jeffersonbenefitsplus.com Open in urlscan Pro
20.84.192.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.relay.corestream.com/?qs=bc670feebc3476ab7891f39c0e5f36934d4d66c0012aa84b40c41dd4a8cb11a4fffab7c7836bcf3fba23cccc5973...
Effective URL:
https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A...
Submission: On November 17 via manual (November 17th 2022, 4:07:13 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 61 HTTP transactions. The main IP is 20.84.192.234, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is jeffersonbenefitsplus.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 4th 2022. Valid for: a year.

This is the only time jeffersonbenefitsplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.234.83 13.111.234.83	22606 (EXACT-7) (EXACT-7)
4	20.84.192.234 20.84.192.234	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:780... 2a02:26f0:780::5f65:368a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	99.84.146.27 99.84.146.27	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.62 13.32.27.62	16509 (AMAZON-02) (AMAZON-02)
4	52.251.124.220 52.251.124.220	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.236.186.218 52.236.186.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
4	18.205.203.253 18.205.203.253	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.27.114 13.32.27.114	16509 (AMAZON-02) (AMAZON-02)
6	18.66.115.169 18.66.115.169	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 ^_^) (CDN77 ^_^)
13	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
6	23.105.169.67 23.105.169.67	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
4	99.86.4.13 99.86.4.13	16509 (AMAZON-02) (AMAZON-02)
1	52.45.168.243 52.45.168.243	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
61	19

1 13.111.234.83 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.relay.corestream.com

click.relay.corestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.84.192.234 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

jeffersonbenefitsplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::5f65:368a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.146.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-146-27.txl52.r.cloudfront.net

code.upscope.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-62.fra56.r.cloudfront.net

js.upscope.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.251.124.220 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tenants.corestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.236.186.218 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.205.203.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-203-253.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-114.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn2.corestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.test.corestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.105.169.67 (Atlanta, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

tkm2y5kpcd-dsn.algolia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-13.fra6.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.168.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-168-243.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	corestream.com 1 redirects click.relay.corestream.com — Cisco Umbrella Rank: 495452 tenants.corestream.com — Cisco Umbrella Rank: 571927 cdn2.corestream.com — Cisco Umbrella Rank: 606960 cdn2.test.corestream.com — Cisco Umbrella Rank: 824486	309 KB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 815 events.launchdarkly.com — Cisco Umbrella Rank: 585 clientstream.launchdarkly.com — Cisco Umbrella Rank: 648	3 KB
6	algolia.net tkm2y5kpcd-dsn.algolia.net — Cisco Umbrella Rank: 603747	387 KB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 1331	60 KB
4	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 1923	226 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 435 p.typekit.net — Cisco Umbrella Rank: 564	57 KB
4	jeffersonbenefitsplus.com jeffersonbenefitsplus.com	661 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
2	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 22077	16 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2382 api-iam.intercom.io — Cisco Umbrella Rank: 2331	9 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 779	281 B
2	upscope.io code.upscope.io — Cisco Umbrella Rank: 29040 js.upscope.io — Cisco Umbrella Rank: 42816	41 KB
61	12

	Domain	Requested by
12	cdn2.corestream.com	jeffersonbenefitsplus.com
6	tkm2y5kpcd-dsn.algolia.net	jeffersonbenefitsplus.com
6	cdn.segment.com	jeffersonbenefitsplus.com cdn.segment.com
4	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
4	events.launchdarkly.com	jeffersonbenefitsplus.com
4	app.launchdarkly.com	jeffersonbenefitsplus.com
4	tenants.corestream.com	jeffersonbenefitsplus.com
4	jeffersonbenefitsplus.com	jeffersonbenefitsplus.com
3	use.typekit.net	jeffersonbenefitsplus.com use.typekit.net
2	www.google-analytics.com	cdn.segment.com www.google-analytics.com
2	web-sdk.smartlook.com	jeffersonbenefitsplus.com web-sdk.smartlook.com
2	dc.services.visualstudio.com	jeffersonbenefitsplus.com
1	cdn2.test.corestream.com
1	api-iam.intercom.io	js.intercomcdn.com
1	clientstream.launchdarkly.com
1	widget.intercom.io	jeffersonbenefitsplus.com
1	js.upscope.io	code.upscope.io
1	code.upscope.io	jeffersonbenefitsplus.com
1	p.typekit.net	use.typekit.net
1	click.relay.corestream.com	1 redirects
61	20

This site contains links to these domains. Also see Links.

Domain
www.corestream.com
corp.corestream.com

Subject Issuer	Validity	Valid
jeffersonbenefitsplus.com Go Daddy Secure Certificate Authority - G2	`2022-02-04` - `2023-03-08`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upscope.io Amazon	`2022-01-10` - `2023-02-07`	a year	crt.sh
*.corestream.com Go Daddy Secure Certificate Authority - G2	`2022-05-25` - `2023-05-25`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 06	`2022-09-07` - `2023-09-02`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
events.launchdarkly.com Amazon	`2022-08-19` - `2023-09-16`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
1688964705.rsc.cdn77.org R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
algolia.net Sectigo RSA Organization Validation Secure Server CA	`2021-12-07` - `2023-01-06`	a year	crt.sh
clientstream.launchdarkly.com Amazon	`2022-09-09` - `2023-10-07`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.test.corestream.com Go Daddy Secure Certificate Authority - G2	`2022-02-02` - `2023-02-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1
Frame ID: 03259EEBF7306575F06D46DE37E4F622
Requests: 46 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.dfb5ef07.js
Frame ID: 580705B955370937F7FA448F40E5A448
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Jefferson Benefits Plus

Page URL History Show full URLs

https://click.relay.corestream.com/?qs=bc670feebc3476ab7891f39c0e5f36934d4d66c0012aa84b40c41dd4a8cb11a4fffab7c7... HTTP 302
https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Be... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

61
Requests

98 %
HTTPS

26 %
IPv6

12
Domains

20
Subdomains

19
IPs

3
Countries

1789 kB
Transfer

5949 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.corestream.com/

Search URL Search Domain Scan URL

URL: https://corp.corestream.com/corestream-cookie-policy
Title: cookie policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.relay.corestream.com/?qs=bc670feebc3476ab7891f39c0e5f36934d4d66c0012aa84b40c41dd4a8cb11a4fffab7c7836bcf3fba23cccc5973a2134216f78f9eb271d6 HTTP 302
https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
jeffersonbenefitsplus.com/
Redirect Chain

https://click.relay.corestream.com/?qs=bc670feebc3476ab7891f39c0e5f36934d4d66c0012aa84b40c41dd4a8cb11a4fffab7c7836bcf3fba23cccc5973a2134216f78f9eb271d6
https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1

