Submitted URL: https://urldefense.us/v3/__https://click.info.benefeds.gov/?qs=cc1a0b8774fda54f7c4870c13857bf1d28e58799a658597f199abf9...
Effective URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_c...
Submission: On December 19 via manual from US — Scanned from US

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 49 HTTP transactions. The main IP is 2600:141b:9000::6846:79d9, located in Secaucus, United States and belongs to AKAMAI-ASN1 Akamai International B.V., NL. The main domain is www.benefeds.gov. The Cisco Umbrella rank of the primary domain is 463851.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 9th 2024. Valid for: a year.
This is the only time www.benefeds.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.215.95.57 14618 (AMAZON-AES)
1 1 128.17.96.51 14340 (SALESFORCE)
1 1 23.44.111.21 20940 (AKAMAI-AS...)
15 2600:141b:900... 20940 (AKAMAI-AS...)
8 2600:141b:900... 20940 (AKAMAI-AS...)
1 13.33.252.92 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:500... 20940 (AKAMAI-AS...)
3 142.250.80.67 15169 (GOOGLE)
1 18.164.96.87 16509 (AMAZON-02)
1 2600:141b:1c0... 20940 (AKAMAI-AS...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:251... 16509 (AMAZON-02)
1 52.49.166.168 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 54.228.103.19 16509 (AMAZON-02)
1 2600:1f18:445... 14618 (AMAZON-AES)
49 16
Apex Domain
Subdomains
Transfer
25 benefeds.gov
click.info.benefeds.gov
benefeds.gov — Cisco Umbrella Rank: 381839
www.benefeds.gov — Cisco Umbrella Rank: 463851
cdn.benefeds.gov — Cisco Umbrella Rank: 516264
871 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
5 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
403 KB
3 gstatic.com
fonts.gstatic.com
64 KB
2 pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 6761
rum-collector-2.pingdom.net — Cisco Umbrella Rank: 6318
3 KB
2 levelaccess.net
cdn.levelaccess.net — Cisco Umbrella Rank: 18421
api.levelaccess.net — Cisco Umbrella Rank: 27092
62 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1652
c.go-mpulse.net — Cisco Umbrella Rank: 782
50 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
62 KB
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 5577
171 B
1 digitalgov.gov
dap.digitalgov.gov — Cisco Umbrella Rank: 4680
9 KB
1 urldefense.us
urldefense.us — Cisco Umbrella Rank: 200123
362 B
49 12
Domain Requested by
17 cdn.benefeds.gov www.benefeds.gov
cdn.benefeds.gov
6 www.benefeds.gov www.benefeds.gov
5 fonts.googleapis.com cdn.benefeds.gov
4 www.google-analytics.com cdn.benefeds.gov
www.googletagmanager.com
4 www.googletagmanager.com www.benefeds.gov
dap.digitalgov.gov
www.googletagmanager.com
3 fonts.gstatic.com fonts.googleapis.com
1 api.levelaccess.net cdn.benefeds.gov
1 rum-collector-2.pingdom.net cdn.benefeds.gov
1 rum-static.pingdom.net www.benefeds.gov
1 cdn.levelaccess.net www.benefeds.gov
1 content.hotjar.io cdn.benefeds.gov
1 dap.digitalgov.gov cdn.benefeds.gov
1 c.go-mpulse.net s.go-mpulse.net
1 script.hotjar.com static.hotjar.com
1 s.go-mpulse.net www.benefeds.gov
1 static.hotjar.com www.benefeds.gov
1 benefeds.gov 1 redirects
1 click.info.benefeds.gov 1 redirects
1 urldefense.us 1 redirects
49 19

This site contains links to these domains. Also see Links.

Domain
www.opm.gov
ltcfeds.gov
fsafeds.gov
Subject Issuer Validity Valid
benefeds.gov
DigiCert SHA2 Extended Validation Server CA
2024-07-09 -
2025-06-14
a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2024-07-31 -
2025-07-31
a year crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
dap.digitalgov.gov
Amazon RSA 2048 M03
2024-06-06 -
2025-07-05
a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-01-31 -
2025-03-01
a year crt.sh
cdn.levelaccess.net
Amazon RSA 2048 M02
2024-10-30 -
2025-11-28
a year crt.sh
pingdom.net
WE1
2024-11-10 -
2025-02-09
3 months crt.sh
*.pingdom.net
Amazon RSA 2048 M03
2024-10-22 -
2025-11-19
a year crt.sh
api.levelaccess.net
Amazon RSA 2048 M02
2024-10-31 -
2025-11-28
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Frame ID: BB75E729B761DBE08FE69ED1D7D062F5
Requests: 47 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/WSGB4-VXKGY-7AGQY-B8E8W-QG6KS
Frame ID: 03FC147DF39C2879ED792ADAE12C57B6
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

General | BENEFEDS

Page URL History Show full URLs

  1. https://urldefense.us/v3/__https://click.info.benefeds.gov/?qs=cc1a0b8774fda54f7c4870c13857bf1d28e... HTTP 302
    https://click.info.benefeds.gov/?qs=cc1a0b8774fda54f7c4870c13857bf1d28e58799a658597f199abf9bb798e70f33321f37... HTTP 302
    https://benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaig... HTTP 301
    https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaig... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • backbone.*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

