-krCy78IibVMg2VN9dfvmDlaPbXBsAQ5FoCmm-l6w==

GET
H2 200 frame1after-d205ccc8.png
benefit-flow.com/assets/ 15 KB
15 KB 21ms
17ms Image
image/png 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefit-flow.com/assets/frame1after-d205ccc8.png
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d205ccc89d7d3e98b71ae432559d9129b4b56c7fed28abba95102a224ca0df76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:01:46 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 25250
x-amz-server-side-encryption: AES256
etag: "165c70a3de44e483b34a90f5a47ff313"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15002
x-amz-cf-id: rpDZgazzart9JLxccNaNrt6HFCEJz1Dvj8u_6o2uwjPnRImVpI65BQ==

GET
H2 200 frame3-680745ee.png
benefit-flow.com/assets/ 77 KB
78 KB 17ms
13ms Image
image/png 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefit-flow.com/assets/frame3-680745ee.png
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 680745eee08630cc5d6e04e523902dc4b90c4f03dc03440f2794042a40ef57a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:02 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 34
etag: "0932d52d5ecc10ecc92a19bca86b7e20"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 79098
x-amz-cf-id: MJw0Op3zR9B_kVRAmAj5jS2hLPDiGjS34EgRaoj4T9_BcLZ0Ra8Nbg==

GET
H2 200 frame3after-adbb5029.png
benefit-flow.com/assets/ 9 KB
9 KB 20ms
17ms Image
image/png 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefit-flow.com/assets/frame3after-adbb5029.png
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adbb50296ad10127f0a60ae58ef77531503a81a99f7e9ec9aa49b3a6e237ea0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:01:46 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 25250
x-amz-server-side-encryption: AES256
etag: "ebb54d16d79635b493ec814400872e17"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 9289
x-amz-cf-id: BBAkQN-x-oFxzjUpVSlo82ETKlzCGQ2LoBw59AybvzFJUj-dxVqfNQ==

GET
H/1.1 200
OK vendors~widget-6a10b4723bf3a3343a8a.stonly.js Show response
stonly.com/js/widget/v2/ 179 KB
64 KB 36ms
35ms Script
application/javascript 35.180.145.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stonly.com/js/widget/v2/vendors~widget-6a10b4723bf3a3343a8a.stonly.js

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=ef634653

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-180-145-57.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

c62370c1f168c29ef078fe65730f0c85dc2ea3f12187b4e9896a0598aacd92b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 16:02:35 GMT
Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Last-Modified: Wed, 11 Oct 2023 05:11:55 GMT
Server: nginx
ETag: W/"65262e9b-2cd57"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Wed, 25 Oct 2023 16:02:35 GMT

GET
H/1.1 200
OK widget-59963eafa9da84cec6a9.stonly.js Show response
stonly.com/js/widget/v2/ 169 KB
50 KB 200ms
161ms Script
application/javascript 35.180.145.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stonly.com/js/widget/v2/widget-59963eafa9da84cec6a9.stonly.js

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=ef634653

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-180-145-57.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

f7895e72477e80b1defa6a8e6194d32314c840c3b2f6a6ef97f50c239832145c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 16:02:35 GMT
Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Last-Modified: Wed, 11 Oct 2023 05:11:55 GMT
Server: nginx
ETag: W/"65262e9b-2a2e7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Wed, 25 Oct 2023 16:02:35 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 298ms
97ms Image
image/gif 54.208.80.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1717383574&u=37182618333109&v=6647286446017346&s=4403965005353722&b=web&tv=4.0&z=0&h=%2F&d=benefit-flow.com&t=BenefitFlow&ts=1697040155065&st=1697040155130

Requested by

Host: benefit-flow.com
URL: https://benefit-flow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.80.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-80-245.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 206 anim1.mp4
benefit-flow.com/videos/ 1 MB
1 MB 27ms
26ms Media
video/mp4 2600:9000:224a:de00:7:5459:42c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit-flow.com/videos/anim1.mp4
Requested by: Host: benefit-flow.com
URL: https://benefit-flow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:de00:7:5459:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf0b886f14891a6ec07d322febc96621e764e5cb9dd6c4d99e0a2a015b9429e