1 KB
1 KB

507ms
156ms

Document
text/html

20.84.192.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.84.192.234 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

53e37a4d7b210269d91469788454d2d41d7093a11dd272d14f1aa7dcd84c93f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 788
Content-Type: text/html
Date: Thu, 17 Nov 2022 16:07:07 GMT
ETag: "01bde5ef0f5d81:0"
Last-Modified: Fri, 11 Nov 2022 17:09:34 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 284
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Nov 2022 16:07:06 GMT
Location: https://JeffersonBenefitsPlus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1

GET
H2 200 vcw7mfs.css
use.typekit.net/ 10 KB
1 KB 160ms
37ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vcw7mfs.css

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

dabe97db8cf829f87dab2f4fa5272f4f41ae9caed11fbc8ccb5adc6563af1c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 17 Nov 2022 16:07:07 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1184

GET
H/1.1 200
OK main.9ac66f44.js Show response
jeffersonbenefitsplus.com/static/js/ 2 MB
633 KB 307ms
306ms Script
application/x-javascript 20.84.192.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.84.192.234 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3365ebce53d6725e2a277f7d7b44160f28ab947d74fd10ae776a55de37108613

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 16:07:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 17:09:36 GMT
ETag: "048f60f0f5d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 648317

GET
H/1.1 200
OK main.e44310f2.css
jeffersonbenefitsplus.com/static/css/ 162 KB
27 KB 1212ms
906ms Stylesheet
text/css 20.84.192.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffersonbenefitsplus.com/static/css/main.e44310f2.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.84.192.234 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e0e825b4daa3f7ab650ad54be21830581d2e7948225ab373e46accc735189f85

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 16:07:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 17:09:36 GMT
ETag: "048f60f0f5d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26919

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 174ms
41ms Stylesheet
text/css 2a02:26f0:780::5f65:368a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vcw7mfs&ht=tk&f=14032.14033.14034.14035.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=4768995&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vcw7mfs.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:368a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 16:07:07 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 CgX8WAhWJi.js Show response
code.upscope.io/ 1 KB
942 B 123ms
51ms Script
application/javascript 99.84.146.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.upscope.io/CgX8WAhWJi.js
Requested by: Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.146.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-146-27.txl52.r.cloudfront.net
Software: /
Resource Hash: 78028cfd6f725c5381daf8f237f6421cd207606f939c38d8eec376d2b649e2a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 16:07:07 GMT
content-encoding: gzip
via: 1.1 8a8ce1b655547c1da36b64e17700f010.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60,public
x-amz-cf-id: cVJLhSDQQekfQuFni-v3Qz1akz3wBHd7Oo-bXd6xMVWwYwSZxKbPvw==

GET
H2 200 upscope-2.1.3.es6.js Show response
js.upscope.io/ 146 KB
40 KB 143ms
46ms Script
application/javascript 13.32.27.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.upscope.io/upscope-2.1.3.es6.js
Requested by: Host: code.upscope.io
URL: https://code.upscope.io/CgX8WAhWJi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e2c9de5c8f3ce4514952e5f7016a58616f482b411ac182dd7311055bfc293f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 16:07:08 GMT
content-encoding: gzip
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
last-modified: Tue, 15 Nov 2022 17:04:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 55
etag: W/"2b9a55d2ab0cdd09d7080bd16b8b9dfe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=864000,public
x-amz-cf-id: AFbVxs11pvyejTyc3to-4onmJd8LABQ2_F_BBQFtlWgI29VvcWRJ4A==

GET
H2 200 jeffersonbenefitsplus.com Show response
tenants.corestream.com/TenantSites/ 8 KB
3 KB 275ms
275ms XHR
application/json 52.251.124.220
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tenants.corestream.com/TenantSites/jeffersonbenefitsplus.com
Requested by: Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.251.124.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 77ca9dd9a12818cdd7a00aa215aed42b6cf02f541e8cb4705ac2cf489346ee50

Request headers

Accept: application/json, text/plain, */*
Referer: https://jeffersonbenefitsplus.com/
traceparent: 00-690dbbd2304c4abd95b4e60ab2ed4774-11ddcc9ce13d4640-01
Request-Id: |690dbbd2304c4abd95b4e60ab2ed4774.11ddcc9ce13d4640
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 16:07:09 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jeffersonbenefitsplus.com
access-control-allow-credentials: true
x-request-context-data: default,East US 2
request-context: appId=cid-v1:2209bb07-c5f0-4f60-ae87-5510803140a8

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 85ms
85ms XHR
application/json 52.236.186.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.218 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62e4c86b29470cecc3185bed3d42b581a1dc08fba9780dddf3cb153ab7072061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://jeffersonbenefitsplus.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 23FC7D58-0CA8-4326-8972-926A905D9BAF
strict-transport-security: max-age=31536000
date: Thu, 17 Nov 2022 16:07:08 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

OPTIONS
H2 204 jeffersonbenefitsplus.com
tenants.corestream.com/TenantSites/ Frame 0
0 641ms
132ms Preflight 52.251.124.220
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tenants.corestream.com/TenantSites/jeffersonbenefitsplus.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.251.124.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: request-id,traceparent
Access-Control-Request-Method: GET
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: request-id,traceparent
access-control-allow-methods: GET
access-control-allow-origin: https://jeffersonbenefitsplus.com
date: Thu, 17 Nov 2022 16:07:09 GMT
request-context: appId=cid-v1:2209bb07-c5f0-4f60-ae87-5510803140a8
vary: Origin
x-powered-by: ASP.NET
x-request-context-data: default,East US 2

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 226ms
43ms Preflight 52.236.186.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.218 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 17 Nov 2022 16:07:08 GMT
x-content-type-options: nosniff

OPTIONS
H2 200 5f072772b5b1880b7229eb3e
app.launchdarkly.com/sdk/goals/ Frame 0
0 144ms
38ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f072772b5b1880b7229eb3e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 17 Nov 2022 16:07:09 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn4040-HHN
x-timer: S1668701230.829087,VS0,VE1

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJlbXBsb3llZUlkIjoiREVGQVVMVCIsIm9yZ2FuaXphdGlvbiI6IkplZmZlcnNvbiJ9LCJrZXkiOiJKRUZGRVJTT04ifQ
app.launchdarkly.com/sdk/evalx/5f072772b5b1880b7229eb3e/users/ Frame 0
0 142ms
38ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5f072772b5b1880b7229eb3e/users/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJlbXBsb3llZUlkIjoiREVGQVVMVCIsIm9yZ2FuaXphdGlvbiI6IkplZmZlcnNvbiJ9LCJrZXkiOiJKRUZGRVJTT04ifQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 17 Nov 2022 16:07:09 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn4040-HHN
x-timer: S1668701230.829066,VS0,VE1

