urlscan.io logo urlscan.io
SecurityTrails logo

www.mybenefitscenter.com Open in urlscan Pro
45.60.13.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.mybenefitscenter.com/
Effective URL: https://www.mybenefitscenter.com/
Submission: On December 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 41 HTTP transactions. The main IP is 45.60.13.91, located in United States and belongs to INCAPSULA, US. The main domain is www.mybenefitscenter.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on December 5th 2022. Valid for: a year.
This is the only time www.mybenefitscenter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 45.60.13.91 19551 (INCAPSULA)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 151.101.194.217 54113 (FASTLY)
4 54.88.39.88 14618 (AMAZON-AES)
2 52.167.107.69 8075 (MICROSOFT...)
1 13.248.151.210 16509 (AMAZON-02)
41 9
17    45.60.13.91 (United States)

ASN19551 (INCAPSULA, US)
www.mybenefitscenter.com
5    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
img.youtube.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
4    54.88.39.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-39-88.compute-1.amazonaws.com
events.launchdarkly.com
2    52.167.107.69 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eastus2-3.in.applicationinsights.azure.com
1    13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com
Apex Domain
Subdomains		 Transfer
17 mybenefitscenter.com
www.mybenefitscenter.com
661 KB
9 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 702
events.launchdarkly.com — Cisco Umbrella Rank: 479
clientstream.launchdarkly.com — Cisco Umbrella Rank: 548
1 KB
5 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 371
fonts.googleapis.com — Cisco Umbrella Rank: 37
208 KB
5 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
img.youtube.com — Cisco Umbrella Rank: 3287
85 KB
4 gstatic.com
fonts.gstatic.com
74 KB
2 azure.com
eastus2-3.in.applicationinsights.azure.com — Cisco Umbrella Rank: 30818
233 B
41 6
Domain Requested by
17 www.mybenefitscenter.com 1 redirects www.mybenefitscenter.com
4 events.launchdarkly.com www.mybenefitscenter.com
4 app.launchdarkly.com www.mybenefitscenter.com
4 fonts.gstatic.com fonts.googleapis.com
4 maps.googleapis.com www.mybenefitscenter.com
maps.googleapis.com
3 img.youtube.com
2 eastus2-3.in.applicationinsights.azure.com www.mybenefitscenter.com
2 www.youtube.com www.mybenefitscenter.com
www.youtube.com
1 clientstream.launchdarkly.com
1 fonts.googleapis.com client
41 10

This site contains links to these domains. Also see Links.

Domain
www.incomm.com
apps.apple.com
play.google.com
Subject Issuer Validity Valid
mybenefitscenter.com
Entrust Certification Authority - L1M		 2022-12-05 -
2023-12-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
events.launchdarkly.com
Amazon		 2022-08-19 -
2023-09-16		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 06		 2022-12-03 -
2023-11-28		 a year crt.sh
clientstream.launchdarkly.com
Amazon		 2022-09-09 -
2023-10-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.mybenefitscenter.com/
Frame ID: 3238AD6C8BBFB732DEA7926BE46B6391
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Benefits Center

Page URL History Show full URLs

  1. http://www.mybenefitscenter.com/ HTTP 301
    https://www.mybenefitscenter.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

41
Requests

100 %
HTTPS

44 %
IPv6

6
Domains

10
Subdomains

9
IPs

2
Countries

1030 kB
Transfer

3291 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mybenefitscenter.com/ HTTP 301
    https://www.mybenefitscenter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mybenefitscenter.com/
Redirect Chain
  • http://www.mybenefitscenter.com/
  • https://www.mybenefitscenter.com/
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mybenefitscenter.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
afc9badfe11e40b4162d94ec32f70e34ce4e6da5d4f16b98b7d1100e2bf6e5ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Transfer-Encoding
chunked
X-CDN
Imperva
X-Iinfo
18-532704839-532704850 NNYN CT(120 159 0) RT(1670937308388 31) q(0 0 3 4) r(4 4) U12
accept-ranges
bytes
content-type
text/html
date
Tue, 13 Dec 2022 13:15:08 GMT
etag
"6390e5f1-1161"
last-modified
Wed, 07 Dec 2022 19:13:53 GMT
server
istio-envoy
x-envoy-upstream-service-time
2

