urlscan.io logo urlscan.io
SecurityTrails logo

benefitsally.com Open in urlscan Pro
52.7.42.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://benefitsally.com/
Submission: On August 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 27 HTTP transactions. The main IP is 52.7.42.79, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is benefitsally.com.
TLS certificate: Issued by R3 on August 7th 2023. Valid for: 3 months.
This is the only time benefitsally.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.7.42.79 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.139.33 16509 (AMAZON-02)
1 18.66.147.11 16509 (AMAZON-02)
12 3.161.119.26 16509 (AMAZON-02)
1 52.222.139.4 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:220... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 65.9.7.124 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
27 13
2    52.7.42.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-42-79.compute-1.amazonaws.com
benefitsally.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.222.139.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-33.ams50.r.cloudfront.net
c.sproutvideo.com
1    18.66.147.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-11.fra60.r.cloudfront.net
cdn.sproutvideo.com
12    3.161.119.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-26.vie50.r.cloudfront.net
cdn-thumbnails.sproutvideo.com
1    52.222.139.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-4.ams50.r.cloudfront.net
d3nt7egy5kvcte.cloudfront.net
1    2606:4700::6812:f705 (United States)

ASN13335 (CLOUDFLARENET, US)
benefitsally30191.activehosted.com
1    2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:2204:a600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    65.9.7.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-124.fra56.r.cloudfront.net
d226aj4ao1t61q.cloudfront.net
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
14 sproutvideo.com
c.sproutvideo.com — Cisco Umbrella Rank: 204947
cdn.sproutvideo.com
cdn-thumbnails.sproutvideo.com
3 MB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
www.linkedin.com — Cisco Umbrella Rank: 686
px4.ads.linkedin.com — Cisco Umbrella Rank: 6363
5 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
135 KB
2 cloudfront.net
d3nt7egy5kvcte.cloudfront.net
d226aj4ao1t61q.cloudfront.net
4 KB
2 benefitsally.com
benefitsally.com
17 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1154
368 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1072
5 KB
1 activehosted.com
benefitsally30191.activehosted.com
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
989 B
27 10
Domain Requested by
12 cdn-thumbnails.sproutvideo.com benefitsally.com
3 px.ads.linkedin.com 3 redirects
2 www.facebook.com benefitsally.com
2 connect.facebook.net benefitsally.com
connect.facebook.net
2 benefitsally.com benefitsally.com
1 d226aj4ao1t61q.cloudfront.net benefitsally.com
1 px4.ads.linkedin.com benefitsally.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 snap.licdn.com benefitsally.com
1 benefitsally30191.activehosted.com benefitsally.com
1 d3nt7egy5kvcte.cloudfront.net benefitsally.com
1 cdn.sproutvideo.com benefitsally.com
1 c.sproutvideo.com benefitsally.com
1 fonts.googleapis.com benefitsally.com
27 15

This site contains links to these domains. Also see Links.

Domain
calendly.com
form.jotform.com
pages.benefitsally.com
Subject Issuer Validity Valid
benefitsally.com
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sproutvideo.com
Amazon RSA 2048 M02		 2023-06-11 -
2024-07-09		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
activehosted.com
Cloudflare Inc ECC CA-3		 2022-12-07 -
2023-12-06		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-31 -
2023-08-29		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://benefitsally.com/
Frame ID: AE19D3BFAF1C7D92EE0A18A3233A0CFE
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BenefitsAlly Insight

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

27
Requests

96 %
HTTPS

50 %
IPv6

10
Domains

15
Subdomains

13
IPs

2
Countries

3645 kB
Transfer

4101 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D52885%26time%3D1692630455883%26url%3Dhttps%253A%252F%252Fbenefitsally.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI59zELHdqhUAAAAYoYoxihd4br7G3qNyCSny4fkMiJTikk0Om9l-Qo5I2_6-C1Q5XJHTzS