49
Requests

100 %
HTTPS

58 %
IPv6

12
Domains

19
Subdomains

16
IPs

2
Countries

1550 kB
Transfer

6025 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urldefense.us/v3/__https://click.info.benefeds.gov/?qs=cc1a0b8774fda54f7c4870c13857bf1d28e58799a658597f199abf9bb798e70f33321f370af3ffe2d007ea77bdff546a465467b1e91fba88__;!!KqHkvX73pqX_nKKjCLk!F273jfrLnyEyYsWcz5PTQQQ4jBeoesaRR4S_p8eHK1JuQpK9BCahPFiycJYTM4W5Qibs5l0Q1pLvbqRNLscY6xMjTe63$ HTTP 302
    https://click.info.benefeds.gov/?qs=cc1a0b8774fda54f7c4870c13857bf1d28e58799a658597f199abf9bb798e70f33321f370af3ffe2d007ea77bdff546a465467b1e91fba88 HTTP 302
    https://benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button HTTP 301
    https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request employees-welcome
www.benefeds.gov/general/
Redirect Chain
  • https://urldefense.us/v3/__https://click.info.benefeds.gov/?qs=cc1a0b8774fda54f7c4870c13857bf1d28e58799a658597f199abf9bb798e70f33321f370af3ffe2d007ea77bdff546a465467b1e91fba88__;!!KqHkvX73pqX_nKKjC...
  • https://click.info.benefeds.gov/?qs=cc1a0b8774fda54f7c4870c13857bf1d28e58799a658597f199abf9bb798e70f33321f370af3ffe2d007ea77bdff546a465467b1e91fba88
  • https://benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
  • https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
7 KB
4 KB
Document
General
Full URL
https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
c393254c8ad7aec8e8a614096aee273eba8bd73e8287bf01bc608d98c49a68d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
none
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, max-age=0
content-encoding
gzip
content-length
3074
content-security-policy
frame-ancestors 'self';
content-type
text/html
date
Thu, 19 Dec 2024 15:29:39 GMT
last-modified
Fri, 13 Dec 2024 00:00:30 GMT
server-timing
cdn-cache; desc=MISS edge; dur=243 origin; dur=60 ak_p; desc="1734622179342_1749449173_419927132_30269_39694_60_214_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-akamai-transformed
9 1324 0 pmb=mRUM,2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Thu, 19 Dec 2024 15:29:39 GMT
location
https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
server
AkamaiGHost
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1734622178971_388810901_382881068_21_10214_67_78_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
uswds-init.min.js
www.benefeds.gov/assets/uswds/js/
349 B
718 B
Script
General
Full URL
https://www.benefeds.gov/assets/uswds/js/uswds-init.min.js
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
a602434d1edf45f9766b56be9ccb4c62be3e98ee07aa958f6784b56ce1b648cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button

Response headers

access-control-max-age
86400
content-encoding
br
etag
"15d-624886e1180e8"
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:29:40 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1734622179998_1749449173_419927527_2252_15998_60_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
application/x-javascript
last-modified
Fri, 13 Dec 2024 00:55:50 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-security-policy
frame-ancestors 'self';
cache-control
no-cache
access-control-allow-credentials
false
accept-ranges
none
access-control-allow-origin
*
content-length
190
server
Akamai Resource Optimizer
styles.css
cdn.benefeds.gov/
1 MB
140 KB
Stylesheet
General
Full URL
https://cdn.benefeds.gov/styles.css
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
3d108675b582bc4f0fd6c0cadb104c990c0bf3dac6bfafbcc8357d67f94930d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"2d0a00fa4cec28c27331e90382383001:1734049839.980648"
access-control-allow-methods
GET,POST
expires
Sun, 22 Dec 2024 04:10:33 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1734622180008_1749449173_419927553_349_12535_60_0_255";dur=1
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
text/css
last-modified
Fri, 13 Dec 2024 09:04:07 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=218453
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
142403
server
Akamai Resource Optimizer
uswds.min.js
www.benefeds.gov/assets/uswds/js/
86 KB
23 KB
Script
General
Full URL
https://www.benefeds.gov/assets/uswds/js/uswds.min.js
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
9f58ddc860fd05257edb05652c075f26a53cfa127465d2593dc42f595cb8d141
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button