Redirect headers

Connection
close
Content-Length
0
Location
https://www.mybenefitscenter.com/
runtime.2b614507c092b9c4.js
www.mybenefitscenter.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mybenefitscenter.com/runtime.2b614507c092b9c4.js
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9da7c9b8a233dd5b979988961e4d545709c0ec4605e7f834c0eb6a18a28624f6

Request headers

Referer
https://www.mybenefitscenter.com/
Origin
https://www.mybenefitscenter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 13:15:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 19:13:49 GMT
X-CDN
Imperva
Etag
"6390e5ed-d1b"
Content-Type
application/javascript
X-Iinfo
18-532704839-532702104 2VNN RT(1670937308388 494) q(0 0 0 -1) r(4 4) U18
Cache-Control
max-age=1, public
Content-Length
1858
Expires
Tue, 13 Dec 2022 13:15:10 GMT
polyfills.3256f15eaf936c6a.js
www.mybenefitscenter.com/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mybenefitscenter.com/polyfills.3256f15eaf936c6a.js
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
bf01c7554884a07989c44346fbc1ee9cc17fb18512673105b2d5a31d06f8b711

Request headers

Referer
https://www.mybenefitscenter.com/
Origin
https://www.mybenefitscenter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 13:15:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 19:13:49 GMT
X-CDN
Imperva
Etag
"6390e5ed-86fe"
Content-Type
application/javascript
X-Iinfo
12-103311723-103310113 2VNN RT(1670937308896 18) q(0 0 0 -1) r(4 4) U18
Cache-Control
max-age=1, public
Content-Length
12254
Expires
Tue, 13 Dec 2022 13:15:10 GMT
main.6e7d344fe5925ad3.js
www.mybenefitscenter.com/ 		285 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mybenefitscenter.com/main.6e7d344fe5925ad3.js
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8a7d1ddd674a3454b77f0196c5b2d09addf00ba85e55bdd2ad5a49c02244fbe9