Request headers

Referer: https://benefit-flow.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 11 Oct 2023 09:01:46 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 02:52:47 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 25250
x-amz-server-side-encryption: AES256
etag: "cd157f2e8c0bf54c59e4189e0c8795a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-1532296/1532297
accept-ranges: bytes
x-amz-cf-id: Sfl4hUJD4gaj-i6mKkYXEkWp19XFpFFrWwcV-gVi4YLzW9B-uw4kBg==
Content-Length: 1532297

GET
H2 200 init.a086f177db06b3715472.js Show response
rec.smartlook.com/es6/ 63 KB
18 KB 258ms
6ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/es6/init.a086f177db06b3715472.js

Requested by

Host: rec.smartlook.com
URL: https://rec.smartlook.com/recorder.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

48cc8d2ef0df82a4de8c32f7548dfd95ea6a56e791833c56a37dfbe840f8b3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 6176
x-accel-date: 1697033979
x-77-nzt: AZySIYg3Nzf/IBgAAA
x-accel-expires: @1728569979
x-77-age: 6176
last-modified: Wed, 11 Oct 2023 13:45:07 GMT
server: CDN77-Turbo
etag: W/"6526a6e3-fd94"
x-77-nzt-ray: f6587a1dc1e156271bc72665b1370019
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 39ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V5BB8HD5X4&gtm=45je3a90&_p=244072774&cid=2126576931.1697040155&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697040155&sct=1&seg=0&dl=https%3A%2F%2Fbenefit-flow.com%2F&dt=BenefitFlow&en=page_view&_fv=2&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V5BB8HD5X4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 16:02:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefit-flow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stonly-stat-id.html Show response
s.stonly.com/ Frame 9208 3 KB
1 KB 48ms
7ms Document
text/html 52.222.236.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.stonly.com/stonly-stat-id.html?widgetId=ff6c1e34-8073-11ec-82f1-064cee365e5a&v=1.5
Requested by: Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-59963eafa9da84cec6a9.stonly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-125.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343

Request headers

Referer: https://benefit-flow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36649
content-encoding: gzip
content-type: text/html
date: Wed, 11 Oct 2023 05:51:47 GMT
etag: W/"b714291e1f3178ac2a5d4e3c7974d64b"
last-modified: Fri, 06 Oct 2023 07:17:34 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-id: bQ_x2jZARU-LLE17hxsWwv0x3j3SAZMtlbLFkO7dSmh8jT1N5AcaQw==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 121 B
286 B 129ms
128ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60c1191065b7290ac63516c5/1f7p4jprv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8148540bbfd74d7c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 81 KB
29 KB 252ms
251ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60c1191065b7290ac63516c5/1f7p4jprv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8148540bbfd84d7c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 209 KB
61 KB 357ms
356ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60c1191065b7290ac63516c5/1f7p4jprv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ef1c0033184fc3d9927468f3e3fcf00bdef6607fef645c9d4d80e0cd6c17ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"c7d717342f2392436e14ee5e894cff01"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8148540bbfdb4d7c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 206 KB
41 KB 355ms
354ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60c1191065b7290ac63516c5/1f7p4jprv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b5298695dd08a5ac6f7df92d8001910b3df9d66045e7bc3251226a3bbd02a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"cc2f5caa9ea6bd869eabebe15472439c"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8148540bbfdd4d7c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 2 KB
1 KB 141ms
141ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60c1191065b7290ac63516c5/1f7p4jprv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2971fed2be2f47a0d7d0e48e0e0937690a7ae2afe740e452ded692a4eef189

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"950ed0d9394df6df8ab8e30ac9b0cdcc"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8148540bbfe04d7c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 151 B
206 B 132ms
132ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60c1191065b7290ac63516c5/1f7p4jprv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefit-flow.com/
Origin: https://benefit-flow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8148540bbfe24d7c-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 identify Show response
api.stonly.com/api/v1/targeting/ 38 B
451 B 52ms
20ms XHR
application/json 15.188.19.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/targeting/identify