Response headers

access-control-max-age
86400
content-encoding
br
etag
"157dc-624886e123880"
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:29:39 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1734622179982_1749449173_419927528_217_13554_60_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:39 GMT
content-type
application/x-javascript
last-modified
Fri, 13 Dec 2024 02:27:18 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-security-policy
frame-ancestors 'self';
cache-control
no-cache
access-control-allow-credentials
false
accept-ranges
none
access-control-allow-origin
*
content-length
22694
server
Akamai Resource Optimizer
runtime.js
cdn.benefeds.gov/
3 KB
2 KB
Script
General
Full URL
https://cdn.benefeds.gov/runtime.js
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79a1 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
75b72994bc43d8c9be1a5d2b1328df1fb8d9b7d49f282314639f9a81977f6a2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"ab2ee5923bd56ae88d2326336554e666:1734049835.446853"
access-control-allow-methods
GET,POST
expires
Thu, 26 Dec 2024 10:47:24 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1734622180073_1749449117_429295187_875_26224_60_184_219";dur=1
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
application/x-javascript
last-modified
Fri, 13 Dec 2024 03:33:30 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=587864
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
1312
server
Akamai Resource Optimizer
polyfills.js
cdn.benefeds.gov/
139 KB
43 KB
Script
General
Full URL
https://cdn.benefeds.gov/polyfills.js
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79a1 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
08779c34624ebef96c561b7a0937a807da347c9d6480fb018eec63b0d430fe5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"865595ec52d80061b89b1bb5093b57e5:1734049831.404133"
access-control-allow-methods
GET,POST
expires
Fri, 20 Dec 2024 07:28:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=15, ak_p; desc="1734622180258_1749449117_429295189_1433_14745_60_184_219";dur=1
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
application/x-javascript
last-modified
Fri, 13 Dec 2024 03:14:39 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=57528
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
43774
server
Akamai Resource Optimizer
scripts.js
cdn.benefeds.gov/
164 KB
52 KB
Script
General
Full URL
https://cdn.benefeds.gov/scripts.js
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
79a3e81b476e1e86c590d55d4841f15632817b28073c403d746cf6eed4a9eef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"e6727ffe5facb581e6a5086f37caace0:1734049835.980429"
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:41:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=38, origin; dur=0, ak_p; desc="1734622180750_1749449173_419928134_3868_11924_66_0_146";dur=1
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
application/x-javascript
last-modified
Fri, 13 Dec 2024 00:30:36 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=712
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
server
AkamaiNetStorage
main.js
cdn.benefeds.gov/
2 MB
467 KB
Script
General
Full URL
https://cdn.benefeds.gov/main.js
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79a1 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6118c2c8cef04bc9ee2b9088d53227800b123b16d4586f7e79696f7a4efc6896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"e0f12d8631d093a1317a62a9fd2666a8:1734049822.54114"
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:34:04 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=159, origin; dur=0, ak_p; desc="1734622180343_1749449117_429295188_24524_19482_60_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
application/x-javascript
last-modified
Fri, 13 Dec 2024 00:30:22 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=264
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
server
AkamaiNetStorage
hotjar-2263480.js
static.hotjar.com/c/
17 KB
7 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2263480.js?sv=6
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.252.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-252-92.jfk50.r.cloudfront.net
Software
/
Resource Hash
dc09d3b4027fa07835f3c0b5357f213fcac5a13fadf8185af82fe37c87df63de
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

content-encoding
br
etag
W/d3000c0e8485184b5ecf4f7512bdfcc1
age
16
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
-SzS2P36KbeLzHWAbkTzI3Q4DcI8QVrZpxdJbbSZUcs9M3Mv6JF3sA==
date
Thu, 19 Dec 2024 15:29:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 2bfd6688fc2f119397b69ac2ba4187b8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P10
css
fonts.googleapis.com/
23 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
43fc587d4c7860e824a47a42fc2b758455429aaf36b6eeb270d7cfb6a8975c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn.benefeds.gov/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 15:29:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 19 Dec 2024 13:59:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,500,700
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afca11db454eedaada10325ffbae12d670cfa00926f3cf91388da29a39dc031d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn.benefeds.gov/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 15:29:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 19 Dec 2024 14:30:32 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
10 KB
936 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Quicksand:400,500,700|Roboto:300,400,700
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f7a3fc042c90888f6063f0a2df950fc6fdcb50a0bea63a6828b0094ac53c3b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn.benefeds.gov/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 15:29:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 19 Dec 2024 15:15:52 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
11 KB
928 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,300,500,700
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76e3ba94294fc7c0add391ecb751950e1024527aba457e52621277c790f81264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn.benefeds.gov/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 15:29:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 19 Dec 2024 15:29:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
WSGB4-VXKGY-7AGQY-B8E8W-QG6KS
s.go-mpulse.net/boomerang/ Frame 03FC
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/WSGB4-VXKGY-7AGQY-B8E8W-QG6KS
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000:697::11a6 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

cache-control
max-age=604800
timing-allow-origin
*
content-encoding
br
customappheader
mpulse-ab-boomr__git__361fdb1__git__361fdb1__p19.alsi10-lite
content-length
50393
date
Thu, 19 Dec 2024 15:29:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Sep 2024 10:59:22 GMT
vary
Accept-Encoding
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://fonts.googleapis.com/

Response headers

age
97508
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 12:24:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 12:24:32 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
916.js
cdn.benefeds.gov/
1 KB
1 KB
Script
General
Full URL
https://cdn.benefeds.gov/916.js
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79a1 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
6b19bc09556c858d187a9f7002b81ae37a029b4e37442d7e6c6ec991136802d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"14154dc1322e25ea2c24bfe881ced3ce:1734049797.860526"
access-control-allow-methods
GET,POST
expires
Fri, 20 Dec 2024 06:43:23 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1734622181187_1749449117_429296052_376_11430_60_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
application/x-javascript
last-modified
Fri, 13 Dec 2024 06:42:09 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=54822
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
697
server
Akamai Resource Optimizer
modules.60031afbf51fb3e88a5b.js
script.hotjar.com/
223 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2263480.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

x-robots-tag
none
content-encoding
br
etag
"b4a1a7933e55e780894c3f39b1aca0b4"
age
99514
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
yG8a0lsiqueefVlZ4gq9lMRpQaMwrH0MvESVZiV921avUKJwpYdOvA==
date
Wed, 18 Dec 2024 11:51:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 18 Dec 2024 11:50:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 52143757d25f4b31ebf04bc09765f6c0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56408
x-amz-cf-pop
JFK50-P5
config.json
c.go-mpulse.net/api/ Frame 03FC
52 B
215 B
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=WSGB4-VXKGY-7AGQY-B8E8W-QG6KS&d=www.benefeds.gov&t=5782074&v=1.720.0&if=&sl=0&si=0afddd92-c193-4ded-8ec4-cb84debb51eb-soqz1e&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=1090348
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/WSGB4-VXKGY-7AGQY-B8E8W-QG6KS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:986::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
16d5310e8589990341a39692f2c4fdf7d08ea6c861537361ec18d78215c69815