Request headers

Referer
https://www.mybenefitscenter.com/
Origin
https://www.mybenefitscenter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 13:15:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 19:13:49 GMT
X-CDN
Imperva
Etag
"6390e5ed-474c0"
Content-Type
application/javascript
X-Iinfo
2-2523514-2523253 2VNN RT(1670937308896 18) q(0 0 0 -1) r(4 4) U18
Cache-Control
max-age=1, public
Content-Length
94264
Expires
Tue, 13 Dec 2022 13:15:10 GMT
iframe_api
www.youtube.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63cbb4d3bd7ad1f3eeaa54b37a2e137be0836466218d3bd4ab2b0ef3eb82fc3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 13 Dec 2022 13:15:09 GMT
js
maps.googleapis.com/maps/api/ 		169 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAkKRGE2dWeegADim93elQ4TL15dCNZqSo&libraries=places&callback
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
55ed1a20bcd7fb11801107b8eba7aedb83ea7196cf4330d3f18a65ec6d858541
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:09 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=20
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56384
x-xss-protection
0
expires
Tue, 13 Dec 2022 13:45:09 GMT
_Incapsula_Resource
www.mybenefitscenter.com/ 		151 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mybenefitscenter.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=307762226
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
60f33293a0da64d443c0f03afab6b4349900ef6fca1829846f482679472f8b7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
X-Robots-Tag
noindex
Content-Length
21633
Content-Type
application/javascript
css2
fonts.googleapis.com/ 		92 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nanum+Gothic&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
994432152136639df5420c9950765cd2586e10c8db4232aaa9d82d20866041f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 13:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 13:09:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 13:15:09 GMT
styles.e27663c0de6543bb.css
www.mybenefitscenter.com/ 		402 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mybenefitscenter.com/styles.e27663c0de6543bb.css
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ae8930fffb6c1224431eabd5a96f66d0b8364d62d13def0e12c3bb0a9bda8ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 13:15:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 19:13:49 GMT
X-CDN
Imperva
Etag
"6390e5ed-647a6"
Content-Type
text/css
X-Iinfo
10-40256917-40255656 2VNN RT(1670937308937 25) q(0 0 0 -1) r(4 4) U18
Cache-Control
max-age=1, public
Content-Length
46281
Expires
Tue, 13 Dec 2022 13:15:09 GMT
www-widgetapi.js
www.youtube.com/s/player/e96685ea/www-widgetapi.vflset/ 		162 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42b1ed60cbdf88e3c800046c8cccb40d31206a5fe16d86d67cf28184d68c3e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54126
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 13 Dec 2023 12:38:29 GMT
PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.119.woff2
fonts.gstatic.com/s/nanumgothic/v21/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nanum+Gothic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0ad896039fdcd68f2b45bd389a8d394b65aa544f434626847c12394ca3e74d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mybenefitscenter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 13:40:06 GMT
x-content-type-options
nosniff
age
84903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12316
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:59:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 13:40:06 GMT
_Incapsula_Resource
www.mybenefitscenter.com/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitscenter.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8706973703002217
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAkKRGE2dWeegADim93elQ4TL15dCNZqSo&libraries=places&callback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mybenefitscenter.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
environment.json
www.mybenefitscenter.com/assets/environments/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mybenefitscenter.com/assets/environments/environment.json
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/polyfills.3256f15eaf936c6a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
050a5ade8d4006050496252ab25638c7c85ea6626544ab89f905f2ee1932866d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:09 GMT
Content-Encoding
gzip
last-modified
Thu, 08 Dec 2022 20:44:50 GMT
server
istio-envoy
X-CDN
Imperva
etag
"63924cc2-71b"
Transfer-Encoding
chunked
content-type
application/json
X-Iinfo
10-40256917-40256938 NNYY CT(119 162 0) RT(1670937308937 494) q(0 0 0 -1) r(1 1) U12
x-envoy-upstream-service-time
2
accept-ranges
bytes
messages.json
www.mybenefitscenter.com/assets/i18n/ 		21 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.mybenefitscenter.com/assets/i18n/messages.json
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/polyfills.3256f15eaf936c6a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
fe8e632b68cf9592a0fa6a64e32dd22007bb9ab4488e9c7fe7b00d3ce62b3132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:09 GMT
Content-Encoding
gzip
last-modified
Wed, 07 Dec 2022 19:13:52 GMT
server
istio-envoy
X-CDN
Imperva
etag
"6390e5f0-520b"
Transfer-Encoding
chunked
content-type
application/json
X-Iinfo
2-2523514-2523516 NNYY CT(120 161 0) RT(1670937308896 536) q(0 0 0 -1) r(1 1) U12
x-envoy-upstream-service-time
4
accept-ranges
bytes
264.18b6db79a918842d.js
www.mybenefitscenter.com/ 		1 MB
315 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mybenefitscenter.com/264.18b6db79a918842d.js
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/runtime.2b614507c092b9c4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b61ba9507057aa7306d83937013abd81bac7ab185894677c3dd21d807452baa4