GET
H2 200 5f072772b5b1880b7229eb3e Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 37ms
37ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f072772b5b1880b7229eb3e

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://jeffersonbenefitsplus.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.26.0
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Thu, 17 Nov 2022 16:07:09 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-hhn4040-HHN
x-timer: S1668701230.867454,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJlbXBsb3llZUlkIjoiREVGQVVMVCIsIm9yZ2FuaXphdGlvbiI6IkplZmZlcnNvbiJ9LCJrZXkiOiJKRUZGRVJTT04ifQ Show response
app.launchdarkly.com/sdk/evalx/5f072772b5b1880b7229eb3e/users/ 20 KB
2 KB 62ms
61ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5f072772b5b1880b7229eb3e/users/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJlbXBsb3llZUlkIjoiREVGQVVMVCIsIm9yZ2FuaXphdGlvbiI6IkplZmZlcnNvbiJ9LCJrZXkiOiJKRUZGRVJTT04ifQ
Requested by: Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6feb822d5636d3d704762f7dbb2a958dd80b02f743d2bd338a45bdeb9fceca6a

Request headers

Referer: https://jeffersonbenefitsplus.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.26.0
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 16:07:09 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 1705
x-served-by: cache-hhn4029-HHN, cache-hhn4040-HHN
x-timer: S1668701230.867461,VS0,VE23
etag: "2310dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

POST
H2 202 5f072772b5b1880b7229eb3e Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 117ms
117ms XHR
application/json 18.205.203.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f072772b5b1880b7229eb3e

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.203.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-203-253.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://jeffersonbenefitsplus.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.26.0
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Nov 2022 16:07:10 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 5f072772b5b1880b7229eb3e
events.launchdarkly.com/events/diagnostic/ Frame 0
0 359ms
117ms Preflight 18.205.203.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f072772b5b1880b7229eb3e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.203.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-203-253.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 17 Nov 2022 16:07:10 GMT
strict-transport-security: max-age=31536000

GET
H2 200 dz17m8b8 Show response
widget.intercom.io/widget/ 18 KB
7 KB 228ms
142ms Script
application/javascript 13.32.27.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/dz17m8b8
Requested by: Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0663f7387f87a3e059cc20437db16115e9f62687cd4a134e8e4a171ceb3d15d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: utHSKGPbY.IT6Goh0fKzU0smxw4cbeeB
content-encoding: gzip
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
date: Thu, 17 Nov 2022 16:04:57 GMT
x-amz-cf-pop: FRA56-C2
age: 136
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6172
last-modified: Thu, 17 Nov 2022 15:47:57 GMT
server: AmazonS3
etag: "04a45075514d212924bdcf0d518f1ab0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: -YU9uU2aoF5lgVkxpnn6PQZXmHVMkifwraWbuCTMeDgIa3pAxU_QFQ==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/ 100 KB
27 KB 743ms
649ms Script
text/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/analytics.min.js
Requested by: Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c63a4280f19ab1acc17f83baf4b53c5be30372cb82bf9b02598ad8c3424b6735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 31UQ6teB4WgDnua.V6BBlxIRNlgBGJTs
content-encoding: br
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
date: Thu, 17 Nov 2022 16:07:11 GMT
x-amz-cf-pop: FRA56-P5
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 20 Oct 2022 19:56:07 GMT
server: AmazonS3
etag: W/"3db8c35f1d4fd77c2c32436434f1cf0c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: Q33S0dKiBNHJrWae2hYuJrKGsN2YP-n1WF51QOvh7SZSuzulVgQmWw==

GET main.e44310f2.css
jeffersonbenefitsplus.com/static/css/ 0
0

GET
H2 200 l
use.typekit.net/af/28158e/00000000000000003b9b4066/27/ 27 KB
27 KB 147ms
37ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/28158e/00000000000000003b9b4066/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vcw7mfs.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 09d305a5a1c4756015b5b0c509dcc3f121a6e9a754a92ed5bacbb5a60899d411

Request headers

Referer: https://use.typekit.net/vcw7mfs.css
Origin: https://jeffersonbenefitsplus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 16:07:10 GMT
server: nginx
etag: "72f47cc4cd2aeefe0b7a3afe57823f9d1af1047c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27196

GET
H2 200 l
use.typekit.net/af/62681e/00000000000000003b9b406a/27/ 29 KB
29 KB 152ms
43ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/62681e/00000000000000003b9b406a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vcw7mfs.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d489b866f669f2f15392d5cdce4b6e23f9e66fd7e0f38155510282f5e68c8ec2

Request headers

Referer: https://use.typekit.net/vcw7mfs.css
Origin: https://jeffersonbenefitsplus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 16:07:10 GMT
server: nginx
etag: "159fcd6e6aa88378b15160b2c3ced3c0d32dbe0c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29384

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 3 KB
2 KB 325ms
36ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

97082533f36ceab3cc0d2a8dac640209c86188cd65d96d5cbdf1a8550f5ce659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://jeffersonbenefitsplus.com/
Origin: https://jeffersonbenefitsplus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 17 Nov 2022 16:07:10 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 507
x-77-nzt: AdRmOLQhQrj/+wEAAA
x-accel-expires: @1668701323
last-modified: Wed, 16 Nov 2022 09:35:41 GMT
server: CDN77-Turbo
etag: W/"6374aeed-bd1"
x-77-nzt-ray: 6d204d11cfef52f22e5c76632a4c0211
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H/1.1 404
Not Found meta.json Show response
jeffersonbenefitsplus.com/ 103 B
265 B 154ms
154ms Fetch
text/html 20.84.192.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffersonbenefitsplus.com/meta.json?1668701229981

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.84.192.234 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/?utm_source=MarketingCloud&utm_medium=Email&utm_campaign=Jefferson_OE_Has_Begun_110822_Email_1_A&utm_content=CTA_Button_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 16:07:10 GMT
Connection: keep-alive
Content-Length: 103
X-Frame-Options: SAMEORIGIN
Content-Type: text/html