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

access-control-allow-origin
*
cache-control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
content-length
52
alt-svc
h3=":443"; ma=93600
timing-allow-origin
*
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
application/json
gtm.js
www.googletagmanager.com/
303 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MD6FGFZ
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e96163d3964923f8112d11a9c2d405edd81cec454bb7a374ec3bd19b9856d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 19 Dec 2024 15:29:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 19 Dec 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95798
x-xss-protection
0
server
Google Tag Manager
Universal-Federated-Analytics-Min.js
dap.digitalgov.gov/
27 KB
9 KB
Script
General
Full URL
https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=OPM
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:800:5:83ea:ba80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bc206976abfbc9d91756721beb17a970658393af36df6ecdbd846c5cc5e37aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

content-encoding
gzip
x-amz-version-id
dJcA128lhKr9EuuLihZMyl_tUYWcFDua
etag
W/"f73c48fb5f579105089391d9caf10112"
age
61941
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
AvaSPgXTVDWZo-QWohofnYqsQJVDcsT-_j4iEGAc4D0v89_DsiNepA==
date
Wed, 18 Dec 2024 22:17:21 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Thu, 07 Nov 2024 18:23:01 GMT
x-amz-replication-status
COMPLETED
via
1.1 2dd59b0ea355cb92a87e9e385032622a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
icon
fonts.googleapis.com/
569 B
463 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 15:29:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 19 Dec 2024 15:29:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
employees-welcome.html
cdn.benefeds.gov/assets/landing-pages/
6 KB
2 KB
XHR
General
Full URL
https://cdn.benefeds.gov/assets/landing-pages/employees-welcome.html
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79a1 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d0829a6bc6ae06d2d750b43024978162df0a02cc150ce185c4e17f2440c46bd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"7d2c14578802a727ab3430ef1761c771:1734050463.753786"
access-control-allow-methods
GET,POST
x-akamai-transformed
9 - 0 pmb=mRUM,2
expires
Thu, 26 Dec 2024 04:43:56 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1734622181331_1749449117_429296160_665_11501_60_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
text/html
last-modified
Fri, 13 Dec 2024 00:41:03 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=566055
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
1515
server
AkamaiNetStorage
BENEFEDS_logo.svg
cdn.benefeds.gov/assets/img/
4 KB
2 KB
Image
General
Full URL
https://cdn.benefeds.gov/assets/img/BENEFEDS_logo.svg
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d3bd916349dd20587764a43580c9dacbb6b040d52e8fb32530c4a1a5fcd492e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"6482bee0a184b119938d79d71f57cffd:1734050230.116015"
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:43:13 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=28, origin; dur=0, ak_p; desc="1734622181336_1749449173_419928486_3073_10233_61_0_146";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
image/svg+xml
last-modified
Fri, 13 Dec 2024 00:37:10 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=812
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
1635
server
AkamaiNetStorage
us_flag_small.png
cdn.benefeds.gov/assets/uswds/img/
244 B
721 B
Image
General
Full URL
https://cdn.benefeds.gov/assets/uswds/img/us_flag_small.png
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0df7495a6fa6758f84f4945cfd2e8681fe6c914fb1d3caf46703981a00fca59f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
etag
"ab5090f5b92619c69a7dd2e2ee05b3e5:1727738918.628509"
access-control-allow-methods
GET,POST
expires
Tue, 31 Dec 2024 16:14:45 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1734622181334_1749449173_419928487_212_15693_61_0_146";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
last-modified
Thu, 10 Oct 2024 00:59:06 GMT
content-type
image/png
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
private, no-transform, max-age=1039504
access-control-allow-credentials
false
access-control-allow-origin
*
content-length
244
x-serial
975
server
Akamai Image Manager
icon-dot-gov.svg
cdn.benefeds.gov/assets/uswds/img/
633 B
1 KB
Image
General
Full URL
https://cdn.benefeds.gov/assets/uswds/img/icon-dot-gov.svg
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d0228750c35aa8389308c85c3cd6a2175b5fdb950c4f048d731e05d3075cda15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
etag
"ea3237dd9e7f4f959299bc2cf6b61356:1734050506.020511"
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:31:27 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=392, origin; dur=0, ak_p; desc="1734622181371_1749449173_419928488_43026_13364_60_0_146";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
image/svg+xml
last-modified
Fri, 13 Dec 2024 00:41:46 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=106
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
633
server
AkamaiNetStorage
icon-https.svg
cdn.benefeds.gov//assets/uswds/img/
720 B
814 B
Image
General
Full URL
https://cdn.benefeds.gov//assets/uswds/img/icon-https.svg
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"73abd86624ca4c09a380e14d5f60e258:1734050506.191928"
access-control-allow-methods
GET,POST
expires
Thu, 26 Dec 2024 09:54:13 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1734622181334_1749449173_419928489_205_10965_61_0_146";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
image/svg+xml
last-modified
Fri, 13 Dec 2024 02:42:50 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=584672
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
347
server
Akamai Resource Optimizer
fehb_logo_gray.png
cdn.benefeds.gov/assets/img/
4 KB
4 KB
Image
General
Full URL
https://cdn.benefeds.gov/assets/img/fehb_logo_gray.png
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1204720d34f57993876360c4e5e45753ea5243eec0303ae3ba5d9de8b54e2384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
etag
"d4ed45fe09024ae05acda71126192f10:1730767310.090958"
access-control-allow-methods
GET,POST
expires
Tue, 31 Dec 2024 19:55:18 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=39, ak_p; desc="1734622181353_1749449173_419928490_5988_14553_61_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
last-modified
Tue, 05 Nov 2024 18:48:55 GMT
content-type
image/avif
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
private, no-transform, max-age=1052737
access-control-allow-credentials
false
access-control-allow-origin
*
content-length
4057
x-serial
1521
server
Akamai Image Manager
fedpoint-logo-reg-white.svg
cdn.benefeds.gov/assets/img/
4 KB
2 KB
Image
General
Full URL
https://cdn.benefeds.gov/assets/img/fedpoint-logo-reg-white.svg
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f72c2b8552f572576817bbca6f675f1e6f02b401f9ee750727376138412db9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"f225f4eef0b0fc1a98c4ccebaefc5053:1734050236.574689"
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:31:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=47, origin; dur=0, ak_p; desc="1734622181334_1749449173_419928491_4791_11055_61_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
image/svg+xml
last-modified
Fri, 13 Dec 2024 00:37:16 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=79
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
1704
server
AkamaiNetStorage
expand_more.svg
cdn.benefeds.gov/
145 B
637 B
Image
General
Full URL
https://cdn.benefeds.gov/expand_more.svg
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79a1 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bc1d8378c2d4dabf3610d8a07fddfe50991d9662c991188b6ed0f7e13aaeea0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://cdn.benefeds.gov/styles.css

