urlscan.io logo urlscan.io
SecurityTrails logo

www.benefits.com Open in urlscan Pro
172.67.194.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.benefits.com/
Submission: On October 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 17 domains to perform 57 HTTP transactions. The main IP is 172.67.194.3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.benefits.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2021. Valid for: a year.
This is the only time www.benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 172.67.194.3 13335 (CLOUDFLAR...)
5 104.18.10.207 13335 (CLOUDFLAR...)
1 142.250.186.42 15169 (GOOGLE)
1 151.101.1.131 54113 (FASTLY)
1 142.250.184.232 15169 (GOOGLE)
2 142.250.184.202 15169 (GOOGLE)
2 142.250.185.99 15169 (GOOGLE)
1 52.222.214.103 16509 (AMAZON-02)
2 172.217.16.142 15169 (GOOGLE)
1 13.32.121.73 16509 (AMAZON-02)
2 157.240.20.19 32934 (FACEBOOK)
2 104.22.52.65 13335 (CLOUDFLAR...)
1 35.81.105.54 16509 (AMAZON-02)
3 204.79.197.200 8068 (MICROSOFT...)
1 3.69.136.55 16509 (AMAZON-02)
1 52.222.236.74 16509 (AMAZON-02)
2 13.32.99.104 16509 (AMAZON-02)
1 66.102.1.156 15169 (GOOGLE)
1 18.66.139.40 16509 (AMAZON-02)
1 142.250.185.196 15169 (GOOGLE)
1 18.66.112.79 16509 (AMAZON-02)
2 44.196.63.69 14618 (AMAZON-AES)
2 157.240.20.35 32934 (FACEBOOK)
57 24
20    172.67.194.3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.benefits.com
5    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
ajax.googleapis.com
1    151.101.1.131 (United States)

ASN54113 (FASTLY, US)
ba3068fe3e2142d68354c198d575728a.js.ubembed.com
1    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
2    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
1    52.222.214.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-103.fra56.r.cloudfront.net
assets.ubembed.com
2    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com
1    13.32.121.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-73.fra60.r.cloudfront.net
static.hotjar.com
2    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
2    104.22.52.65 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
1    35.81.105.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-105-54.us-west-2.compute.amazonaws.com
benefits.disabilityguide.com
3    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com
1    3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
ba3068fe3e2142d68354c198d575728a.pages.ubembed.com
1    52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com
2    13.32.99.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-104.fra60.r.cloudfront.net
builder-assets.unbounce.com
1    66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net
stats.g.doubleclick.net
1    18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
1    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
vc.hotjar.io
2    44.196.63.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-63-69.compute-1.amazonaws.com
ba3068fe3e2142d68354c198d575728a.events.ubembed.com
2    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
Domain Requested by
20 www.benefits.com www.benefits.com
5 maxcdn.bootstrapcdn.com www.benefits.com
maxcdn.bootstrapcdn.com
3 bat.bing.com www.benefits.com
bat.bing.com
2 www.facebook.com www.benefits.com
2 ba3068fe3e2142d68354c198d575728a.events.ubembed.com assets.ubembed.com
2 builder-assets.unbounce.com ba3068fe3e2142d68354c198d575728a.pages.ubembed.com
2 connect.facebook.net www.benefits.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.benefits.com
builder-assets.unbounce.com
1 vc.hotjar.io script.hotjar.com
1 www.google.com www.benefits.com
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 c.statcounter.com www.statcounter.com
1 script.hotjar.com static.hotjar.com
1 ba3068fe3e2142d68354c198d575728a.pages.ubembed.com assets.ubembed.com
1 benefits.disabilityguide.com www.benefits.com
1 www.statcounter.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 assets.ubembed.com ba3068fe3e2142d68354c198d575728a.js.ubembed.com
1 www.googletagmanager.com www.benefits.com
1 ba3068fe3e2142d68354c198d575728a.js.ubembed.com www.benefits.com
1 ajax.googleapis.com www.benefits.com
57 24

This site contains links to these domains. Also see Links.

Domain
get.benefits.com
Subject Issuer Validity Valid
benefits.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
assets.ubembed.com
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-24 -
2021-10-22		 3 months crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
benefits.disabilityguide.com
Amazon		 2021-04-08 -
2022-05-07		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.pages.ubembed.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-09 -
2022-03-22		 2 years crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
*.events.ubembed.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.benefits.com/
Frame ID: DD230BF6DDEE48C23E23A378E55A6D25
Requests: 50 HTTP requests in this frame

Frame: https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/7aa75a49-3982-44ed-abed-084d075975f3/a.html?closedAt=0
Frame ID: 74461D679DD9EDC823E451796952C9A1
Requests: 6 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acff0d328b74363875a0a6075e6c8439.html
Frame ID: 1EC8CA01B7A11E552B75CFA4B8345D61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Benefits.com®