Request headers

Referer
https://www.mybenefitscenter.com/
Origin
https://www.mybenefitscenter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 13:15:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 19:13:49 GMT
X-CDN
Imperva
Etag
"6390e5ed-13d4cd"
Content-Type
application/javascript
X-Iinfo
2-2523514-2523253 2VNN RT(1670937308896 822) q(0 0 0 -1) r(1 1) U18
Cache-Control
max-age=1, public
Content-Length
321943
Expires
Tue, 13 Dec 2022 13:15:10 GMT
637c1393fa5bd9117069643e
app.launchdarkly.com/sdk/goals/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/637c1393fa5bd9117069643e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://www.mybenefitscenter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Tue, 13 Dec 2022 13:15:10 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-hhn-etou8220086-HHN
x-timer
S1670937310.242911,VS0,VE2
637c1393fa5bd9117069643e
events.launchdarkly.com/events/diagnostic/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/637c1393fa5bd9117069643e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.39.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-39-88.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://www.mybenefitscenter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Tue, 13 Dec 2022 13:15:10 GMT
strict-transport-security
max-age=31536000
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjJiYWRkZjkwLTdhZTgtMTFlZC1iODc5LWU3ZTAyYWJjZDZhMSJ9
app.launchdarkly.com/sdk/evalx/637c1393fa5bd9117069643e/users/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/637c1393fa5bd9117069643e/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjJiYWRkZjkwLTdhZTgtMTFlZC1iODc5LWU3ZTAyYWJjZDZhMSJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://www.mybenefitscenter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Tue, 13 Dec 2022 13:15:10 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-hhn-etou8220086-HHN
x-timer
S1670937310.242882,VS0,VE2
637c1393fa5bd9117069643e
app.launchdarkly.com/sdk/goals/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/637c1393fa5bd9117069643e
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/polyfills.3256f15eaf936c6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mybenefitscenter.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 13:15:10 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-hhn-etou8220086-HHN
x-timer
S1670937310.271133,VS0,VE1
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
1
637c1393fa5bd9117069643e
events.launchdarkly.com/events/diagnostic/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/637c1393fa5bd9117069643e
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/polyfills.3256f15eaf936c6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.39.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-39-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mybenefitscenter.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 13:15:10 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjJiYWRkZjkwLTdhZTgtMTFlZC1iODc5LWU3ZTAyYWJjZDZhMSJ9
app.launchdarkly.com/sdk/evalx/637c1393fa5bd9117069643e/users/ 		770 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/637c1393fa5bd9117069643e/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjJiYWRkZjkwLTdhZTgtMTFlZC1iODc5LWU3ZTAyYWJjZDZhMSJ9
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/polyfills.3256f15eaf936c6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7af162570c9f3289683aad19cbf883a6a45485e5ae6d5001546de459c3c3423a