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"868144ec91698ab27ec3bdf5f107ef93:1734049808.161133"
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:32:08 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=64, origin; dur=0, ak_p; desc="1734622181349_1749449117_429296176_6457_13410_60_0_146";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
image/svg+xml
last-modified
Fri, 13 Dec 2024 00:30:08 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=147
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
141
server
AkamaiNetStorage
fa-solid-900.woff2
cdn.benefeds.gov/
73 KB
73 KB
Font
General
Full URL
https://cdn.benefeds.gov/fa-solid-900.woff2
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79a1 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://cdn.benefeds.gov/styles.css

Response headers

access-control-max-age
86400
etag
"462806316fea535a6a57651bc2b000b0:1734049810.519285"
access-control-allow-methods
GET,POST
expires
Thu, 26 Dec 2024 08:03:51 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="1734622181414_1749449117_429296182_5763_15266_60_0_255";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
font/woff2
last-modified
Fri, 13 Dec 2024 00:30:10 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=578050
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
74348
server
AkamaiNetStorage
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://fonts.googleapis.com/

Response headers

age
526875
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 13:08:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 13:08:26 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
sourcesanspro-regular-webfont.woff2
cdn.benefeds.gov/
20 KB
21 KB
Font
General
Full URL
https://cdn.benefeds.gov/sourcesanspro-regular-webfont.woff2
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79a1 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://cdn.benefeds.gov/styles.css

Response headers

access-control-max-age
86400
etag
"d67b548b833d70dda3779916f5415e7e:1734049839.62167"
access-control-allow-methods
GET,POST
expires
Thu, 26 Dec 2024 08:04:52 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1734622181363_1749449117_429296183_205_13411_60_0_255";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
font/woff2
last-modified
Fri, 13 Dec 2024 00:30:39 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=578111
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
20540
server
AkamaiNetStorage
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:400,500,700|Roboto:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefeds.gov
Referer
https://fonts.googleapis.com/

Response headers

age
527671
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 12:55:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 12:55:10 GMT
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
28064
x-xss-protection
0
server
sffe
image_employees_welcome.svg
www.benefeds.gov/assets/img/
36 KB
12 KB
Image
General
Full URL
https://www.benefeds.gov/assets/img/image_employees_welcome.svg
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
44081ca18acab80d3ad988d7858ff7834445a07236cb614e67465153a13a4f00
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button

Response headers

access-control-max-age
86400
content-encoding
br
etag
"915a-60bc88ec922d8"
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:29:41 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1734622181493_1749449173_419928576_1402_10625_60_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
image/svg+xml
last-modified
Fri, 13 Dec 2024 14:08:54 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-security-policy
frame-ancestors 'self';
cache-control
no-cache
access-control-allow-credentials
false
accept-ranges
none
access-control-allow-origin
*
content-length
11875
server
Akamai Resource Optimizer
wellness.svg
www.benefeds.gov/assets/img/wellness/
42 KB
14 KB
Image
General
Full URL
https://www.benefeds.gov/assets/img/wellness/wellness.svg
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
adce1618a96411932b333ee43250771e34b11d015a07d312d4e6dd195c9d6012
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"a7a9-6262cd69bcc18"
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:29:41 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=33, origin; dur=0, ak_p; desc="1734622181491_1749449173_419928577_4319_11992_60_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
last-modified
Tue, 05 Nov 2024 16:24:41 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-security-policy
frame-ancestors 'self';
cache-control
no-cache
access-control-allow-credentials
false
accept-ranges
none
access-control-allow-origin
*
content-length
13771
image-back-light-blue.svg
cdn.benefeds.gov/
970 B
867 B
Image
General
Full URL
https://cdn.benefeds.gov/image-back-light-blue.svg
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
8b711389e5b6edefa2ca920a59214bc4e1c3df5ee15f0e417743610900a42c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn.benefeds.gov/styles.css