GET
H2 200 corestreamLogo.png
cdn2.corestream.com/tenantimages/ 8 KB
8 KB 307ms
39ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/corestreamLogo.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF6) /
Resource Hash: 8444b9e8b675f3c092fd2a17bfe534d34e1d6e7a3a6a8f8201911e4dec391180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:10 GMT
last-modified: Wed, 10 Jun 2020 20:13:27 GMT
server: ECAcc (frc/4CF6)
age: 490052
etag: 0x8D80D7ABC931166
x-cache: HIT
content-type: image/png
x-ms-request-id: cdd506d3-501e-0071-7b29-f6f862000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 7854

GET
H2 200 c88f1372-41b5-4b34-adce-1a39b24d85bb.png
cdn2.corestream.com/tenantimages/ 40 KB
40 KB 931ms
664ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/c88f1372-41b5-4b34-adce-1a39b24d85bb.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 69941568ec6f1d5f72ff335bc23ebfa5572d69411cf1e5654c87fa510c0b4848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:10 GMT
last-modified: Wed, 06 Oct 2021 19:31:43 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hTwiJjZVfzE1hfo3Eul17g==
etag: 0x8D988FFEDA4BDEB
content-type: image/png
x-ms-request-id: 72ec2c59-001e-0087-2f9e-fadf74000000
x-ms-version: 2009-09-19
content-length: 41287

GET
H2 200 Tokens Show response
tenants.corestream.com/Metadata/ 5 KB
1 KB 467ms
218ms XHR
application/json 52.251.124.220
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tenants.corestream.com/Metadata/Tokens
Requested by: Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.251.124.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 021fa51a3fd510ccb151d05e629e9e828df7ed6fb80fd72b7a3795e956f1fcef

Request headers

traceparent: 00-690dbbd2304c4abd95b4e60ab2ed4774-ed80f83980b74fb9-01
accept-language: de-DE,de;q=0.9
TenantName: Jefferson
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Tenant: 8a81295d-ab04-423b-99cd-08d87696b848
Accept: application/json, text/plain, */*
Referer: https://jeffersonbenefitsplus.com/
Request-Id: |690dbbd2304c4abd95b4e60ab2ed4774.ed80f83980b74fb9
Request-Context: appId=cid-v1:36762a49-bcc9-4b3a-a821-3d444bb78b7f

Response headers

date: Thu, 17 Nov 2022 16:07:10 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jeffersonbenefitsplus.com
access-control-allow-credentials: true
x-request-context-data: default,East US 2
request-context: appId=cid-v1:2209bb07-c5f0-4f60-ae87-5510803140a8

POST
H/1.1 200
OK query Show response
tkm2y5kpcd-dsn.algolia.net/1/indexes/offers/ 1 MB
233 KB 147ms
147ms XHR
application/json 23.105.169.67
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://tkm2y5kpcd-dsn.algolia.net/1/indexes/offers/query?x-algolia-agent=Algolia%20for%20JavaScript%20(4.9.1)%3B%20Browser%3B%20JS%20Helper%20(3.7.0)%3B%20react%20(18.2.0)%3B%20react-instantsearch%20(6.12.1)

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.105.169.67 Atlanta, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

b571a8ceb714fd60950da54120e8d2614ad3b3b1ea8f80509307ed9c6893c7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-algolia-application-id: TKM2Y5KPCD
Referer: https://jeffersonbenefitsplus.com/
x-algolia-api-key: b7ce15cdbd93ccb3e6a50523ce8f5693
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 17 Nov 2022 16:07:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 16
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

POST
H/1.1 200
OK queries Show response
tkm2y5kpcd-dsn.algolia.net/1/indexes/*/ 589 KB
123 KB 137ms
136ms XHR
application/json 23.105.169.67
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://tkm2y5kpcd-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.9.1)%3B%20Browser%3B%20JS%20Helper%20(3.7.0)%3B%20react%20(18.2.0)%3B%20react-instantsearch%20(6.12.1)

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.105.169.67 Atlanta, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

de490144bd2a6ee0f852fc14383786b103c045533359d357098277e568f64ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-algolia-application-id: TKM2Y5KPCD
Referer: https://jeffersonbenefitsplus.com/
x-algolia-api-key: b7ce15cdbd93ccb3e6a50523ce8f5693
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 17 Nov 2022 16:07:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 13
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

OPTIONS
H2 204 Tokens
tenants.corestream.com/Metadata/ Frame 0
0 130ms
129ms Preflight 52.251.124.220
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tenants.corestream.com/Metadata/Tokens
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.251.124.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: request-context,request-id,tenant,tenantname,traceparent
Access-Control-Request-Method: GET
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: request-context,request-id,tenant,tenantname,traceparent
access-control-allow-methods: GET
access-control-allow-origin: https://jeffersonbenefitsplus.com
date: Thu, 17 Nov 2022 16:07:10 GMT
request-context: appId=cid-v1:2209bb07-c5f0-4f60-ae87-5510803140a8
vary: Origin
x-powered-by: ASP.NET
x-request-context-data: default,East US 2

OPTIONS
H/1.1 200
OK query
tkm2y5kpcd-dsn.algolia.net/1/indexes/offers/ Frame 0
0 393ms
120ms Preflight
text/plain 23.105.169.67
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.105.169.67 Atlanta, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-algolia-api-key,x-algolia-application-id
Access-Control-Request-Method: POST
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: x-algolia-application-id, connection, origin, x-algolia-api-key, content-type, content-length, x-algolia-signature, x-algolia-user-id, x-algolia-usertoken, x-algolia-tagfilters, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Authorization, Accept, Pragma
Access-Control-Allow-Methods: GET, PUT, DELETE, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=86400
Connection: keep-alive
Content-Disposition: inline; filename=a.txt
Content-Length: 0
Content-Type: text/plain
Date: Thu, 17 Nov 2022 16:07:10 GMT
Expires: Fri, 18 Nov 2022 16:07:10 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff

OPTIONS
H/1.1 200
OK queries
tkm2y5kpcd-dsn.algolia.net/1/indexes/*/ Frame 0
0 392ms
120ms Preflight
text/plain 23.105.169.67
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.105.169.67 Atlanta, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-algolia-api-key,x-algolia-application-id
Access-Control-Request-Method: POST
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: x-algolia-application-id, connection, origin, x-algolia-api-key, content-type, content-length, x-algolia-signature, x-algolia-user-id, x-algolia-usertoken, x-algolia-tagfilters, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Authorization, Accept, Pragma
Access-Control-Allow-Methods: GET, PUT, DELETE, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=86400
Connection: keep-alive
Content-Disposition: inline; filename=a.txt
Content-Length: 0
Content-Type: text/plain
Date: Thu, 17 Nov 2022 16:07:10 GMT
Expires: Fri, 18 Nov 2022 16:07:10 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff