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
benefitsally.com/ 		29 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.7.42.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-42-79.compute-1.amazonaws.com
Software
Caddy /
Resource Hash
17212f4ad0fa4389df68d61b28f295cab4eb78a0ef3b0b49183b2b5b7c1d92d0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; connect-src https: wss:; font-src 'self' https: data:; frame-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: blob:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https:; connect-src https: wss:; font-src 'self' https: data:; frame-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: blob:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Mon, 21 Aug 2023 15:07:35 GMT
etag
W/"17212f4ad0fa4389df68d61b28f295ca"
referrer-policy
no-referrer-when-downgrade
server
Caddy
strict-transport-security
max-age=631138519
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
04846721-6153-4d49-8ea7-9f86cd60415b
x-runtime
0.155432
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700,400
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ed09379db599eeeb498b4a890b797a5d5ca7346d77251edafc219e6d361ad18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 21 Aug 2023 15:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 15:06:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 21 Aug 2023 15:07:35 GMT
player_api.js
c.sproutvideo.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.sproutvideo.com/player_api.js
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-33.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
531b82b5ba4434388c367f6e064edb760d8e650b9c7392baa93913843c494f4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 19:57:37 GMT
content-encoding
gzip
via
1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
AMS50-C1
age
19681799
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Jun 2020 22:20:53 GMT
server
AmazonS3
etag
W/"177296093a63b83cb490c389efac5903"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
ijZ-1jwR12to3UxawpC5eUdm9sXjAuikW84K44PTlWo0QoL47cJvyQ==
styles-1692629613.css
benefitsally.com/ 		62 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefitsally.com/styles-1692629613.css
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.7.42.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-42-79.compute-1.amazonaws.com
Software
Caddy /
Resource Hash
5a15ab6bb4e7ac7198db19730ef28e7619faccd26fa8fe1655e3efde125e891c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; connect-src https: wss:; font-src 'self' https: data:; frame-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: blob:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self' https:; connect-src https: wss:; font-src 'self' https: data:; frame-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: blob:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=631138519
x-permitted-cross-domain-policies
none
date
Mon, 21 Aug 2023 15:07:35 GMT
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
x-request-id
3e2c797a-fcfc-4db4-9b3c-48b6f2b475a8
x-runtime
0.035782
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Aug 2023 14:53:33 GMT
server
Caddy
etag
W/"51c236749e66e17d65294095b505543a"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=0, private, must-revalidate
site_logo_1662097484.png
cdn.sproutvideo.com/2a3296bed64e6d79621466a4dd3f5b74/logos/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sproutvideo.com/2a3296bed64e6d79621466a4dd3f5b74/logos/site_logo_1662097484.png
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-11.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3df7f54fba57dcc27c33b5c6244e0e9f1128912f9c67e56c4a5c62b21541ee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 19:34:32 GMT
Via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 Jul 2023 12:17:43 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
2143984
ETag
"ff50aae55a3343abbb295761aa054f71"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
binary/octet-stream
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19358
X-Amz-Cf-Id
kLaH0zYM_OwzK6vE1GuqRvaZOWiQVnzWhZFY8vqdA-EQw3m02zlPxg==
poster.jpg
cdn-thumbnails.sproutvideo.com/a79fd4be1015e0c12e/065d334948b25748/1692308585/w_1200,h_674,g_faces/ 		345 KB
346 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/a79fd4be1015e0c12e/065d334948b25748/1692308585/w_1200,h_674,g_faces/poster.jpg?v=1692370038
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3c38ff358257c4288c7d078cb607bac2130fc636a44b2add108fbb200398804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:31 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Fri, 18 Aug 2023 14:48:03 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"d31a4619462fb15f95a2e8ae34ba3caa"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
353223
x-amz-cf-id
zOhIwk1QnOF6HBiST-XzI1ObHtpMQez05t3Q9LMXmyALSUSucxLf8w==
poster.jpg
cdn-thumbnails.sproutvideo.com/119fd4be1815e2c598/fb5f078c7c99fbf0/1692142127/w_1200,h_674,g_faces/ 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/119fd4be1815e2c598/fb5f078c7c99fbf0/1692142127/w_1200,h_674,g_faces/poster.jpg?v=1692278267
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
067e26ee55f765e073b9068e7504de20821a48f79251d323443c40a173782a49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:30 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Thu, 17 Aug 2023 13:18:04 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"6a7b5202c435b626c288bd81f76e513b"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
314011
x-amz-cf-id
XFs-U9ht_PPnZ6_grTh5olcqqAPtttSghOYRnOzPIshSorj6TLmirg==
poster.jpg
cdn-thumbnails.sproutvideo.com/d39fd4bf1e1ce4c75a/0b6347840a5fe2fb/1692208333/w_1200,h_674,g_faces/ 		314 KB
315 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/d39fd4bf1e1ce4c75a/0b6347840a5fe2fb/1692208333/w_1200,h_674,g_faces/poster.jpg?v=1692209005
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b092f6c9d0c078e5a53cd099f5b98e75f5419e851525d2ae783f41bd5c110f15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:30 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Wed, 16 Aug 2023 18:05:34 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"e29253b1d0d0eb889be3b2fd207112b5"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
321501
x-amz-cf-id
V719mbSv-3IOIb0K71nd-vrkcz__5exNde94roxCdaHsMFXfDOr_6w==
poster.jpg
cdn-thumbnails.sproutvideo.com/a79fd4bf1a1fe5c52e/79ecd6b25117c375/1691778268/w_1200,h_674,g_faces/ 		314 KB
314 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/a79fd4bf1a1fe5c52e/79ecd6b25117c375/1691778268/w_1200,h_674,g_faces/poster.jpg?v=1692115698
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9cf43ddcd0a52bb182c3fa56ed0bbb3b93f67e8dc45fd51d7dfdb1a9a067d0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:30 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 16:09:34 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"8559ffa490f13132420f46870106653d"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
321237
x-amz-cf-id
FwFZt3Hu-G6IuMRy5zaHj74pkr1tX27oABWyr0hd0Ct0W7A94HZwrg==
poster.jpg
cdn-thumbnails.sproutvideo.com/449fd4bf1b18e0c9cd/ba71bb27f12b7039/1691987560/w_1200,h_674,g_faces/ 		278 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/449fd4bf1b18e0c9cd/ba71bb27f12b7039/1691987560/w_1200,h_674,g_faces/poster.jpg?v=1692106025
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab118ac521517a6109671e4c8eda216b82eef64e39345c9fd1ab07562783e682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:30 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 13:27:35 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"4b70ab504a947543d18b3af87b9335e4"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
284572
x-amz-cf-id
O5Pb257AcvFCll7YKwQ_QtwZpG8lcQUVZ12lbJh90nBM9snehMc-nQ==
poster.jpg
cdn-thumbnails.sproutvideo.com/d39fd4bf1b1befce5a/0a0ef88bc302cbd9/1692084984/w_1200,h_674,g_faces/ 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/d39fd4bf1b1befce5a/0a0ef88bc302cbd9/1692084984/w_1200,h_674,g_faces/poster.jpg?v=1692104468
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0f59c4db9b1003957c091baa20b96bcaa653ef60d844c6293f468b252484758