Response headers

access-control-max-age
86400
content-encoding
br
etag
"33022772299f66ad94dd3d6b1f0be39b:1734049819.337314"
access-control-allow-methods
GET,POST
expires
Thu, 26 Dec 2024 08:53:45 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=11, ak_p; desc="1734622181481_1749449173_419928578_1175_11573_60_0_146";dur=1
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
image/svg+xml
last-modified
Fri, 13 Dec 2024 01:41:21 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=581044
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
399
server
Akamai Resource Optimizer
/
content.hotjar.io/
56 B
171 B
XHR
General
Full URL
https://content.hotjar.io/?site_id=2263480&gzip=1
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.49.166.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-166-168.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e8225a3cbed834d100e58a406d5a988550beb2cdc2641ef2fa7c19dd0418a737

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://www.benefeds.gov/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Thu, 19 Dec 2024 15:29:42 GMT
content-type
application/json
js
www.googletagmanager.com/gtag/
287 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L
Requested by
Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=OPM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3b448352fa703e1aefaec8ce297d6461e76dfa7ad01e93bc3d0a216ad03d18f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 19 Dec 2024 15:29:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101305
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
341 KB
111 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RH0BNJH7GX&l=dataLayer&cx=c&gtm=45He4cc1v9100289298za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MD6FGFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
411ec5f376a0b6f048eb064f5021e2f9ed8d742810a5cd96872e477f927f5bce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 19 Dec 2024 15:29:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
113268
x-xss-protection
0
server
Google Tag Manager
access.js
cdn.levelaccess.net/accessjs/YW1wMTEwMg/
460 KB
62 KB
Script
General
Full URL
https://cdn.levelaccess.net/accessjs/YW1wMTEwMg/access.js
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:6600:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f29c965f027e6b57a918db7b2b124685f4843d6cc4ff0222bb231a15be7fb3bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

Content-Encoding
gzip
x-amz-version-id
TXT1wWWpplbXUgP2rd8Tg8TYyNFhsvaR
ETag
"ed37b801a6e70fc37360883aa62be0c7"
Age
15
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
TYRovIuwy5nQ8OS6CuV39trKmw8ZIlQvpmSzHXxP_-moAVO7SmJxjg==
Date
Thu, 19 Dec 2024 15:29:27 GMT
Content-Type
application/javascript
Vary
accept-encoding
Last-Modified
Wed, 08 May 2024 18:45:36 GMT
x-amz-replication-status
COMPLETED
Cache-Control
max-age=900
Connection
keep-alive
Via
1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
62602
X-Amz-Cf-Pop
JFK52-P4
Server
AmazonS3
x-amz-server-side-encryption
AES256
pa-5a819fec4c407700070001e0.js
rum-static.pingdom.net/
6 KB
3 KB
Script
General
Full URL
https://rum-static.pingdom.net/pa-5a819fec4c407700070001e0.js
Requested by
Host: www.benefeds.gov
URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c737790501e600c955b50b25011f541382ac5c7d8cffcd140810b3f948b6725

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

cache-control
max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"63490024-1852"
age
137
cf-ray
8f486dfc2bcda51e-MIA
expires
Thu, 19 Dec 2024 15:32:24 GMT
access-control-allow-origin
*
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 14 Oct 2022 06:22:28 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
287 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L&l=dataLayer&cx=c&gtm=45He4cc1v9100289298za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MD6FGFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b6ea768acbc382ad115136d673a622a525c7ac4ae0d4315f80df9c7103e639c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 19 Dec 2024 15:29:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101405
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je4cc1v9131934939za200zb9100289298&_p=1734622181253&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=935526087.1734622182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.benefeds.gov%2Fgeneral%2Femployees-welcome%3Futm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D2024-os-em6e%26utm_content%3Dbutton&dt=General%20%7C%20BENEFEDS&sid=1734622181&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.agency=OPM&ep.subagency=BENEFEDS.GOV&ep.site_topic=unspecified%3Abenefeds.gov&ep.site_platform=unspecified%3Abenefeds.gov&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20240711%20v8.4%20-%20ga4&ep.protocol=https%3A&ep.using_parallel_tracker=no&tfd=3518
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.benefeds.gov
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:42 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RH0BNJH7GX&gtm=45je4cc1v9100232339z89100289298za200zb9100289298&_p=1734622181253&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=935526087.1734622182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734622181&sct=1&seg=0&dl=https%3A%2F%2Fwww.benefeds.gov%2Fgeneral%2Femployees-welcome%3Futm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D2024-OS-EM6E%26utm_content%3Dbutton&dt=General%20%7C%20BENEFEDS&en=page_view&_fv=1&_ss=1&tfd=3598
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.benefeds.gov
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:42 GMT
content-type
text/plain
server
Golfe2
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MD6FGFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