Request headers

Referer
https://www.mybenefitscenter.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:10 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
192
x-served-by
cache-hhn-etou8220053-HHN, cache-hhn-etou8220086-HHN
x-timer
S1670937310.271141,VS0,VE14
etag
"49dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
track
eastus2-3.in.applicationinsights.azure.com//v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eastus2-3.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.107.69 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mybenefitscenter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Tue, 13 Dec 2022 13:15:10 GMT
x-content-type-options
nosniff
track
eastus2-3.in.applicationinsights.azure.com//v2/ 		49 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eastus2-3.in.applicationinsights.azure.com//v2/track
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/polyfills.3256f15eaf936c6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.107.69 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2d4e6fc4cc086cf99949cb1d9c45ece2336d1a1b457fe7eb3136377bdf285aa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mybenefitscenter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
B0D42337-81A4-47E4-8B0D-27016C2A0EFA
strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 13:15:10 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
49
ih-logo.svg
www.mybenefitscenter.com/assets/ 		12 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitscenter.com/assets/ih-logo.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4609dcb9dd7908aa5e8f13b91facf5119eb382ad09ecddaf62916e8feffddcf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:10 GMT
Content-Encoding
gzip
last-modified
Wed, 07 Dec 2022 19:13:52 GMT
server
istio-envoy
X-CDN
Imperva
etag
"6390e5f0-3154"
Transfer-Encoding
chunked
content-type
image/svg+xml
X-Iinfo
2-2523514-2523516 SNYy RT(1670937308896 1316) q(0 0 0 -1) r(1 1) U18
x-envoy-upstream-service-time
2
accept-ranges
bytes
otc-logo.svg
www.mybenefitscenter.com/assets/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitscenter.com/assets/otc-logo.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
271ada42674ff76fdda3c5f39d3a70ac0ad24308a881cba7bbc385e72b008aff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:10 GMT
Content-Encoding
gzip
last-modified
Wed, 07 Dec 2022 19:13:52 GMT
server
istio-envoy
X-CDN
Imperva
etag
"6390e5f0-1635"
Transfer-Encoding
chunked
content-type
image/svg+xml
X-Iinfo
10-40256917-40256938 SNYy RT(1670937308937 1276) q(0 0 0 -1) r(1 1) U18
x-envoy-upstream-service-time
2
accept-ranges
bytes
ios.svg
www.mybenefitscenter.com/assets/ 		12 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitscenter.com/assets/ios.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
35fb99e7e85a40d2e48ab4df6449b1c2cdafaca8cb78933a36e0eef632abace7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:10 GMT
Content-Encoding
gzip
last-modified
Wed, 07 Dec 2022 19:13:52 GMT
server
istio-envoy
X-CDN
Imperva
etag
"6390e5f0-31d3"
Transfer-Encoding
chunked
content-type
image/svg+xml
X-Iinfo
12-103311723-103312009 NNYY CT(119 151 0) RT(1670937308896 1317) q(0 0 0 -1) r(1 1) U18
x-envoy-upstream-service-time
2
accept-ranges
bytes
android.svg
www.mybenefitscenter.com/assets/ 		15 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitscenter.com/assets/android.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
fec0f7d049ececdef373da831759a3566a4a902b4ce07f6b3184f93e09aa65ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:10 GMT
Content-Encoding
gzip
last-modified
Wed, 07 Dec 2022 19:13:52 GMT
server
istio-envoy
X-CDN
Imperva
etag
"6390e5f0-3c07"
Transfer-Encoding
chunked
content-type
image/svg+xml
X-Iinfo
18-532704839-532704850 SNYN RT(1670937308388 1825) q(0 0 0 -1) r(1 1) U18
x-envoy-upstream-service-time
1
accept-ranges
bytes
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjJiYWRkZjkwLTdhZTgtMTFlZC1iODc5LWU3ZTAyYWJjZDZhMSJ9
clientstream.launchdarkly.com/eval/637c1393fa5bd9117069643e/ 		791 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/637c1393fa5bd9117069643e/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjJiYWRkZjkwLTdhZTgtMTFlZC1iODc5LWU3ZTAyYWJjZDZhMSJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.151.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.mybenefitscenter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:15:10 GMT
strict-transport-security
max-age=31536000
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.118.woff2
fonts.gstatic.com/s/nanumgothic/v21/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nanum+Gothic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
039f951d6366b6be3ffa909bea03c904182cfed9877855f1889fa7faac2138eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mybenefitscenter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 08:49:24 GMT
x-content-type-options
nosniff
age
15946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18568
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:59:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 08:49:24 GMT
PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.117.woff2
fonts.gstatic.com/s/nanumgothic/v21/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nanum+Gothic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e23820b7baadc6764496b12fc21e97b92381dc807645e87d58dfd241bea4e70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mybenefitscenter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:08:16 GMT
x-content-type-options
nosniff
age
68814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20536
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:00:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 18:08:16 GMT
PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.115.woff2
fonts.gstatic.com/s/nanumgothic/v21/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nanumgothic/v21/PN_3Rfi-oW3hYwmKDpxS7F_z-7rJxHVIsPV5MbNO2rV2_va-Nv6p.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nanum+Gothic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df6b900734a31fe1bd104530daf938c05e4ac8f33e23342b71a235d982346f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mybenefitscenter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:52:51 GMT
x-content-type-options
nosniff
age
498139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23864
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:59:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 18:52:51 GMT
otc-network-logo.PNG
www.mybenefitscenter.com/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitscenter.com/assets/otc-network-logo.PNG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c46ea73cbac65d3376fb061ace2292a0ad7513dda566839acee9fbcaebeeae1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 13:15:10 GMT
Last-Modified
Wed, 07 Dec 2022 19:13:52 GMT
X-CDN
Imperva
Etag
"6390e5f0-154c"
Content-Type
image/png
X-Iinfo
10-40256918-40256630 2VNN RT(1670937308937 1300) q(0 0 0 -1) r(1 1) U18
Cache-Control
max-age=1, public
Content-Length
3679
Expires
Tue, 13 Dec 2022 13:15:11 GMT
hqdefault.jpg
img.youtube.com/vi/41NQJFsPwAc/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/41NQJFsPwAc/hqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0374496f15570d4dc7228ebf9e46ce8c5a1a8606b840a4fc816015d0e569f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:02:12 GMT
x-content-type-options
nosniff
age
778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11600
x-xss-protection
0
server
sffe
etag
"1596491253"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 13 Dec 2022 15:02:12 GMT
hqdefault.jpg
img.youtube.com/vi/_ErNXzCG8rE/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/_ErNXzCG8rE/hqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb220fb53b301e71d7e3e32d601ba31a447b65edbf4780f4fc67ee4370bafaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:02:12 GMT
x-content-type-options
nosniff
age
778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9761
x-xss-protection
0
server
sffe
etag
"1596490446"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 13 Dec 2022 15:02:12 GMT
hqdefault.jpg
img.youtube.com/vi/OIr-TWBQEYs/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/OIr-TWBQEYs/hqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e193936a64d1f24d23ec8564d5bb18d19c134f42e1df96d6c574e3b105d567f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:02:12 GMT
x-content-type-options
nosniff
age
778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9314
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 13 Dec 2022 15:02:12 GMT
landing-page.16413a22e3228a3f.jpg
www.mybenefitscenter.com/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mybenefitscenter.com/landing-page.16413a22e3228a3f.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
50b42a567b58ac051bf7d3fa6e5e4c03c392bc1629a5f27e9cbd44c674e52438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 13:15:09 GMT
Last-Modified
Wed, 07 Dec 2022 19:13:49 GMT
X-CDN
Imperva
Etag
"6390e5ed-1fd32"
Content-Type
image/jpeg
X-Iinfo
13-150046289-150044997 2VNN RT(1670937310255 25) q(0 0 0 -1) r(2 2) U18
Cache-Control
max-age=1, public
Content-Length
130354
Expires
Tue, 13 Dec 2022 13:15:10 GMT
637c1393fa5bd9117069643e
events.launchdarkly.com/events/bulk/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/637c1393fa5bd9117069643e
Requested by
Host: www.mybenefitscenter.com
URL: https://www.mybenefitscenter.com/polyfills.3256f15eaf936c6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.39.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-39-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mybenefitscenter.com/
X-LaunchDarkly-Payload-ID
2cdebe70-7ae8-11ed-b879-e7e02abcd6a1
X-LaunchDarkly-Event-Schema
3
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 13:15:12 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
637c1393fa5bd9117069643e
events.launchdarkly.com/events/bulk/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/637c1393fa5bd9117069643e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.39.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-39-88.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://www.mybenefitscenter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Tue, 13 Dec 2022 13:15:12 GMT
strict-transport-security
max-age=31536000
common.js
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/ 		249 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAkKRGE2dWeegADim93elQ4TL15dCNZqSo&libraries=places&callback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1611775cfd08b4513858c3ffb367d9eaa878bbe91fd10a24e839f27d62dfc982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 20:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69805
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 18:55:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 20:12:03 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAkKRGE2dWeegADim93elQ4TL15dCNZqSo&libraries=places&callback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a30fb25d3c0b2ffeb33461e4983758e009b8ee5bf25b20d51436498aec7a26e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mybenefitscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 20:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62770
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 18:55:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 20:12:03 GMT