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

0 %
IPv6

17
Domains

24
Subdomains

24
IPs

3
Countries

1927 kB
Transfer

3294 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.benefits.com/ 		24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
eb311d573a7886f3dd2c5f6f4002bae2796097901eecae9cef466e2fc446722f

Request headers

:method
GET
:authority
www.benefits.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 13 Oct 2021 19:55:10 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
cache-control
no-cache
set-cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; expires=Wed, 13-Oct-2021 21:55:10 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9; expires=Wed, 13-Oct-2021 21:55:10 GMT; Max-Age=7200; path=/; HttpOnly
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3aEj3mnan1XcCFU2fXUGAfB1tcFWWxke3Iu59bsnimYbAe6%2FEQXJAjILg12mfwQTNIl3M7339BrYc4to5bzWiL1IRL53JlWU2i5VgxhovOiPPvt%2Bk4XtPy9GE%2BY6I5BGFmd"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69db1fb94cf32774-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
4386128
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
203451c6c050184245ebe231729b4b5c
cf-ray
69db1fbf0ff86993-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
528910
cdn-cachedat
2021-07-24 08:09:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1b00e9671224b437bf3914cf33baf521
cf-ray
69db1fbf0ffa6993-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
home.css
www.benefits.com/assets/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefits.com/assets/css/home.css?id=6887d157cb6c6dfee498
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d7dfa2979140e426dc7160916eb4901ac7303ff7d31bb4088bebe4ec5b963c

Request headers

:path
/assets/css/home.css?id=6887d157cb6c6dfee498
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Oct 2021 00:45:31 GMT
server
cloudflare
etag
W/"615ba02b-3517"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKqxfoPiKVk2TJQhxD6WAXRMOmT%2FNxi326xORRbY7p8gH9dAIHYgJlB7mk3aNUZKTTo8tI04QZ2p9nzCaDdQuM7Kmu0o10LJTQ%2B2Uhqz2gP799rrb2utvIzIX60kJZJ%2BcQEF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69db1fbefe822774-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 15:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Thu, 13 Oct 2022 15:53:30 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617
age
17708140
cdn-cachedat
2021-03-11 11:57:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3033c5b7ea34684b20a8f4234fea378f
cf-ray
69db1fbf0ffc6993-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
/
ba3068fe3e2142d68354c198d575728a.js.ubembed.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba3068fe3e2142d68354c198d575728a.js.ubembed.com/
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cfca2ad81ae9dc7a37b2faeef186eda6d06d8903a71a514eee8ba95e717dd76d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:10 GMT
content-encoding
br
x-backend-region
eu_west_1
age
1260
etag
f6b7bdaed5ac8d8d70489329a175f95a-v0.179.1
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
FRA50-C1
accept-ranges
none
x-amz-apigw-id
HKUr4EBADoEFd3A=
logo-top.svg
www.benefits.com/static/images/home/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/logo-top.svg
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25a09d4e27b3e0d46bae6963b853598399dfc591e2a1644218b13b622ad0197

Request headers

:path
/static/images/home/logo-top.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 17 Sep 2020 00:37:24 GMT
server
cloudflare
etag
W/"5f62afc4-1638"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR3HMdCevkTZSNwroGAIMAaUBdW%2FHQ69HVvMoJf7I6ZF477bl7sIGgBkcfNGud7zwsXODS4dbH4gNfuR%2F5Ly4YK7XcwT2zLwxlr4Oc0woE8bzVWocJCWI3xDr8606H5NHqtg"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69db1fbf7cff413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
money-computer.png
www.benefits.com/static/images/home/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/money-computer.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa70a457372ec9a3aa6801d889b295473f41c2626329f37477d1ccb5135044c

Request headers

:path
/static/images/home/money-computer.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-fbf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IduTQzwhM0aptjJmRXZn%2FNdChKo2%2FzjIPgpT%2BlYI8d9oq0RXqx0vPi8IwwYuWZ7%2F6EO4J6yg7IQwqhvxzlVGFc3vftqx7XODtkfC90%2BH%2FmbD2Gsp7Ihgy9%2B2iZtDWrbKo0Fp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc3eee9413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4031
money-target.png
www.benefits.com/static/images/home/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/money-target.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
534294e3d2d89b46b6437f645af1c287b0fc0bb2c1bf348a9c6fd8fba850586e

Request headers

:path
/static/images/home/money-target.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-265a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVNr%2B0BsQ%2FIyqW5LBw6HkAyejpj%2FGgmcoGoEMYuzF3QNE4GadHXp5AV8286nhxNnIsL1ycWdB0ub1UACu92qiV1UwZibI%2FrKomKPUVegpgHj9dyC3zZ%2FILCAGmLQi10kGt2M"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc49f3b413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9818
desk.png
www.benefits.com/static/images/home/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/desk.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1ec417e0b9fed491c4ba50de15003b4f64a5d1b4c3d33bb56da9cb8a064b9d3