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-59963eafa9da84cec6a9.stonly.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.19.202 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-19-202.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

timestamp: 1697040155478
Referer: https://benefit-flow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=2592000;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
etag: W/"26-NFKChCaGCPgLuaMJn62pKH75t6U"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://benefit-flow.com
cache-control: no-cache
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H2 204 identify
api.stonly.com/api/v1/targeting/ Frame 0
0 68ms
17ms Preflight 15.188.19.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/targeting/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.19.202 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-19-202.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,timestamp
Access-Control-Request-Method: POST
Origin: https://benefit-flow.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,timestamp
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://benefit-flow.com
cache-control: no-cache
date: Wed, 11 Oct 2023 16:02:35 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000;
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 integration
api.stonly.com/api/v2/widget/ Frame 0
0 16ms
16ms Preflight 15.188.19.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v2/widget/integration?widgetId=ff6c1e34-8073-11ec-82f1-064cee365e5a&stonlyAnonymousId=67e1f841-427d-4186-8f73-430c4a19fbe9&url=https%3A%2F%2Fbenefit-flow.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.19.202 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-19-202.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: timestamp
Access-Control-Request-Method: GET
Origin: https://benefit-flow.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: timestamp
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://benefit-flow.com
cache-control: no-cache
date: Wed, 11 Oct 2023 16:02:35 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000;
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 integration Show response
api.stonly.com/api/v2/widget/ 475 B
774 B 18ms
18ms XHR
application/json 15.188.19.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v2/widget/integration?widgetId=ff6c1e34-8073-11ec-82f1-064cee365e5a&stonlyAnonymousId=67e1f841-427d-4186-8f73-430c4a19fbe9&url=https%3A%2F%2Fbenefit-flow.com%2F

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-59963eafa9da84cec6a9.stonly.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.19.202 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-19-202.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

a0faab2fa2cc5359b091740e8dc35ddbd8afda64c7435fada7a8adc48c4c10f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

timestamp: 1697040155613
Referer: https://benefit-flow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:35 GMT
strict-transport-security: max-age=2592000;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
etag: W/"1db-xP2INcSXFe0XM/iqihC59jOSJLA"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://benefit-flow.com
cache-control: no-cache
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 641ms
641ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=60c1191065b7290ac63516c5&widgetId=1f7p4jprv&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2e2f346292b498c0c2c4ea11e94b62aef7c0edf87fe2630652c3b79ae4ef674

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:36 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-tvzg
server: cloudflare
etag: W/"2-17-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8148540e4b574d7c-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 400 start Show response
va.tawk.to/v1/session/ 64 B
355 B 276ms
262ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe384d6150fae0d1a52854c9a928969917ca8f715d6eb6045506292d0d017b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefit-flow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 11 Oct 2023 16:02:36 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://benefit-flow.com
access-control-allow-credentials: true
cf-ray: 814854105ed69ba6-FRA
access-control-allow-headers: content-type,x-tawk-token
content-length: 64
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-b4kx

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 314ms
314ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://benefit-flow.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://benefit-flow.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8148540e4b694d7c-FRA
date: Wed, 11 Oct 2023 16:02:36 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-hx6q

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/languages/ 16 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit-flow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:36 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2275362
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:52 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81485412493d9ba6-FRA