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableIframeSrcWithIntent object| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView object| webpackChunkih_cardholder_portal function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononYTReadypatched object| Capacitor object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| __zone_symbol__beforeunloadfalse object| __zone_symbol__unloadfalse object| __zone_symbol__pagehidefalse object| __zone_symbol__visibilitychangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__resizefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

7 Cookies

Domain/Path Name / Value
.mybenefitscenter.com/ Name: visid_incap_2862542
Value: ufeUhiVwTN2uA2VutJk7qdx6mGMAAAAAQUIPAAAAAAAOXu36Jb4fMu4XR2sTwI6X
.mybenefitscenter.com/ Name: nlbi_2862542
Value: ukbsFdQwCi1SELwoJxe4WgAAAACYLexLTQ54e5RG5/n6dYwB
.mybenefitscenter.com/ Name: incap_ses_1612_2862542
Value: 8TnFa62ldF1tUXBJnfleFtx6mGMAAAAAl63Q/vb2UnK4QTU9DypmcA==
.youtube.com/ Name: YSC
Value: W7iqPzr02R0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Hl0G-Lpba8k
www.mybenefitscenter.com/ Name: ai_user
Value: m9zCUV05sOszfU8DVRjSC3|2022-12-13T13:15:10.181Z
www.mybenefitscenter.com/ Name: ai_session
Value: n/dwb7g8xnCnTfsE1YSZMr|1670937310278|1670937310278