Request headers

:path
/static/images/home/desk.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-1c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhlI2NlWuQeOgIG9ikVeL2ocuM%2BRa9GyO0YY4SHnPVqa35MlX%2BLyMtU9gr6I%2FV%2ByTXEUSHAncuOKZrNUWaathKwVHaplMwM%2BDoqwkELf0J2lcNfMpL5dQUn4W1EdH%2B0hBISm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff66413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7312
person.png
www.benefits.com/static/images/home/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/person.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d90eac8969fcffc86fc8627cc8a19a247ce6fa7f3f1e4a81ab885c113bb0c7

Request headers

:path
/static/images/home/person.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-1b54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kWh8AU20Gf8bg2ezzYauVC376LF16EXG%2Bss1fyxV8C7zYFDecsH2ZumtSS0NElGXVFutEFDOAm9CFSvQraY%2BVt0pOGnvLB98P5hx4qC%2FHVdeXf3H8DfhJuNZfE%2BqFd7bheA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff69413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6996
newsletter.png
www.benefits.com/static/images/home/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/newsletter.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e52e79894f08ccd19b0ce2d0efc497bf066f2b3eb79fcff4f7d57425fefc17

Request headers

:path
/static/images/home/newsletter.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-22ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fK36QE1QmNgy93Stvovo%2B9fc6%2F1C3Jy6JpIkn%2BNw%2FDmBz%2BatX8nlVRU8ygJFQu70v2qc2pyXoGLHK2fh3Yy1PI7FVv5KTOhsuqHYLAPmCZZTrMWDPr%2F9B6npqRW1MreI67WZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff6a413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8890
hands.png
www.benefits.com/static/images/home/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/hands.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c9dfe60b22882d0b808c7a5a6f8a39cc8f472d7758b822eca646e11601232c1

Request headers

:path
/static/images/home/hands.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-2163"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCJQzosAqBJVLIjOpOh8DP4%2BNGpZ2Oteksguqt1V9oPeGZ6zJdLmt9T9EMASQ2e2FucHY%2Fkq1AcvjE4jIrvBN1F76acztsV80htb8SPN8hhGKNnyVV%2FPHXJHYaw1BbYScOqn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff6b413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8547
dashboard-computer.png
www.benefits.com/static/images/home/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/dashboard-computer.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47b20402b22059d96774d3df0eaf7fd165a6614de43f840035822fe3a12131c

Request headers

:path
/static/images/home/dashboard-computer.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-11145"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ye9RP%2FQRVSx6WVS1Nv1ewbKl0PKG1bHpk4BRaFzZ%2FGcsMGwjbR7RS1IEGv0lwF037B7zhhak6OZc8Kv7%2BDK83sG8W7YWA3wq2uR9lkij2YcinAJ9M7HnXrzhsMQ0nQWKFx46"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff6c413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
69957
family.png
www.benefits.com/static/images/home/ 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/family.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3d3cfacc4e6b8fcd526ca759c1481a1f156f212788aceaa58913ec9ea29c71

Request headers

:path
/static/images/home/family.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-3a4f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPw2fcjU8gDnvS%2FzI4NNCTP%2B48%2Fk47yxsk5AdTRj4p1loVvpd9Ac7CXOo3IIvXQgU%2B9MUmnjkaNbGbDaiNPEYQEwGtdTwOHtirvzbe6SDhr%2FxbHRAcFi0%2FslKLGg7WoKEMdW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff6d413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
238835
old-men.png
www.benefits.com/static/images/home/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/old-men.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fbfcaa9c4f693c28b09910c8f4ecbbce4c2575ae568ef83159bdcaed562276

Request headers

:path
/static/images/home/old-men.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-2de65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KLGe6S81I1BeCfYtyxF5rpQ452pcIdiHcs3q7VI5c2xfjdzQcpUtNffs32PlKVulN8bDbn0ZktbyZ%2Bx%2ByieFCSVAJwyy96ZCaDake8V0%2FRoTcugd2hFEQKqj7ngMFUF9j8s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff6e413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
188005
sad-guy.png
www.benefits.com/static/images/home/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/sad-guy.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c4bba34172d987846c45f3dc9a8fb47c38deff5a3937319b27706896787dac

Request headers

:path
/static/images/home/sad-guy.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-2026a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLLXl0Kn79YkkWWhnOuTa4N2YqgGM3tNo3Fkg1AzpqG3zAvBmHFnJEyY7lEUh4FA76Lhpjc%2Bttp3Wa0WAYWucspZBd%2B5OZH9Qw0Wtg%2Bs%2BMDA2ScWMXVLD4OKyyOb2G6zJsHH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff6f413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
131690
man-woman.png
www.benefits.com/static/images/home/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/man-woman.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f7b4ee5e81e1dba3f68d52543223f7ef16cd11a1cfa85dca91fa7ca8759c33