GET
H2 200 3428f3d5-533a-4f3d-9b3d-db317f719f41.jpg
cdn2.corestream.com/tenantimages/ 32 KB
33 KB 811ms
553ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/3428f3d5-533a-4f3d-9b3d-db317f719f41.jpg
Requested by: Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/css/main.e44310f2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a8ce6f4d172b3c04c62371233c2f59f00bf29b1859e8f6d643135a78455194ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:10 GMT
last-modified: Thu, 09 Jun 2022 20:22:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 0j3x9CmA7KLNNGDSzLbJ3A==
etag: 0x8DA4A55D2740183
content-type: image/jpeg
x-ms-request-id: 99da63b0-a01e-004d-309e-fa4cb9000000
x-ms-version: 2009-09-19
content-length: 33190

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJlbXBsb3llZUlkIjoiREVGQVVMVCIsIm9yZ2FuaXphdGlvbiI6IkplZmZlcnNvbiJ9LCJrZXkiOiJKRUZGRVJTT04ifQ
clientstream.launchdarkly.com/eval/5f072772b5b1880b7229eb3e/ 20 KB
0 511ms
259ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5f072772b5b1880b7229eb3e/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJlbXBsb3llZUlkIjoiREVGQVVMVCIsIm9yZ2FuaXphdGlvbiI6IkplZmZlcnNvbiJ9LCJrZXkiOiJKRUZGRVJTT04ifQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://jeffersonbenefitsplus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 16:07:10 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 frame-modern.dfb5ef07.js Show response
js.intercomcdn.com/ Frame 5807 452 KB
123 KB 151ms
43ms Script
application/javascript 99.86.4.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.dfb5ef07.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/dz17m8b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-13.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

13dee7907ab0ecc61c48d429bb431f0953f623a3ca3ee7531618ddd97d1b02cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 15:48:20 GMT
content-encoding: gzip
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-version-id: pCjaitG.Z1QMoQ3TN8yFaIWa9aC6gIaS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 1131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 125692
last-modified: Thu, 17 Nov 2022 15:46:23 GMT
server: AmazonS3
etag: "1b25e66d58c3009d0487a92d01cd239a"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: v0ysi9-Cw6VE8e3W2uqFNmpLIjAJyTF37N7ZLc4P_9EaQH57cuiggg==

GET
H2 200 vendor-modern.a17d109f.js Show response
js.intercomcdn.com/ Frame 5807 236 KB
73 KB 228ms
120ms Script
application/javascript 99.86.4.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.a17d109f.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/dz17m8b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-13.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4442055a14f4686b0eb9e06c56bbd88f535a0f85d8cc9dd23135a321dc7b1448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Cg5LF01xbJRTQEAxf7g_X6jSu9I2UzJO
content-encoding: gzip
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
date: Thu, 17 Nov 2022 15:38:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 1723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74286
last-modified: Thu, 17 Nov 2022 11:38:24 GMT
server: AmazonS3
etag: "4b80ad14b713a3d095ea0b99851cdd1a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: DNWoL-HlD7W6A2BtRmGlCtw_PjadQUgh2bbYTTYqaFJbKNBhS5wxzA==

GET
H2 200 init.325e207f83209573924e.js Show response
web-sdk.smartlook.com/es6/ 52 KB
14 KB 52ms
52ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/es6/init.325e207f83209573924e.js

Requested by

Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

99c5395652f4d870db67793ba36694edc00175ef8ee5fc3abae4e94f5fe7ea50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://jeffersonbenefitsplus.com/
Origin: https://jeffersonbenefitsplus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 17 Nov 2022 16:07:10 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 103710
x-77-nzt: AdRmOLRcc7T/HpUBAA
x-accel-expires: @1700133520
last-modified: Wed, 16 Nov 2022 09:35:41 GMT
server: CDN77-Turbo
etag: W/"6374aeed-cf61"
x-77-nzt-ray: 6d204d11cfef52f22e5c76633eac4713
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 5807 3 KB
2 KB 801ms
544ms XHR
application/json 52.45.168.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.dfb5ef07.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.168.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-168-243.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cd1645380c373f7d0386bc346828512f177347fa2f09dba32d930149b950bebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Nov 2022 16:07:11 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0105828999b935d42
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0001gtu8t6q9tniagni0
x-runtime: 0.396436
server: nginx
etag: W/"cd1645380c373f7d0386bc346828512f"
x-ratelimit-remaining: 13330
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jeffersonbenefitsplus.com
x-intercom-version: 828b742c2aa187707f3c2447bec73f4c419cb7da
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1668701240
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H2 200 vendors~sentry-modern.50d6a167.js Show response
js.intercomcdn.com/ Frame 5807 118 KB
27 KB 39ms
38ms Script
application/javascript 99.86.4.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~sentry-modern.50d6a167.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.dfb5ef07.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-13.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

90e67526b091249da318be7fcfa4ea4c7d7a56c95c1f23401324327810a68015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 15:48:23 GMT
content-encoding: gzip
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-version-id: J.zK4NMBTJgcEtImK8PU11TLg7GLqKKN
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 1128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 27394
last-modified: Thu, 17 Nov 2022 15:46:23 GMT
server: AmazonS3
etag: "3f1ee08715d0117fd1a2c83519cae0a2"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: _-vkz16cvfezDKQ3lilSOlpWbSYl8oBzZPOqpF1Ci_7he3VT5HV79w==

GET
H2 200 sentry-modern.65278fac.js Show response
js.intercomcdn.com/ Frame 5807 3 KB
2 KB 41ms
41ms Script
application/javascript 99.86.4.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/sentry-modern.65278fac.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.dfb5ef07.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-13.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4cd0182ea4a356ddbd4260479f882f9421c764e63db1a67b4529e8d8061292e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 15:48:23 GMT
content-encoding: gzip
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-version-id: FUmUT1My44VQ7rMcmb5YOlkFbaIxh1NF
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 1128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1451
last-modified: Thu, 17 Nov 2022 15:46:23 GMT
server: AmazonS3
etag: "ff6e5784819d7a6cf0219023040ce4b1"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: zHcAqC97vkn0Lj9Y30E9h0Y8BVxs5KawhXM8A72pUYbr6ZyUSSHJGw==

POST
H/1.1 200
OK query Show response
tkm2y5kpcd-dsn.algolia.net/1/indexes/benefit_plans/ 185 KB
31 KB 124ms
124ms XHR
application/json 23.105.169.67
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://tkm2y5kpcd-dsn.algolia.net/1/indexes/benefit_plans/query?x-algolia-agent=Algolia%20for%20JavaScript%20(4.9.1)%3B%20Browser%3B%20JS%20Helper%20(3.7.0)%3B%20react%20(18.2.0)%3B%20react-instantsearch%20(6.12.1)