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
clientstream.launchdarkly.com
eastus2-3.in.applicationinsights.azure.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
img.youtube.com
maps.googleapis.com
www.mybenefitscenter.com
www.youtube.com
13.248.151.210
151.101.194.217
2a00:1450:4001:803::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
45.60.13.91
52.167.107.69
54.88.39.88
039f951d6366b6be3ffa909bea03c904182cfed9877855f1889fa7faac2138eb
050a5ade8d4006050496252ab25638c7c85ea6626544ab89f905f2ee1932866d
1611775cfd08b4513858c3ffb367d9eaa878bbe91fd10a24e839f27d62dfc982
271ada42674ff76fdda3c5f39d3a70ac0ad24308a881cba7bbc385e72b008aff
2d4e6fc4cc086cf99949cb1d9c45ece2336d1a1b457fe7eb3136377bdf285aa2
35fb99e7e85a40d2e48ab4df6449b1c2cdafaca8cb78933a36e0eef632abace7
3e193936a64d1f24d23ec8564d5bb18d19c134f42e1df96d6c574e3b105d567f
42b1ed60cbdf88e3c800046c8cccb40d31206a5fe16d86d67cf28184d68c3e07
4609dcb9dd7908aa5e8f13b91facf5119eb382ad09ecddaf62916e8feffddcf9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50b42a567b58ac051bf7d3fa6e5e4c03c392bc1629a5f27e9cbd44c674e52438
55ed1a20bcd7fb11801107b8eba7aedb83ea7196cf4330d3f18a65ec6d858541
60f33293a0da64d443c0f03afab6b4349900ef6fca1829846f482679472f8b7d
63cbb4d3bd7ad1f3eeaa54b37a2e137be0836466218d3bd4ab2b0ef3eb82fc3b
7af162570c9f3289683aad19cbf883a6a45485e5ae6d5001546de459c3c3423a
8a7d1ddd674a3454b77f0196c5b2d09addf00ba85e55bdd2ad5a49c02244fbe9
994432152136639df5420c9950765cd2586e10c8db4232aaa9d82d20866041f1
9da7c9b8a233dd5b979988961e4d545709c0ec4605e7f834c0eb6a18a28624f6
9e23820b7baadc6764496b12fc21e97b92381dc807645e87d58dfd241bea4e70
a30fb25d3c0b2ffeb33461e4983758e009b8ee5bf25b20d51436498aec7a26e4
ae8930fffb6c1224431eabd5a96f66d0b8364d62d13def0e12c3bb0a9bda8ef5
afc9badfe11e40b4162d94ec32f70e34ce4e6da5d4f16b98b7d1100e2bf6e5ae
b0374496f15570d4dc7228ebf9e46ce8c5a1a8606b840a4fc816015d0e569f61
b0ad896039fdcd68f2b45bd389a8d394b65aa544f434626847c12394ca3e74d2
b61ba9507057aa7306d83937013abd81bac7ab185894677c3dd21d807452baa4
bf01c7554884a07989c44346fbc1ee9cc17fb18512673105b2d5a31d06f8b711
c46ea73cbac65d3376fb061ace2292a0ad7513dda566839acee9fbcaebeeae1a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
df6b900734a31fe1bd104530daf938c05e4ac8f33e23342b71a235d982346f54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb220fb53b301e71d7e3e32d601ba31a447b65edbf4780f4fc67ee4370bafaf7
fe8e632b68cf9592a0fa6a64e32dd22007bb9ab4488e9c7fe7b00d3ce62b3132
fec0f7d049ececdef373da831759a3566a4a902b4ce07f6b3184f93e09aa65ea