content-encoding
gzip
age
3361
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 16:33:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:33:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
favicon.ico
www.benefeds.gov/
15 KB
4 KB
Other
General
Full URL
https://www.benefeds.gov/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::6846:79d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
a5e9b982749cc7d1c9a665c6a325e316a397796ba4d9ef73df33e248ba3063f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"3c2e-5f211a7ebca98"
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
expires
Thu, 19 Dec 2024 15:29:42 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1734622182129_1749449173_419928973_506_14797_60_0_219";dur=1
date
Thu, 19 Dec 2024 15:29:42 GMT
last-modified
Thu, 12 Jan 2023 14:08:49 GMT
content-type
image/x-icon
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
*
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-security-policy
frame-ancestors 'self';
cache-control
no-cache
access-control-allow-credentials
false
accept-ranges
none
access-control-allow-origin
*
content-length
3781
beacon.gif
rum-collector-2.pingdom.net/img/
0
213 B
XHR
General
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5a819fec4c407700070001e0&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=938&cE=1179&dLE=938&dLS=785&fS=784&hS=1000&rE=-1&rS=-1&reS=1179&resS=1619&resE=1622&uEE=-1&uES=-1&dL=1635&dI=2465&dCLES=2837&dCLEE=2839&dC=3698&lES=3698&lEE=3701&s=nt&title=General%20%7C%20BENEFEDS&path=https%3A%2F%2Fwww.benefeds.gov%2Fgeneral%2Femployees-welcome&ref=&sId=r52gk91h&sST=1734622182&sIS=1&rV=0&v=1.4.1
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.103.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-103-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefeds.gov/

Response headers

Expires
0
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
0
Date
Thu, 19 Dec 2024 15:29:42 GMT
Pragma
no-cache
Connection
keep-alive
collect
www.google-analytics.com/j/
3 B
306 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=95508397&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefeds.gov%2Fgeneral%2Femployees-welcome%3Futm_source%3Dsalesforce%26utm_medium%3Demail%26utm_campaign%3D2024-OS-EM6E%26utm_content%3Dbutton&ul=en-us&de=UTF-8&dt=General%20%7C%20BENEFEDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1596215725&gjid=236022441&cid=935526087.1734622182&tid=UA-63538248-10&_gid=1151239.1734622182&_r=1&_slc=1&gtm=45He4cc1n81MD6FGFZv9100289298za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1472148084
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.benefeds.gov/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:29:42 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.benefeds.gov
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
results
api.levelaccess.net/analytics/3.0/
0
322 B
XHR
General
Full URL
https://api.levelaccess.net/analytics/3.0/results
Requested by
Host: cdn.benefeds.gov
URL: https://cdn.benefeds.gov/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4457:4601:b03a:d9e0:9fef:5bb7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.benefeds.gov/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
date
Thu, 19 Dec 2024 15:29:44 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| hj object| _hjSettings string| __theme boolean| hasBeencalled function| dataPush object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart boolean| uswdsPresent object| webpackChunkFEDPOINT_app function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononscrollsnapchangepatched boolean| __zone_symbol__ononscrollsnapchangingpatched function| __zone_symbol__queueMicrotask boolean| __Zone_disable_requestAnimationFrame boolean| __Zone_disable_on_property object| __zone_symbol__BLACK_LISTED_EVENTS boolean| __Zone_enable_cross_context_check function| $ function| jQuery function| Popper object| bootstrap object| __zone_symbol__loadfalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__resizefalse object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| __zone_symbol__beforeunloadfalse object| __zone_symbol__pagehidefalse object| __zone_symbol__pageshowfalse object| __zone_symbol__DOMContentLoadedfalse object| dataLayer object| __zone_symbol__scrollfalse object| __zone_symbol__clickfalse number| BOOMR_configt object| __zone_symbol__scrolltrue object| __zone_symbol__errorfalse object| __zone_symbol__unhandledrejectionfalse string| _fullParams string| _keyValuePair string| _key string| _value function| gas function| gas4 boolean| _isRedacted object| google_tag_manager object| google_tag_data string| hostname object| levelAccess object| rumProd string| href string| pathname object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| gaGlobal object| __zone_symbol__scrollendfalse function| onYouTubeIframeAPIReady object| $jscomp function| $jscomp$lookupPolyfilledValue object| LevelAccess_AccessJS_AccessEngine object| LevelAccess_AccessJS_FixPackage object| LevelAccess_AccessJS_OrgDetails object| LevelAccess_AccessJS string| AccNamePrototypeNameSpace object| LevelAccess_CalcNames number| BOOMR_onload string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

8 Cookies

Domain/Path Name / Value
.benefeds.gov/ Name: _hjSessionUser_2263480
Value: eyJpZCI6IjczNGVjZWIyLTNjODctNTg1OS04NzFmLTdlYTQ5MDVhNDY2NCIsImNyZWF0ZWQiOjE3MzQ2MjIxODE1MjYsImV4aXN0aW5nIjp0cnVlfQ==
.benefeds.gov/ Name: _hjSession_2263480
Value: eyJpZCI6IjA2MTUwNzNhLTE3NTctNGU5YS04MmU1LTFhNmE3ZjZmNDEwZSIsImMiOjE3MzQ2MjIxODE1MjgsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.benefeds.gov/ Name: _ga_CSLL4ZEK4L
Value: GS1.1.1734622181.1.0.1734622181.0.0.0
.www.benefeds.gov/ Name: RT
Value: "z=1&dm=www.benefeds.gov&si=0afddd92-c193-4ded-8ec4-cb84debb51eb&ss=m4vh9atk&sl=1&tt=2ut&rl=1&ld=2uv"
.benefeds.gov/ Name: _ga_RH0BNJH7GX
Value: GS1.1.1734622181.1.0.1734622182.0.0.0
.benefeds.gov/ Name: _ga
Value: GA1.2.935526087.1734622182
.benefeds.gov/ Name: _gid
Value: GA1.2.1151239.1734622182
.benefeds.gov/ Name: _gat_UA-63538248-10
Value: 1