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benefit-flow.com/	1970-01-21 00:51:57	Name: _hp2_id.1717383574 Value: %7B%22userId%22%3A%2237182618333109%22%2C%22pageviewId%22%3A%226647286446017346%22%2C%22sessionId%22%3A%224403965005353722%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.benefit-flow.com/	1970-01-20 17:33:36	Name: _gcl_au Value: 1.1.504482658.1697040155
.benefit-flow.com/	1970-01-21 01:00:00	Name: _ga Value: GA1.1.2126576931.1697040155
.benefit-flow.com/	1970-01-21 01:00:00	Name: _ga_V5BB8HD5X4 Value: GS1.1.1697040155.1.0.1697040155.0.0.0
.benefit-flow.com/	1970-01-20 15:24:01	Name: _hp2_ses_props.1717383574 Value: %7B%22ts%22%3A1697040155065%2C%22d%22%3A%22benefit-flow.com%22%2C%22h%22%3A%22%2F%22%7D
.api.stonly.com/	1969-12-31 23:59:59	Name: _csrf Value: 6px5FD8IKV5IMELY-WlFxOET
benefit-flow.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: YOpu-WoMbBL0tB0MSnzTL
benefit-flow.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://va.tawk.to/v1/session/start Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stonly.com
benefit-flow.com
cdn.heapanalytics.com
chimpstatic.com
embed.tawk.to
fast.appcues.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
rec.smartlook.com
region1.google-analytics.com
s.stonly.com
stonly.com
va.tawk.to
www.googletagmanager.com
15.188.19.202
18.173.233.98
2001:4860:4802:32::36
23.208.149.253
2600:9000:224a:de00:7:5459:42c0:93a1
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2a00:1450:4001:809::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
2a02:6ea0:c700::17
2a04:4e42::622
35.180.145.57
52.222.236.125
54.208.80.245
1074165b8f28dc80ad82a7ccb527d38b7879d779bd39afbfc2a92bb4c58225ad
1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
167fd1a5bc484235f6ce39554c5dd1865b0b80d0181ab5d5362c4e2ee3157948
1c42467c33203f462afaf733e6c7c85ce2cd0b9f7257b99e8fb938faa58c262d
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
48cc8d2ef0df82a4de8c32f7548dfd95ea6a56e791833c56a37dfbe840f8b3df
5ef1c0033184fc3d9927468f3e3fcf00bdef6607fef645c9d4d80e0cd6c17ee0
60ba7da2b56c9fb54ef7f0de4f1ec2cc03fb732692f5f58cf89d9176673cc9a2
6784d723f58925e212334d2557535c8c09fca841e92beceb7fde2c7ffe305e05
680745eee08630cc5d6e04e523902dc4b90c4f03dc03440f2794042a40ef57a6
6bf0b886f14891a6ec07d322febc96621e764e5cb9dd6c4d99e0a2a015b9429e
6deab4ef2c91e0e4fef74943eae7dac85c5daffa29a03233388b854b4b6c117d
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
8585e6a4bc1cdbfe50b12d8a294a8e95a0dce4c92761adebc3026e7921493489
8874607d1dbd47f8c772a4abc3cf0549cd904aba60812901cc349c921d7fcf57
8aaf23ac2ee9b3ef1b61c2390b3e6e02c0aa6a409d591c7fd7f3d4d7cf51e00b
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
97ff627efe96ef598a8bc4eeb98f24b498ca3731799bb364901b8ba586d09d86
99a1ff8f4784e07f81c3aa41500c6dd07a40449197128922f87e2a28ba5006e8
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe
a0faab2fa2cc5359b091740e8dc35ddbd8afda64c7435fada7a8adc48c4c10f3
a1b5dd889ed08b151702eb0c762bea0467f55112daeb67d6100a0f4f8f1d23de
a2b5298695dd08a5ac6f7df92d8001910b3df9d66045e7bc3251226a3bbd02a7
a61d01ca4ef236b573916ce551c0d58fcc48fcb6695c42f81b74b1d74141cf32
a93dc92a549d63421fb0aabfbef5119b3eaa234b5321fd6b3d2572c2f1a59ae6
adbb50296ad10127f0a60ae58ef77531503a81a99f7e9ec9aa49b3a6e237ea0a
b6757e3f9e7ba34713c364412fce53d4234787266db0627ff420b3494b6a61fa
baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bddf6b5ba3045d38ce3b66f56e6b5eae4c9252db84a54b2cbb3ddce7e300bf9d
bf2971fed2be2f47a0d7d0e48e0e0937690a7ae2afe740e452ded692a4eef189
c62370c1f168c29ef078fe65730f0c85dc2ea3f12187b4e9896a0598aacd92b6
d205ccc89d7d3e98b71ae432559d9129b4b56c7fed28abba95102a224ca0df76
d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe
d846d74b37f0875f25ae30dc939ad29835dd1e83f7da056efe53e2fc90737a14
e2e2f346292b498c0c2c4ea11e94b62aef7c0edf87fe2630652c3b79ae4ef674
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f18f9719a5807a787fa6a17a25b293617a450ead3dea36747bc01c0b6824ac
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
eeec46530340c420257c12e2e5725b5d34f54ab34fb1936b4ec6abe884c273f4
f7895e72477e80b1defa6a8e6194d32314c840c3b2f6a6ef97f50c239832145c
fd4d877962150c285218f9e791a87971e43a76a226d7f11358ecfeeb5c93a23c
fe384d6150fae0d1a52854c9a928969917ca8f715d6eb6045506292d0d017b39

benefit-flow.com Open in urlscan Pro 2600:9000:224a:de00:7:5459:42c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

60 %IPv6

11 Domains

15 Subdomains

15 IPs

3 Countries

3313 kBTransfer

6938 kBSize

8 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

benefit-flow.com Open in urlscan Pro
2600:9000:224a:de00:7:5459:42c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

3313 kB
Transfer

6938 kB
Size

8
Cookies

48 HTTP transactions
0 data transactions