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:30 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 13:03:13 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"a22640528422d204a11ead2756407f4b"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
263751
x-amz-cf-id
9Pgebc_e-JuzONE6-sD0osv5rJE_qAxnDcTqDhdAF6FF7_A3hzwktw==
poster.jpg
cdn-thumbnails.sproutvideo.com/4d9fd4bd1e1de2c4c4/6aa457cc6e9e9781/1691573540/w_1200,h_674,g_faces/ 		362 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/4d9fd4bd1e1de2c4c4/6aa457cc6e9e9781/1691573540/w_1200,h_674,g_faces/poster.jpg?v=1691573551
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c50e8c0fa65ef7b2e0471bd8a39698e41ad5d1654e37c0881953bc55567adf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:31 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 00:26:08 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"dbf5c4c08662c477589c1476a84ce4e4"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
370329
x-amz-cf-id
flzmouLSs2KNDNeR8dAGMIQmMRXP92rXmhqaIDGA8816JhPcF1zQeQ==
poster.jpg
cdn-thumbnails.sproutvideo.com/799fd4bd1e1ae9ccf0/f15f511f07269aba/1691571913/w_1200,h_674,g_faces/ 		257 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/799fd4bd1e1ae9ccf0/f15f511f07269aba/1691571913/w_1200,h_674,g_faces/poster.jpg?v=1691571923
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04a79739d251532e39929837cb863111906ee87bd0be526ff5b97072c80c5cb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:30 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 21:57:25 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"d892c93f50258563d88aa2d9d20fbb3a"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
263002
x-amz-cf-id
3bOqSTrD_itsCkVAwPzjz_BobYpYj2MPro7ar5hqbk0JuxsbU01FQA==
poster.jpg
cdn-thumbnails.sproutvideo.com/069fd5b41318e6c78f/d9c1e14451b81329/1691434694/w_1200,h_674,g_faces/ 		229 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/069fd5b41318e6c78f/d9c1e14451b81329/1691434694/w_1200,h_674,g_faces/poster.jpg?v=1691434705
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a552e041d878c4d118ac7c38c1692305cbc5a22165493feceacfba3b7ecf9b58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:30 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 20:59:25 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"58354e1c8e5c0a0d22ea1ed3893fef1b"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
234626
x-amz-cf-id
eupYJ822dtrSEPEEJKSwH4ZeoQh7xftPOazkgSeADEWEPLhtsM0F_g==
poster.jpg
cdn-thumbnails.sproutvideo.com/709fd5bb1a1dedc9f9/4d2706c496932e7b/1690929745/w_1200,h_674,g_faces/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/709fd5bb1a1dedc9f9/4d2706c496932e7b/1690929745/w_1200,h_674,g_faces/poster.jpg?v=1690929755
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b646343e1290fdfc8c43581cdb57ddb925ce5ba51fd3bf55b794196f8466ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:31 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Tue, 01 Aug 2023 22:43:12 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"ac9b3fe1b77c876b72469b65f436e9f9"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
180050
x-amz-cf-id
CEdXclb_-kBrx3PJuDcDnWYr3kYwNG5_5DcPuZ-vmA_CSvprfL87pg==
poster.jpg
cdn-thumbnails.sproutvideo.com/d39fd5ba1e1feace5a/8964b68f920b10f6/1690520081/w_1200,h_674,g_faces/ 		300 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/d39fd5ba1e1feace5a/8964b68f920b10f6/1690520081/w_1200,h_674,g_faces/poster.jpg?v=1690520091
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1461d59b7a2a2a109e4ca717e10ace4a07f06ea26d68bad62aca064aad68202a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:31 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jul 2023 13:43:37 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"0184ffe2d04a107f065eb94e092dcb29"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
307500
x-amz-cf-id