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.105.169.67 Atlanta, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

4695b0cfdebe23a26fcbc87e45a24ac10a26c62f22e5a8882d265a45a90db6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-algolia-application-id: TKM2Y5KPCD
Referer: https://jeffersonbenefitsplus.com/
x-algolia-api-key: b7ce15cdbd93ccb3e6a50523ce8f5693
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 17 Nov 2022 16:07:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 4
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

OPTIONS
H/1.1 200
OK query
tkm2y5kpcd-dsn.algolia.net/1/indexes/benefit_plans/ Frame 0
0 361ms
120ms Preflight
text/plain 23.105.169.67
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.105.169.67 Atlanta, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-algolia-api-key,x-algolia-application-id
Access-Control-Request-Method: POST
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: x-algolia-application-id, connection, origin, x-algolia-api-key, content-type, content-length, x-algolia-signature, x-algolia-user-id, x-algolia-usertoken, x-algolia-tagfilters, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Authorization, Accept, Pragma
Access-Control-Allow-Methods: GET, PUT, DELETE, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=86400
Connection: keep-alive
Content-Disposition: inline; filename=a.txt
Content-Length: 0
Content-Type: text/plain
Date: Thu, 17 Nov 2022 16:07:10 GMT
Expires: Fri, 18 Nov 2022 16:07:10 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/ 1 KB
1 KB 116ms
41ms XHR
application/json 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/settings
Requested by: Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ae7f66d8699e0bd2fa9e72e171f80386d0e55c1ab01236afd584009b04b629b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: kun2vP..UVKT1eEYUuka3scrP1NHxCrN
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 17 Nov 2022 16:03:00 GMT
x-amz-cf-pop: FRA56-P5
age: 251
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 27 Oct 2022 14:00:05 GMT
server: AmazonS3
etag: W/"7c36d477629c086935d01e3cb541899c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: giwK6XurXOxQTwEd9KJf-qZxAS5IzY-aqNK6Vi3wLDHTgWUPkxs03w==

GET
H2 200 ajs-destination.bundle.69f445038fee7a77bb89.js Show response
cdn.segment.com/analytics-next/bundles/ 8 KB
3 KB 37ms
36ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.69f445038fee7a77bb89.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:24:28 GMT
x-amz-version-id: WI8pOKlyfV9AXZHeowi3JyqzAgSQbg4.
content-encoding: br
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1953763
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 25 Oct 2022 18:25:15 GMT
server: AmazonS3
etag: W/"a92b4438941110932485ba4d769e9fcf"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: mRND_2VmdTirIAdw9tuljeTP1_8m64WUCmNAxy_nPKfINauXVqVwDA==

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 36ms
36ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:10:35 GMT
x-amz-version-id: PLd.pUpm7LMRbNOoL15lZ8ocuYHxqnzt
content-encoding: br
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1086996
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 05 Nov 2022 01:03:42 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: nQhupJIm06dlWISQCmSwKUgDpvuXoFboeK5M9gwR-7-NANdqIvEqSw==

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 38ms
37ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 11:26:49 GMT
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-version-id: 93Sj1E.cRs_JOVEMHMClfQYLj8ysGAbV
x-amz-cf-pop: FRA56-P5
age: 880822
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Mon, 24 Oct 2022 18:48:00 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: i11lVVTwo9JonjFU-p8F90aLThf2knySLckWh6BcJPt_xL4HVbKwQw==

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 41ms
41ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/fpJWnH4V4Dpkx6UAFiIJHIQ7fvzucMdE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 13:27:32 GMT
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-version-id: t.HHEvUZUgxzLKa1tzzXBbRzWu6jUMd.
x-amz-cf-pop: FRA56-P5
age: 614378
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Mon, 24 Oct 2022 18:47:58 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: zKTjvkSkc5vrWGqc7dMS743mccGEq8RiOCPkPW04RJxmHDvQD61XlQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 119ms
37ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 15:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2542
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 17 Nov 2022 17:24:49 GMT

GET
H2 200 c1fbb2a6-8ef0-4c55-967d-931bcfca2780.png
cdn2.test.corestream.com/tenantimages/ 14 KB
14 KB 254ms
50ms Image
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.test.corestream.com/tenantimages/c1fbb2a6-8ef0-4c55-967d-931bcfca2780.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF5) /
Resource Hash: 6b1f7437ebc6da50ed1f22fe4b7fdab7d59a3c3d3bc8e010f1f2453515e0b663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Tue, 15 Jun 2021 20:20:26 GMT
server: ECAcc (frc/4CF5)
content-md5: W21G6TvOByDsC2NbZFBNDg==
age: 64426
etag: 0x8D9303B036A85EA
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: c6b8a752-d01e-00ef-0d08-fa644e000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 14515

GET
H2 200 0dddd4a0-898f-45cd-bcc4-16215839028b.png
cdn2.corestream.com/tenantimages/ 9 KB
10 KB 532ms
531ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/0dddd4a0-898f-45cd-bcc4-16215839028b.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 51f3701e09fe7cb96e184bcfab82432c4278c9e12d4194368d58aae73d36c526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Thu, 07 Oct 2021 12:28:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: neVE8Jqt1wcqG/XgvyBQgA==
etag: 0x8D9898DFAA8B6BC
content-type: image/png
x-ms-request-id: e885cc5e-301e-00a6-7b9e-fab245000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 9707

GET
H2 200 91a5fee6-64fa-4cf6-b34f-e119d0c6b4c1.png
cdn2.corestream.com/tenantimages/ 35 KB
36 KB 42ms
40ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/91a5fee6-64fa-4cf6-b34f-e119d0c6b4c1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C86) /
Resource Hash: 1640ac9e547ec55253fb55cc71c52dcb3fab0402a11512456cac07780cf099aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Thu, 27 Jan 2022 19:56:16 GMT
server: ECAcc (frc/4C86)
content-md5: ALxvTFy9TXJL00M/oq37tw==
age: 85202
etag: 0x8D9E1CF14414B05
x-cache: HIT
content-type: image/png
x-ms-request-id: bad2fad6-b01e-0059-23d8-f98fdd000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 36253