Request headers

:path
/static/images/home/man-woman.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-37dca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcUgto9hpIZkudNE9MI77cMR6xD14LAdNsvm5zf5CBUJDcmV7SLe2NmfSKpH5HSJ6CEuQprCSyaE%2FRva%2FqCupcg02Zb8vuKbB3rGKUrVkI2pdazjSy0YVfh%2BZheJDFtgSdJE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff70413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
228810
bzj-inc.svg
www.benefits.com/static/images/home/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/bzj-inc.svg
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812d86d3f50f10a3c04f54e8bb0d9b9da247bbd57ee13550273e170041f7a38e

Request headers

:path
/static/images/home/bzj-inc.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 05 Aug 2021 00:47:17 GMT
server
cloudflare
etag
W/"610b3515-ca7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7B6TXtLhum9cdm%2FmvnUWFOHEMnTbAB2zwL7C0t0jPVB1QsCE8ge2z52dYio0C%2BKC7mTY0UHUcI8Pf3jZvDNlnaE7uzcNgWIv9o%2Bpfqp9duEA5fs%2Fk4BzRRx1lCSINGBOPSa"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69db1fc4ff71413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
inc.svg
www.benefits.com/static/images/home/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/inc.svg
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24921d91ed53311ac17f49091c831b9b3baa0bb20c94a483ba7886cda9d7db55

Request headers

:path
/static/images/home/inc.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 05 Aug 2021 00:47:17 GMT
server
cloudflare
etag
W/"610b3515-49c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvJ%2BJ5lWWz2E6OnziSxq6y4yAzbVWKfwPKmfqsAiz57YyRDdw0T7kZ6pfZlW67o%2FSQGt4l8U1JThgSK%2FYpJbEC%2FFLyY4XYoMc5%2B7kzMfgVah5YOuv4IX7cF9PrJn97HNM0Bt"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69db1fc4ff72413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fbs.svg
www.benefits.com/static/images/home/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/fbs.svg
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
711a17cc4699431581e591074416c643155af48a38ee5ca1b62ad6051740a021

Request headers

:path
/static/images/home/fbs.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 05 Aug 2021 00:47:17 GMT
server
cloudflare
etag
W/"610b3515-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJEHRnU8uTbKMVMHcDyexzsZIjlK%2BDpVcHKh82yGhH1rnVV6iToI54Mk1n0QCD4Yfva4vB6Kb4ERvvfP6B%2Fm0xX2YPjvEmR8G2PCW8zYNay05gnioGZkzBQz62XaWBfiQjxq"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69db1fc4ff73413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ent.svg
www.benefits.com/static/images/home/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/ent.svg
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a9ce76d1845851912368a983599ecb5fd8587e1bff74732732743cb0770d2c6

Request headers

:path
/static/images/home/ent.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 05 Aug 2021 00:47:17 GMT
server
cloudflare
etag
W/"610b3515-1453"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQQC1UtMHmMQOleKRtRIshn9BWRrVALniTZDJWNEr4gye%2BzAOgZZXW5q0KqJLXF8FrPlmNX0Sh0WOChzRsDQCqHgnyn3%2BqJMtbGUwtYWiLSYXos1ya%2FP6JwOGZoZSKGLUPUJ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69db1fc4ff74413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
logo-footer.svg
www.benefits.com/static/images/home/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/logo-footer.svg
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d6490ee1a555820fa2605ff17757f6c4dcb9f2e0ef37e3df8124edda1a19a3

Request headers

:path
/static/images/home/logo-footer.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 17 Sep 2020 00:37:24 GMT
server
cloudflare
etag
W/"5f62afc4-162d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUdVuGfK6%2BYTUZ31q0S%2FiiWao7a6isDVGQFx2T%2FJxWDJGANT3uCChbeXspxm9JQWs28tLsz08Tr1ls4dZCaDdvJBFopvmQRlKT%2FDRtNbfIQAM7k7l1PTINZ0HNAmxk9xHd7Y"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69db1fc4ff75413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		160 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
721b7c1989dfc78f1e301a6daf0892baf9f704047695288260e03df9de4edb56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58743
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Oct 2021 19:55:11 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/assets/css/home.css?id=6887d157cb6c6dfee498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
c6da3e29d7e9c52e3786c3a361d3c00084681338fcd8cfb1539618617f4a258a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 17:56:30 GMT
server
ESF
date
Wed, 13 Oct 2021 19:55:11 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 13 Oct 2021 19:55:11 GMT
silhouette-bg.png
www.benefits.com/static/images/home/ 		294 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefits.com/static/images/home/silhouette-bg.png
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/assets/css/home.css?id=6887d157cb6c6dfee498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f42b4edcc602d335eb8322d73644a8f05112f9cdf181dbd71af2f9dc2e43f0