7e-opXnIDk0qRaIju-geeq_u3ALchXL3hoHAMMc_TUlmmgFqSstWcA==
poster.jpg
cdn-thumbnails.sproutvideo.com/069fd5b8171decc08f/fea9ff6195a39d9c/1690082869/w_1200,h_674,g_faces/ 		305 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-thumbnails.sproutvideo.com/069fd5b8171decc08f/fea9ff6195a39d9c/1690082869/w_1200,h_674,g_faces/poster.jpg?v=1690082880
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-26.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d0c861ad4421d16678b580317a9650cacf4d4e230063f738d68a3cbaa7a0d0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:38:30 GMT
via
1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
last-modified
Mon, 24 Jul 2023 14:26:30 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
178145
etag
"9180c2bca1d4acc9dab481dafaae40a2"
x-cache
Hit from cloudfront
content-type
image/avif
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, public
content-length
311937
x-amz-cf-id
wjeDXZuEJ1QAn2pd362OWxko0qlRnrse_h3MSCMSa3qSCd7tXcxi9A==
salvattore.min.js
d3nt7egy5kvcte.cloudfront.net/js/salvattore/1.0.7/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3nt7egy5kvcte.cloudfront.net/js/salvattore/1.0.7/salvattore.min.js
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-4.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e61d82df3151c90cf2b849fa33fedd5cf5b0c83bd5e9dbb005df0bb48803c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 03:20:00 GMT
content-encoding
br
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
AMS50-C1
age
2375256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 14 Apr 2016 04:51:01 GMT
server
AmazonS3
etag
W/"f9498bda76c600fe7a10a4504533d7b5"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=2592000
x-amz-cf-id
Ne24PC0JQ6l6PtBzthDQFBlqJP4b_1j-gH7BpG1iottKPVsrUlY-Ug==
embed.php
benefitsally30191.activehosted.com/f/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitsally30191.activehosted.com/f/embed.php?id=7
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc70223a18302b34e0659ecb413a361b684f6ca9a098d6cd4e1d890c87f0972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 15:07:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Sun, 20 Aug 2023 17:04:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=14400
cf-ray
7fa3c95c68989183-FRA
x-request-id
3a052834d0cbbf6f85e88aa86d47c867
expires
Mon, 21 Aug 2023 19:07:35 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 09:07:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=12581
accept-ranges
bytes
content-length
4862
fbevents.js
connect.facebook.net/en_US/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 21 Aug 2023 15:07:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
Phjl3kmuSJO2dtmv++YEZyZxkgjuS3qpkR8HhavNHc7N8ZHN0qOUqQQbd5aGZEitcs/ZCHxIlp2RUEUvrCmm9Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/52885/domain/benefitsally.com/ 		36 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/52885/domain/benefitsally.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:a600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://benefitsally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:07:36 GMT
content-encoding
gzip
via
1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
NYuiVtdbtTef2vYqnpPy-AHSo2wqhYcOO192IbagzmUYNLo5rIiepg==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D52885%26time%3D1692630455883%26url%3Dhttps%253A%252F%252Fbenefitsally.com%252F%26...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI59zELHdqhUAAAAYoYoxihd4br7G3qNyCSny4fkMiJTi...
0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI59zELHdqhUAAAAYoYoxihd4br7G3qNyCSny4fkMiJTikk0Om9l-Qo5I2_6-C1Q5XJHTzS
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:07:36 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E7FCE1CB863E4191B5EA1586B68CAE07 Ref B: DUS30EDGE0722 Ref C: 2023-08-21T15:07:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDcD0bqWyuB/ISIoSvTw==