GET
H2 200 76253d1d-1a26-4962-b74d-85a210836a6a.png
cdn2.corestream.com/tenantimages/ 12 KB
13 KB 86ms
85ms Image
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/76253d1d-1a26-4962-b74d-85a210836a6a.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CCB) /
Resource Hash: 7075a54be220273c2b29df534efa786e320ee2b9d2a6d3b8ba107e8f776bf7d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Fri, 06 Aug 2021 12:48:18 GMT
server: ECAcc (frc/4CCB)
content-md5: ARA/G40cLXHYj41nnIW3XQ==
age: 85202
etag: 0x8D958D8774BAC57
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: 8eefeedb-101e-0076-5bd8-f90ee7000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 12677

GET
H2 200 bfc89e05-7714-4d13-84b9-09aa4132c73a.png
cdn2.corestream.com/tenantimages/ 16 KB
16 KB 44ms
43ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/bfc89e05-7714-4d13-84b9-09aa4132c73a.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD9) /
Resource Hash: 19c07c3007e30421f6fc86b1b80ccc1cc394e28d6b1a2c28f5535f4ec0424721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Wed, 31 Aug 2022 16:45:21 GMT
server: ECAcc (frc/4CD9)
content-md5: K++p53dLw3n+BQ7d1nUI/w==
age: 485846
etag: 0x8DA8B7031DA09F9
x-cache: HIT
content-type: image/png
x-ms-request-id: 685fb7d6-001e-0004-6033-f67fd9000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 15918

GET
H2 200 61a13f0f-90d4-4793-b1a1-ba384b91375f.png
cdn2.corestream.com/tenantimages/ 7 KB
7 KB 87ms
85ms Image
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/61a13f0f-90d4-4793-b1a1-ba384b91375f.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB1) /
Resource Hash: e8fa3f56b3710b7f3a1c5f975988cff5dd6edf3d9629bf87266644b1286463f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Thu, 17 Jun 2021 21:19:18 GMT
server: ECAcc (frc/4CB1)
content-md5: wDdqZlcEqLuLGL86qgphqQ==
age: 164666
etag: 0x8D931D5914AAD24
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: 5731fa57-901e-000a-771f-f993d2000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 6867

GET
H2 200 9b10982d-4126-4317-9b3b-39e827a44a2b.png
cdn2.corestream.com/tenantimages/ 25 KB
25 KB 43ms
42ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/9b10982d-4126-4317-9b3b-39e827a44a2b.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C9A) /
Resource Hash: b2965e8e8b5cc098e6ed50a2e6cc67d54c3e22ceadd820002b347c2fbb387c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Mon, 01 Aug 2022 17:59:14 GMT
server: ECAcc (frc/4C9A)
content-md5: MAK0uEx6Dm4coCrfcWZesA==
age: 164666
etag: 0x8DA73E78BC7B09B
x-cache: HIT
content-type: image/png
x-ms-request-id: 5c3b53bb-001e-00a5-501f-f9b142000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 25364

GET
H2 200 53dbaf8e-c788-4387-a0d3-3caeb2f4e925.png
cdn2.corestream.com/tenantimages/ 35 KB
35 KB 43ms
43ms Image
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/53dbaf8e-c788-4387-a0d3-3caeb2f4e925.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C9C) /
Resource Hash: cbe64c8b7c3e9962ca43d70a15da5c1c3b56cfe8ceee33c6bf1b2cbc34dda6b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Wed, 30 Jun 2021 22:23:38 GMT
server: ECAcc (frc/4C9C)
content-md5: DbHeaHF17JtZ3c+BQ7wKsw==
age: 164666
etag: 0x8D93C15B5889C09
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: d003a3cf-b01e-001d-011f-f953b1000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 35865

GET
H2 200 de881522-6678-4aee-ad20-c8eb129cbde4.png
cdn2.corestream.com/tenantimages/ 36 KB
36 KB 85ms
84ms Image
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/de881522-6678-4aee-ad20-c8eb129cbde4.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBA) /
Resource Hash: b8c28af8c7268d7734fd88ad5dc2b02cdda168a3f3ae36ce9a0f482e2ba666bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Thu, 24 Jun 2021 22:05:20 GMT
server: ECAcc (frc/4CBA)
content-md5: eDUmh/GY6xOybNITwPmGxw==
age: 85202
etag: 0x8D9375C28C21E47
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: ff9bd5b9-401e-0065-4ed8-f93b06000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 36677

GET
H2 200 cc9a9a90-4d1b-4bad-9c56-15ea92d6cbf5.png
cdn2.corestream.com/tenantimages/ 32 KB
32 KB 86ms
86ms Image
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.corestream.com/tenantimages/cc9a9a90-4d1b-4bad-9c56-15ea92d6cbf5.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C83) /
Resource Hash: a8676d83bd3d819c150b45d4db63c64002ac2e0c61876d8e482f59ed8f98c437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 16:07:11 GMT
last-modified: Wed, 01 Sep 2021 06:27:32 GMT
server: ECAcc (frc/4C83)
content-md5: ialnOcD8GZ4Pe/2bhYBd4g==
age: 171798
etag: 0x8D96D11949E5C6C
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: f150269f-101e-005f-5a0e-f978a5000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 32892

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 121ms
37ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeffersonbenefitsplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 15:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Nov 2022 16:10:20 GMT

POST
H2 202 5f072772b5b1880b7229eb3e Show response
events.launchdarkly.com/events/bulk/ 0
344 B 350ms
349ms XHR
application/json 18.205.203.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f072772b5b1880b7229eb3e

Requested by

Host: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/js/main.9ac66f44.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.203.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-203-253.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: e5069ba0-6691-11ed-a240-ad41ce8275c4
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json
Referer: https://jeffersonbenefitsplus.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.26.0

Response headers

date: Thu, 17 Nov 2022 16:07:12 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 5f072772b5b1880b7229eb3e
events.launchdarkly.com/events/bulk/ Frame 0
0 117ms
116ms Preflight 18.205.203.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f072772b5b1880b7229eb3e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.203.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-203-253.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://jeffersonbenefitsplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 17 Nov 2022 16:07:11 GMT
strict-transport-security: max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jeffersonbenefitsplus.com
URL: https://jeffersonbenefitsplus.com/static/css/main.e44310f2.css