Request headers

:path
/static/images/home/silhouette-bg.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D; laravel_session=eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.benefits.com
referer
https://www.benefits.com/assets/css/home.css?id=6887d157cb6c6dfee498
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/assets/css/home.css?id=6887d157cb6c6dfee498
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
cf-cache-status
MISS
last-modified
Thu, 27 Aug 2020 23:54:51 GMT
server
cloudflare
etag
"5f4847cb-49616"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZzJVxHuwqCoClsOq%2BcrzKRQzrvOQXILDc7se7n%2Bhv6BLsewFrwcCJVvh%2BbA9Doji%2BL9GXrHkYuo3W%2Fuu1FqlM2WcjbixhiNCjaLy4eD1MYWf9dF35WcGXJ9M0Ga%2FmT6SE0a"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69db1fc4ff77413e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
300566
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 17:04:31 GMT
x-content-type-options
nosniff
age
528640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Oct 2022 17:04:31 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.benefits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617, 617, 617, 617, 617, 617
age
14079261
cdn-cachedat
2021-05-03 22:48:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1fe2252e86cfe71f67e911996328633d
accept-ranges
bytes
cf-ray
69db1fc50bd45bf5-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin
https://www.benefits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
age
2651107
cdn-proxyver
1.0
cdn-cachedat
08/03/2021 23:23:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18028
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d22fb9d1a35051c36dea9ea041d4f560
accept-ranges
bytes
cf-ray
69db1fc50bd25bf5-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.1/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by
Host: ba3068fe3e2142d68354c198d575728a.js.ubembed.com
URL: https://ba3068fe3e2142d68354c198d575728a.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 16:54:54 GMT
content-encoding
gzip
last-modified
Fri, 30 Jul 2021 19:19:04 GMT
server
AmazonS3
age
6145218
etag
W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
_Y19ROYINCWmsVqwcrr0bYhc7iE12DnJwbeouvSng6HOjTjswoQGzA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 21:34:48 GMT
server
Golfe2
age
6845
date
Wed, 13 Oct 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Wed, 13 Oct 2021 20:01:06 GMT
hotjar-1122411.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1122411.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-73.fra60.r.cloudfront.net
Software
/
Resource Hash
f227183b8127a45094077ace555b489768c44122040e2951c083bc3f35a73c53
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA60-P1
etag
W/371111ceb40fae8355cd0fc6394311a9
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
1933
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5f.cloudfront.net (CloudFront)
x-amz-cf-id
1-qTWDxS52-DpTH9eG7SrdbNGFFhS7g0lKoc_uyOiacc9t1dhlzeUQ==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25967
x-xss-protection
0
pragma
public
x-fb-debug
Sb2Kajee85m0dESvIELSqiEIc4pyty4CRcaCEpwsYguavgSP+W0i1kI8BAweT4HMNv03XfyIGuBl3rTFllOJrw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 13 Oct 2021 19:55:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
counter.js
www.statcounter.com/counter/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Oct 2021 11:08:17 GMT
server
cloudflare
age
31061
etag
W/"61656ca1-9cdd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
69db1fc5abef68fb-FRA
expires
Wed, 13 Oct 2021 23:17:29 GMT
escape-redirect.js
benefits.disabilityguide.com/js/ 		218 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.disabilityguide.com/js/escape-redirect.js?434077095
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.105.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-105-54.us-west-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5fd3f77c147c996466e7275194ac8cd0f380fa13910181768727dfa2ebe46ba6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 19:00:54 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"61672ce6-366fd"
vary
Accept-Encoding
content-type
application/javascript
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 19:11:47 GMT
x-msedge-ref
Ref A: 2797BAE0B09A4B6BB06EB4F206C846B5 Ref B: PRG01EDGE1012 Ref C: 2021-10-13T19:55:11Z
etag
"805b72e6bad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10001
a.html
ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/7aa75a49-3982-44ed-abed-084d075975f3/ Frame 7446 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/7aa75a49-3982-44ed-abed-084d075975f3/a.html?closedAt=0
Requested by
Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c8b57adf63c6f5d1217315ccef88333e71695ea6c82575ae5f8c5d550b2ec389