1 Console Messages

Source Level URL
Text
security error URL: https://www.benefeds.gov/general/employees-welcome?utm_source=salesforce&utm_medium=email&utm_campaign=2024-OS-EM6E&utm_content=button(Line 5)
Message:
X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.levelaccess.net
benefeds.gov
c.go-mpulse.net
cdn.benefeds.gov
cdn.levelaccess.net
click.info.benefeds.gov
content.hotjar.io
dap.digitalgov.gov
fonts.googleapis.com
fonts.gstatic.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.go-mpulse.net
script.hotjar.com
static.hotjar.com
urldefense.us
www.benefeds.gov
www.google-analytics.com
www.googletagmanager.com
128.17.96.51
13.33.252.92
142.250.80.67
18.164.96.87
23.44.111.21
2600:141b:1c00:986::11a6
2600:141b:5000:697::11a6
2600:141b:9000::6846:79a1
2600:141b:9000::6846:79d9
2600:1f18:4457:4601:b03a:d9e0:9fef:5bb7
2600:9000:211c:6600:1:fb61:2b80:93a1
2600:9000:2514:800:5:83ea:ba80:93a1
2606:4700:10::6816:3768
2607:f8b0:4006:809::200a
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80b::200e
3.215.95.57
52.49.166.168
54.228.103.19
08779c34624ebef96c561b7a0937a807da347c9d6480fb018eec63b0d430fe5a
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0c737790501e600c955b50b25011f541382ac5c7d8cffcd140810b3f948b6725
0df7495a6fa6758f84f4945cfd2e8681fe6c914fb1d3caf46703981a00fca59f
1204720d34f57993876360c4e5e45753ea5243eec0303ae3ba5d9de8b54e2384
16d5310e8589990341a39692f2c4fdf7d08ea6c861537361ec18d78215c69815
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f72c2b8552f572576817bbca6f675f1e6f02b401f9ee750727376138412db9e
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3d108675b582bc4f0fd6c0cadb104c990c0bf3dac6bfafbcc8357d67f94930d4
411ec5f376a0b6f048eb064f5021e2f9ed8d742810a5cd96872e477f927f5bce
43fc587d4c7860e824a47a42fc2b758455429aaf36b6eeb270d7cfb6a8975c56
44081ca18acab80d3ad988d7858ff7834445a07236cb614e67465153a13a4f00
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
6118c2c8cef04bc9ee2b9088d53227800b123b16d4586f7e79696f7a4efc6896
6b19bc09556c858d187a9f7002b81ae37a029b4e37442d7e6c6ec991136802d6
6b6ea768acbc382ad115136d673a622a525c7ac4ae0d4315f80df9c7103e639c
6bc206976abfbc9d91756721beb17a970658393af36df6ecdbd846c5cc5e37aa
6e96163d3964923f8112d11a9c2d405edd81cec454bb7a374ec3bd19b9856d89
75b72994bc43d8c9be1a5d2b1328df1fb8d9b7d49f282314639f9a81977f6a2c
76e3ba94294fc7c0add391ecb751950e1024527aba457e52621277c790f81264
79a3e81b476e1e86c590d55d4841f15632817b28073c403d746cf6eed4a9eef2
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8b711389e5b6edefa2ca920a59214bc4e1c3df5ee15f0e417743610900a42c99
8f7a3fc042c90888f6063f0a2df950fc6fdcb50a0bea63a6828b0094ac53c3b2
912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20
9f58ddc860fd05257edb05652c075f26a53cfa127465d2593dc42f595cb8d141
a5e9b982749cc7d1c9a665c6a325e316a397796ba4d9ef73df33e248ba3063f7
a602434d1edf45f9766b56be9ccb4c62be3e98ee07aa958f6784b56ce1b648cc
adce1618a96411932b333ee43250771e34b11d015a07d312d4e6dd195c9d6012
afca11db454eedaada10325ffbae12d670cfa00926f3cf91388da29a39dc031d
b3b448352fa703e1aefaec8ce297d6461e76dfa7ad01e93bc3d0a216ad03d18f
bc1d8378c2d4dabf3610d8a07fddfe50991d9662c991188b6ed0f7e13aaeea0b
c393254c8ad7aec8e8a614096aee273eba8bd73e8287bf01bc608d98c49a68d3
d0228750c35aa8389308c85c3cd6a2175b5fdb950c4f048d731e05d3075cda15
d0829a6bc6ae06d2d750b43024978162df0a02cc150ce185c4e17f2440c46bd0
d3bd916349dd20587764a43580c9dacbb6b040d52e8fb32530c4a1a5fcd492e1
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dc09d3b4027fa07835f3c0b5357f213fcac5a13fadf8185af82fe37c87df63de
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8225a3cbed834d100e58a406d5a988550beb2cdc2641ef2fa7c19dd0418a737
f29c965f027e6b57a918db7b2b124685f4843d6cc4ff0222bb231a15be7fb3bb