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jeffersonbenefitsplus.com/	1970-01-20 08:14:53	Name: _upscope__region Value: ImV1LWNlbnRyYWwi
.jeffersonbenefitsplus.com/	1970-01-20 08:14:53	Name: _upscope__shortId Value: Ik1KRU5LQkFQODFTWkJETlpNIg==
jeffersonbenefitsplus.com/	1970-01-20 16:17:17	Name: ai_user Value: GXZai88DB1vnPjKYJOO/Qk\|2022-11-17T16:07:08.711Z
jeffersonbenefitsplus.com/	1970-01-20 07:31:43	Name: ai_session Value: eBFlLv4va3OiYsAUWXM5zO\|1668701228814\|1668701228814
tenants.corestream.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: e42ef1025c4b47db91df135ef80b3584
.jeffersonbenefitsplus.com/	1970-01-20 14:00:31	Name: intercom-id-dz17m8b8 Value: e76b8855-9ee8-4790-8783-aff4da056394
.jeffersonbenefitsplus.com/	1970-01-20 07:41:46	Name: intercom-session-dz17m8b8 Value:
.jeffersonbenefitsplus.com/	1970-01-20 17:07:41	Name: _ga Value: GA1.2.640609860.1668701231
.jeffersonbenefitsplus.com/	1970-01-20 07:33:07	Name: _gid Value: GA1.2.1461644006.1668701231

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jeffersonbenefitsplus.com/meta.json?1668701229981 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
app.launchdarkly.com
cdn.segment.com
cdn2.corestream.com
cdn2.test.corestream.com
click.relay.corestream.com
clientstream.launchdarkly.com
code.upscope.io
dc.services.visualstudio.com
events.launchdarkly.com
jeffersonbenefitsplus.com
js.intercomcdn.com
js.upscope.io
p.typekit.net
tenants.corestream.com
tkm2y5kpcd-dsn.algolia.net
use.typekit.net
web-sdk.smartlook.com
widget.intercom.io
www.google-analytics.com
jeffersonbenefitsplus.com
13.111.234.83
13.32.27.114
13.32.27.62
151.101.66.217
18.205.203.253
18.66.115.169
20.84.192.234
23.105.169.67
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:80e::200e
2a02:26f0:480:f::213:7ec6
2a02:26f0:780::5f65:368a
2a02:6ea0:c700::22
52.236.186.218
52.251.124.220
52.45.168.243
76.223.31.44
99.84.146.27
99.86.4.13
021fa51a3fd510ccb151d05e629e9e828df7ed6fb80fd72b7a3795e956f1fcef
0663f7387f87a3e059cc20437db16115e9f62687cd4a134e8e4a171ceb3d15d4
09d305a5a1c4756015b5b0c509dcc3f121a6e9a754a92ed5bacbb5a60899d411
13dee7907ab0ecc61c48d429bb431f0953f623a3ca3ee7531618ddd97d1b02cf
1640ac9e547ec55253fb55cc71c52dcb3fab0402a11512456cac07780cf099aa
19c07c3007e30421f6fc86b1b80ccc1cc394e28d6b1a2c28f5535f4ec0424721
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
3365ebce53d6725e2a277f7d7b44160f28ab947d74fd10ae776a55de37108613
4442055a14f4686b0eb9e06c56bbd88f535a0f85d8cc9dd23135a321dc7b1448
4695b0cfdebe23a26fcbc87e45a24ac10a26c62f22e5a8882d265a45a90db6a1
4cd0182ea4a356ddbd4260479f882f9421c764e63db1a67b4529e8d8061292e8
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51f3701e09fe7cb96e184bcfab82432c4278c9e12d4194368d58aae73d36c526
53e37a4d7b210269d91469788454d2d41d7093a11dd272d14f1aa7dcd84c93f4
62e4c86b29470cecc3185bed3d42b581a1dc08fba9780dddf3cb153ab7072061
69941568ec6f1d5f72ff335bc23ebfa5572d69411cf1e5654c87fa510c0b4848
6ae7f66d8699e0bd2fa9e72e171f80386d0e55c1ab01236afd584009b04b629b
6b1f7437ebc6da50ed1f22fe4b7fdab7d59a3c3d3bc8e010f1f2453515e0b663
6feb822d5636d3d704762f7dbb2a958dd80b02f743d2bd338a45bdeb9fceca6a
7075a54be220273c2b29df534efa786e320ee2b9d2a6d3b8ba107e8f776bf7d3
77ca9dd9a12818cdd7a00aa215aed42b6cf02f541e8cb4705ac2cf489346ee50
78028cfd6f725c5381daf8f237f6421cd207606f939c38d8eec376d2b649e2a8
7e2c9de5c8f3ce4514952e5f7016a58616f482b411ac182dd7311055bfc293f5
8444b9e8b675f3c092fd2a17bfe534d34e1d6e7a3a6a8f8201911e4dec391180
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
90e67526b091249da318be7fcfa4ea4c7d7a56c95c1f23401324327810a68015
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97082533f36ceab3cc0d2a8dac640209c86188cd65d96d5cbdf1a8550f5ce659
99c5395652f4d870db67793ba36694edc00175ef8ee5fc3abae4e94f5fe7ea50
a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221
a8676d83bd3d819c150b45d4db63c64002ac2e0c61876d8e482f59ed8f98c437
a8ce6f4d172b3c04c62371233c2f59f00bf29b1859e8f6d643135a78455194ca
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b2965e8e8b5cc098e6ed50a2e6cc67d54c3e22ceadd820002b347c2fbb387c62
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b571a8ceb714fd60950da54120e8d2614ad3b3b1ea8f80509307ed9c6893c7d8
b8c28af8c7268d7734fd88ad5dc2b02cdda168a3f3ae36ce9a0f482e2ba666bb
c63a4280f19ab1acc17f83baf4b53c5be30372cb82bf9b02598ad8c3424b6735
cbe64c8b7c3e9962ca43d70a15da5c1c3b56cfe8ceee33c6bf1b2cbc34dda6b7
cd1645380c373f7d0386bc346828512f177347fa2f09dba32d930149b950bebb
d489b866f669f2f15392d5cdce4b6e23f9e66fd7e0f38155510282f5e68c8ec2
dabe97db8cf829f87dab2f4fa5272f4f41ae9caed11fbc8ccb5adc6563af1c27
de490144bd2a6ee0f852fc14383786b103c045533359d357098277e568f64ae4
e0e825b4daa3f7ab650ad54be21830581d2e7948225ab373e46accc735189f85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
e8fa3f56b3710b7f3a1c5f975988cff5dd6edf3d9629bf87266644b1286463f0
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

jeffersonbenefitsplus.com Open in urlscan Pro 20.84.192.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

98 %HTTPS

26 %IPv6

12 Domains

20 Subdomains

19 IPs

3 Countries

1789 kBTransfer

5949 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jeffersonbenefitsplus.com Open in urlscan Pro
20.84.192.234 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

26 %
IPv6

12
Domains

20
Subdomains

19
IPs

3
Countries

1789 kB
Transfer

5949 kB
Size

9
Cookies

61 HTTP transactions
0 data transactions