Request headers

Host
ba3068fe3e2142d68354c198d575728a.pages.ubembed.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.benefits.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
7aa75a49-3982-44ed-abed-084d075975f3
etag
95a91c041715e9b78e5bcf42da97b732
last-modified
Wed, 16 Sep 2020 19:44:18 GMT
content-encoding
gzip
x-proxy-backend
page-server
connection
close
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=532535948&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefits.com%2F&ul=en-us&de=UTF-8&dt=Benefits.com%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1732953746&gjid=294160595&cid=1632586385.1634154912&tid=UA-119266907-1&_gid=990687012.1634154912&_r=1&gtm=2wgab0M84KTS9&z=920612682
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:55:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
172952196748389
connect.facebook.net/signals/config/ 		490 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/172952196748389?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
0d678273a15a6cdfa45b6f02a5f16be3f57c6e79130f182bf100188ae199b54e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
TJpFKO/lGLKHKbJetfCG1yYjfKbahGuZYLSLkCitvac5KQCz1fKfCS8Q072sSrT6j0QbKfL3IXD5oVbmgk0LxQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 13 Oct 2021 19:55:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.da93b7ce7275a1de2dc8.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.da93b7ce7275a1de2dc8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1122411.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
4040b28aabc1749a3350c141fdd0c3306f3590a3046503433532881ac764a70a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 08:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
42546
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59677
access-control-allow-origin
*
last-modified
Wed, 13 Oct 2021 08:05:10 GMT
etag
"6be8737e564a5ca64d704bb3d3b71047"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 71c4b07776e0b6812900664940c9d7a7.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
K6JMu9ENeWuDCLs9f0_2sIglrw6_HGUmVgxBezwNK-UfZpuFM_T4Lw==
t.php
c.statcounter.com/ 		192 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12231059&u1=AB094C6604554F09386875E15AE6F804&java=1&security=06bd3d1e&sc_snum=1&sess=30eed3&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.benefits.com/&t=Benefits.com%C2%AE&invisible=1&sc_rum_e_s=2071&sc_rum_e_e=2078&sc_rum_f_s=0&sc_rum_f_e=2046&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69db1fc5fc8c68fb-FRA
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://www.benefits.com
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ Frame 7446 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: ba3068fe3e2142d68354c198d575728a.pages.ubembed.com
URL: https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/7aa75a49-3982-44ed-abed-084d075975f3/a.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-104.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
21667374
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5f.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
covEgx4wvL6EN7PHUNfhQo48OZezQC3bxdRrEgJwtjSqGdLRv42QhA==
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ Frame 7446 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: ba3068fe3e2142d68354c198d575728a.pages.ubembed.com
URL: https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/7aa75a49-3982-44ed-abed-084d075975f3/a.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-104.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 18:29:16 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:10 GMT
server
AmazonS3
age
5102756
etag
"bb50eefe0cf9244bc17fe34bb55821bb"
x-cache
Hit from cloudfront
x-amz-version-id
ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5f.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
application/javascript
content-length
33645
x-amz-cf-id
sGZ2qcWi1TQXhCRbKQQQjPOJqRKZtjqiaqhdDnSH2wIJ9rYt4pObsg==
134004590.js
bat.bing.com/p/action/ 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/134004590.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Oct 2021 19:55:11 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 73DA87A61AC34612AE2D8315416522B1 Ref B: PRG01EDGE1012 Ref C: 2021-10-13T19:55:11Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134004590&Ver=2&mid=99b3dcd3-c7f2-4b78-b3df-120e5d811955&sid=79b2ddf02c5f11ec90d66f671555ab39&vid=79b301102c5f11ec825a5f250bf44e8b&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Benefits.com%C2%AE&p=https%3A%2F%2Fwww.benefits.com%2F&r=&lt=1910&evt=pageLoad&msclkid=N&sv=1&rn=427622
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 13 Oct 2021 19:55:11 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 2A638D5D7B5045F388A55D672764ECFF Ref B: PRG01EDGE1012 Ref C: 2021-10-13T19:55:11Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-119266907-1&cid=1632586385.1634154912&jid=1732953746&gjid=294160595&_gid=990687012.1634154912&_u=YEBAAEAAAAAAAC~&z=1232951679
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Oct 2021 19:55:11 GMT
content-type
text/plain
access-control-allow-origin
https://www.benefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-acff0d328b74363875a0a6075e6c8439.html
vars.hotjar.com/ Frame 1EC8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acff0d328b74363875a0a6075e6c8439.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1122411.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ab905a6626c29d0612a60bb7944b07ba2a1fd55c0f72ddc87913aa21c3d02fb5

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-acff0d328b74363875a0a6075e6c8439.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.benefits.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/