Redirect headers

date
Mon, 21 Aug 2023 15:07:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 007480BEA8F84377BF6E19F9A46038FD Ref B: FRAEDGE1710 Ref C: 2023-08-21T15:07:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=52885&time=1692630455883&url=https%3A%2F%2Fbenefitsally.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI59zELHdqhUAAAAYoYoxihd4br7G3qNyCSny4fkMiJTikk0Om9l-Qo5I2_6-C1Q5XJHTzS
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDcD0YFKKR1yf7owN9Cg==
587672715775255
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/587672715775255?v=2.9.124&r=stable&domain=benefitsally.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4949b617ee6a4291c4c89e893667877530681228c997d3b0f285e5f3c0a23ba6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 21 Aug 2023 15:07:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
LQHD4u4dFCaPAcZ3kzkYCjZtKL6OdShnBwIBznlTZOTizCdjfLSF9Wo2OGFD1Glx9KXu1BP16Ii0b/e3Nn8/Ig==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
esfkyjh1u_forms-close-dark.png
d226aj4ao1t61q.cloudfront.net/ 		279 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d226aj4ao1t61q.cloudfront.net/esfkyjh1u_forms-close-dark.png
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd20efc49bfde5fff826e14300aed58164d547624d930318be9fe1760e3a04d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 14:49:45 GMT
Via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Sep 2021 18:09:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
Age
1072
ETag
"9e42ddc260e85f99499fa6f1e3dbc4c0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
279
X-Amz-Cf-Id
Hx3G-JIMH_FuK8_6uIwLxixSPrppgmnQxl8xyp0Y5ZTXcDT6oW5ImA==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=587672715775255&ev=PageView&dl=https%3A%2F%2Fbenefitsally.com%2F&rl=&if=false&ts=1692630456166&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692630456165.1872629718&it=1692630455975&coo=false&rqm=GET
Requested by
Host: benefitsally.com
URL: https://benefitsally.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 21 Aug 2023 15:07:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=587672715775255&ev=Microdata&dl=https%3A%2F%2Fbenefitsally.com%2F&rl=&if=false&ts=1692630457669&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BenefitsAlly%20Insight%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692630456165.1872629718&it=1692630455975&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://benefitsally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 21 Aug 2023 15:07:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| doc object| SV object| salvattore string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| fbq function| _fbq boolean| _already_called_lintrk object| cfields function| _show_thank_you function| _show_error function| _load_script function| addMenuItem