Response headers

content-type
text/html
content-length
1044
date
Wed, 13 Oct 2021 08:06:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"180eba9df76aa8711e14c898a36db859"
last-modified
Wed, 13 Oct 2021 08:05:10 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3451.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
QHbSPoiSCxQgNOqvd49U-rfC6oR3anithaIwE8f_Cvoh_lktcXUOvg==
age
42546
e7511abf-be80-458f-8ba0-d353d8dcba7d
https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/ Frame 7446 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/e7511abf-be80-458f-8ba0-d353d8dcba7d
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ Frame 7446 		3 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 19:19:51 GMT
server
ESF
date
Wed, 13 Oct 2021 19:55:11 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 13 Oct 2021 19:55:11 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-119266907-1&cid=1632586385.1634154912&jid=1732953746&_u=YEBAAEAAAAAAAC~&z=1883882321
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:55:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1122411
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1122411?s=0.25&r=0.1749789428669868
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.da93b7ce7275a1de2dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:11 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
QXZJVbzBAZQ_dKXmyu6cq1ukB3NdDvI6hxIgwEa6Ow3tIISvRUoNPg==
embeddableActivated
ba3068fe3e2142d68354c198d575728a.events.ubembed.com/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ba3068fe3e2142d68354c198d575728a.events.ubembed.com/embeddableActivated?activationRuleId=201944ad406e49528d7f16970b4d8f11&browserTrackingId=bdb555f17238496b9be0eff67dcc915e&clientId=1b652512-a19d-11e4-97d1-22000b3b0e9d&hostPageCorrelationId=21a8c59b59d14dfebe8ab47eb14a2fd0&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fwww.benefits.com%2F&isFirstTime=true&requestId=9ce0ff61d46b49cb87c97b691c2ede4b&source=universalscript-v0.179.1
Requested by
Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.63.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-63-69.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.benefits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.benefits.com
date
Wed, 13 Oct 2021 19:55:12 GMT
access-control-allow-credentials
true
embeddableViewed
ba3068fe3e2142d68354c198d575728a.events.ubembed.com/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ba3068fe3e2142d68354c198d575728a.events.ubembed.com/embeddableViewed?activationRuleId=201944ad406e49528d7f16970b4d8f11&browserTrackingId=bdb555f17238496b9be0eff67dcc915e&clientId=1b652512-a19d-11e4-97d1-22000b3b0e9d&hostPageCorrelationId=21a8c59b59d14dfebe8ab47eb14a2fd0&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fwww.benefits.com%2F&isFirstTime=true&requestId=18b827bdb0b44df6b1c87b1630454b5f&source=universalscript-v0.179.1
Requested by
Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.63.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-63-69.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.benefits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.benefits.com
date
Wed, 13 Oct 2021 19:55:12 GMT
access-control-allow-credentials
true
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 7446 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ba3068fe3e2142d68354c198d575728a.pages.ubembed.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 20:23:42 GMT
x-content-type-options
nosniff
age
603089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16736
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:15 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 20:23:42 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=172952196748389&ev=PageView&dl=https%3A%2F%2Fwww.benefits.com%2F&rl=&if=false&ts=1634154912057&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634154912056.153059789&it=1634154911662&coo=false&exp=p1&rqm=GET
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 13 Oct 2021 19:55:12 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=172952196748389&ev=Microdata&dl=https%3A%2F%2Fwww.benefits.com%2F&rl=&if=false&ts=1634154912561&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Benefits.com%C2%AE%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.benefits.com%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Benefits.com%C2%AE%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Benefits.com%26reg%3B%22%2C%22alternateName%22%3A%22Your%20Free%20Advocate%20for%20Benefit%20Programs%22%2C%22url%22%3A%22https%3A%2F%2Fbenefits.com%22%7D%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634154912056.153059789&it=1634154911662&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Requested by
Host: www.benefits.com
URL: https://www.benefits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:55:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 13 Oct 2021 19:55:12 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq number| sc_project number| sc_invisible string| sc_security number| sc_https number| sc_remove_link object| passageEscapeRedirect object| uetq object| ube object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| _statcounter function| UET function| UET_init function| UET_push object| regeneratorRuntime object| JSON3 function| setImmediate function| clearImmediate function| Vue

16 Cookies

Domain/Path Name / Value
www.benefits.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InBlZmJqeSs4V1d2Rm92WmJNelVsYnc9PSIsInZhbHVlIjoiUWRuWUV2Mnl1SGNOOTVsM29JRExkZlRnYm1LVmZtZlJKQmJ3bTE2SWROTVRjeXI1Mm1HbEp4TXFBWUR3SGxiM0lvOFwvSGdaYUFVbkZYNHlWRWFJd1RBPT0iLCJtYWMiOiI0MmIwNWI1MzljYjU2NGNhMDY2NTIxMmQxODM5N2VjYjQ4MGQ3ODNmZGUyZjE5NmM4YzQ4YzI3NDcyZWVhNDEwIn0%3D
www.benefits.com/ Name: laravel_session
Value: eyJpdiI6ImdEelhlWmE4NlBXU1AxSGlWZWhPclE9PSIsInZhbHVlIjoia1Vvc2lKNlwvamRzckd1dm5PcVFZaWVJZUNjcnlEOWJMMjZOTTBpUVdQYU5DTCtlMldtVWZxY2JwN2ZYZUp6XC9ZeE9NWk42dHhUeXJEZ0xOS3k3cUtXUT09IiwibWFjIjoiNjYyOTg5YjhiNTQ0Y2VlMWZhNThiMGE4NTFmMTc4YjRkZGQ2ZDY5ZDcwZDU4MWI4Y2IzOWIzYTBiODUxNzg1YyJ9
.benefits.com/ Name: _gcl_au
Value: 1.1.1926045455.1634154912
.benefits.com/ Name: _ga
Value: GA1.2.1632586385.1634154912
.benefits.com/ Name: _gid
Value: GA1.2.990687012.1634154912
.benefits.com/ Name: _gat_UA-119266907-1
Value: 1
.benefits.com/ Name: sc_is_visitor_unique
Value: rx12231059.1634154912.AB094C6604554F09386875E15AE6F804.1.1.1.1.1.1.1.1.1
.bing.com/ Name: MUID
Value: 262D56BF828069772C29467083C2680C
.benefits.com/ Name: _uetsid
Value: 79b2ddf02c5f11ec90d66f671555ab39
.benefits.com/ Name: _uetvid
Value: 79b301102c5f11ec825a5f250bf44e8b
.benefits.com/ Name: _hjid
Value: 29f92830-391b-40a0-be63-2cd5ecd4e9c9
.benefits.com/ Name: _hjFirstSeen
Value: 1
.benefits.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.statcounter.com/ Name: is_unique
Value: sc12231059.1634154911.0
.statcounter.com/ Name: is_visitor_unique
Value: 1634154911292969050
.benefits.com/ Name: _fbp
Value: fb.1.1634154912056.153059789