11 Cookies

Domain/Path Name / Value
benefitsally.com/ Name: _sproutvideo_session
Value: 18198853fbc36beb8f80e8f7e2b8c029
.activehosted.com/ Name: __cf_bm
Value: 7YcFNrzyw.dxKsM5QNB46KupDpj9pzMGJhmvS5V33J4-1692630455-0-AWqImjGmU0SYpz5TPw73QvsZFJ95GSDP4wLaYrahubUkJviaIb21NTejiIpDKcmzcaMpPimfph1xlxOGKKAS6PI=
.linkedin.com/ Name: li_sugr
Value: af76b615-7f18-4398-b425-4058209cea53
.linkedin.com/ Name: bcookie
Value: "v=2&76efd138-672f-4eb1-8398-45436346a00b"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2636:u=1:x=1:i=1692630456:t=1692716856:v=2:sig=AQHaZxNLb3--eQHyOrIJFk0wecI_31IF"
benefitsally.com/ Name: ln_or
Value: eyI1Mjg4NSI6ImQifQ%3D%3D
.benefitsally.com/ Name: _fbp
Value: fb.1.1692630456165.1872629718
.linkedin.com/ Name: UserMatchHistory
Value: AQKFKrxJq-mc9QAAAYoYoxd60o7_C00hRv4pSzO3WLLXTyZvzD4weGUpyna_WjrDk9djKYSWZ5OCPQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIbp_vfH1JbYwAAAYoYoxd6jI7d3OORWzlyDjgfuexlJpmgYPferamAQ4gXYmeUB_eCEd5VdFOt-US6fRHCag
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230821150736b8018d5a-ee44-4c11-86bd-27383d11f766AQHJyPq9UrTSUX2b8JCl0trvmX7dgYZ-"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTI2MzA0NTY7MjswMjFeef49OG62kv1oygRedxmY2c6NYz7q7lOT/Ndqez5NzQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https:; connect-src https: wss:; font-src 'self' https: data:; frame-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: blob:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

benefitsally.com
benefitsally30191.activehosted.com
c.sproutvideo.com
cdn-thumbnails.sproutvideo.com
cdn.linkedin.oribi.io
cdn.sproutvideo.com
connect.facebook.net
d226aj4ao1t61q.cloudfront.net
d3nt7egy5kvcte.cloudfront.net
fonts.googleapis.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
www.facebook.com
www.linkedin.com
13.107.42.14
18.66.147.11
2600:9000:2204:a600:2:53b2:240:93a1
2606:4700::6812:f705
2620:1ec:21::14
2a00:1450:4001:811::200a
2a02:26f0:3500:16::215:148d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.161.119.26
52.222.139.33
52.222.139.4
52.7.42.79
65.9.7.124
04a79739d251532e39929837cb863111906ee87bd0be526ff5b97072c80c5cb0
067e26ee55f765e073b9068e7504de20821a48f79251d323443c40a173782a49
1461d59b7a2a2a109e4ca717e10ace4a07f06ea26d68bad62aca064aad68202a
17212f4ad0fa4389df68d61b28f295cab4eb78a0ef3b0b49183b2b5b7c1d92d0
2fd20efc49bfde5fff826e14300aed58164d547624d930318be9fe1760e3a04d
4949b617ee6a4291c4c89e893667877530681228c997d3b0f285e5f3c0a23ba6
4b646343e1290fdfc8c43581cdb57ddb925ce5ba51fd3bf55b794196f8466ce9
531b82b5ba4434388c367f6e064edb760d8e650b9c7392baa93913843c494f4f
5a15ab6bb4e7ac7198db19730ef28e7619faccd26fa8fe1655e3efde125e891c
5c50e8c0fa65ef7b2e0471bd8a39698e41ad5d1654e37c0881953bc55567adf8
5d0c861ad4421d16678b580317a9650cacf4d4e230063f738d68a3cbaa7a0d0a
6ed09379db599eeeb498b4a890b797a5d5ca7346d77251edafc219e6d361ad18
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e61d82df3151c90cf2b849fa33fedd5cf5b0c83bd5e9dbb005df0bb48803c4b
9bc70223a18302b34e0659ecb413a361b684f6ca9a098d6cd4e1d890c87f0972
a552e041d878c4d118ac7c38c1692305cbc5a22165493feceacfba3b7ecf9b58
ab118ac521517a6109671e4c8eda216b82eef64e39345c9fd1ab07562783e682
b092f6c9d0c078e5a53cd099f5b98e75f5419e851525d2ae783f41bd5c110f15
c9cf43ddcd0a52bb182c3fa56ed0bbb3b93f67e8dc45fd51d7dfdb1a9a067d0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c38ff358257c4288c7d078cb607bac2130fc636a44b2add108fbb200398804
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
f0f59c4db9b1003957c091baa20b96bcaa653ef60d844c6293f468b252484758
f3df7f54fba57dcc27c33b5c6244e0e9f1128912f9c67e56c4a5c62b21541ee8
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25