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.ubembed.com
ba3068fe3e2142d68354c198d575728a.events.ubembed.com
ba3068fe3e2142d68354c198d575728a.js.ubembed.com
ba3068fe3e2142d68354c198d575728a.pages.ubembed.com
bat.bing.com
benefits.disabilityguide.com
builder-assets.unbounce.com
c.statcounter.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.benefits.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.statcounter.com
104.18.10.207
104.22.52.65
13.32.121.73
13.32.99.104
142.250.184.202
142.250.184.232
142.250.185.196
142.250.185.99
142.250.186.42
151.101.1.131
157.240.20.19
157.240.20.35
172.217.16.142
172.67.194.3
18.66.112.79
18.66.139.40
204.79.197.200
3.69.136.55
35.81.105.54
44.196.63.69
52.222.214.103
52.222.236.74
66.102.1.156
09d90eac8969fcffc86fc8627cc8a19a247ce6fa7f3f1e4a81ab885c113bb0c7
0d678273a15a6cdfa45b6f02a5f16be3f57c6e79130f182bf100188ae199b54e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17e52e79894f08ccd19b0ce2d0efc497bf066f2b3eb79fcff4f7d57425fefc17
24921d91ed53311ac17f49091c831b9b3baa0bb20c94a483ba7886cda9d7db55
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
39f7b4ee5e81e1dba3f68d52543223f7ef16cd11a1cfa85dca91fa7ca8759c33
4040b28aabc1749a3350c141fdd0c3306f3590a3046503433532881ac764a70a
4c3d3cfacc4e6b8fcd526ca759c1481a1f156f212788aceaa58913ec9ea29c71
52d7dfa2979140e426dc7160916eb4901ac7303ff7d31bb4088bebe4ec5b963c
534294e3d2d89b46b6437f645af1c287b0fc0bb2c1bf348a9c6fd8fba850586e
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5fd3f77c147c996466e7275194ac8cd0f380fa13910181768727dfa2ebe46ba6
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
68d6490ee1a555820fa2605ff17757f6c4dcb9f2e0ef37e3df8124edda1a19a3
6a9ce76d1845851912368a983599ecb5fd8587e1bff74732732743cb0770d2c6
711a17cc4699431581e591074416c643155af48a38ee5ca1b62ad6051740a021
721b7c1989dfc78f1e301a6daf0892baf9f704047695288260e03df9de4edb56
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c9dfe60b22882d0b808c7a5a6f8a39cc8f472d7758b822eca646e11601232c1
812d86d3f50f10a3c04f54e8bb0d9b9da247bbd57ee13550273e170041f7a38e
89fbfcaa9c4f693c28b09910c8f4ecbbce4c2575ae568ef83159bdcaed562276
8aa70a457372ec9a3aa6801d889b295473f41c2626329f37477d1ccb5135044c
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
ab905a6626c29d0612a60bb7944b07ba2a1fd55c0f72ddc87913aa21c3d02fb5
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b25a09d4e27b3e0d46bae6963b853598399dfc591e2a1644218b13b622ad0197
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
c6da3e29d7e9c52e3786c3a361d3c00084681338fcd8cfb1539618617f4a258a
c8b57adf63c6f5d1217315ccef88333e71695ea6c82575ae5f8c5d550b2ec389
cfca2ad81ae9dc7a37b2faeef186eda6d06d8903a71a514eee8ba95e717dd76d
d1ec417e0b9fed491c4ba50de15003b4f64a5d1b4c3d33bb56da9cb8a064b9d3
d47b20402b22059d96774d3df0eaf7fd165a6614de43f840035822fe3a12131c
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb311d573a7886f3dd2c5f6f4002bae2796097901eecae9cef466e2fc446722f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c4bba34172d987846c45f3dc9a8fb47c38deff5a3937319b27706896787dac
f227183b8127a45094077ace555b489768c44122040e2951c083bc3f35a73c53
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9f42b4edcc602d335eb8322d73644a8f05112f9cdf181dbd71af2f9dc2e43f0
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c