www.fsibenefits.org Open in urlscan Pro
54.224.89.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.fsibenefits.org/
Effective URL:
https://www.fsibenefits.org/
Submission: On July 10 via manual (July 10th 2023, 11:39:34 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 60 HTTP transactions. The main IP is 54.224.89.75, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.fsibenefits.org.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 24th 2023. Valid for: 9 months.

This is the only time www.fsibenefits.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	50.16.221.99 50.16.221.99	14618 (AMAZON-AES) (AMAZON-AES)
15	54.224.89.75 54.224.89.75	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.66.122.32 18.66.122.32	16509 (AMAZON-02) (AMAZON-02)
4	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
4	52.159.97.111 52.159.97.111	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:303... 2606:4700:3031::ac43:9f5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5	34.224.14.96 34.224.14.96	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.66.121 65.9.66.121	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
60	18

1 50.16.221.99 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-221-99.compute-1.amazonaws.com

www.fsibenefits.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.224.89.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-89-75.compute-1.amazonaws.com

www.fsibenefits.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.122.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-32.fra60.r.cloudfront.net

kendo.cdn.telerik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.159.97.111 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

analytics.clickdimensions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:9f5c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.224.14.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-14-96.compute-1.amazonaws.com

polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-121.fra56.r.cloudfront.net

marco.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	fsibenefits.org 1 redirects www.fsibenefits.org	1 MB
7	feathr.co cdn.feathr.co — Cisco Umbrella Rank: 22282 polo.feathr.co — Cisco Umbrella Rank: 16618 marco.feathr.co — Cisco Umbrella Rank: 17668	56 KB
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2060 ka-f.fontawesome.com — Cisco Umbrella Rank: 4529	189 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	5 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	413 KB
4	clickdimensions.com analytics.clickdimensions.com — Cisco Umbrella Rank: 41111	35 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	44 KB
4	telerik.com kendo.cdn.telerik.com — Cisco Umbrella Rank: 13772	1 MB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	405 B
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2767	47 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	265 B
1	google.de www.google.de — Cisco Umbrella Rank: 4752	408 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556	54 B
60	14

	Domain	Requested by
16	www.fsibenefits.org	1 redirects www.fsibenefits.org
6	ka-f.fontawesome.com	kit.fontawesome.com www.fsibenefits.org
5	polo.feathr.co	cdn.feathr.co
5	www.googletagmanager.com	www.fsibenefits.org www.googletagmanager.com www.google-analytics.com
4	analytics.clickdimensions.com	www.googletagmanager.com analytics.clickdimensions.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdn.jsdelivr.net	www.fsibenefits.org
4	kendo.cdn.telerik.com	www.fsibenefits.org
3	px.ads.linkedin.com	3 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	stackpath.bootstrapcdn.com	www.fsibenefits.org
1	match.adsrvr.org	www.fsibenefits.org
1	marco.feathr.co	www.fsibenefits.org
1	www.google.de	www.fsibenefits.org
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.feathr.co	www.fsibenefits.org
1	px4.ads.linkedin.com	www.fsibenefits.org
1	www.linkedin.com	1 redirects
1	kit.fontawesome.com	www.fsibenefits.org
60	20

This site contains no links.

Subject Issuer	Validity	Valid
fsibenefits.org Amazon RSA 2048 M02	`2023-02-24` - `2023-11-25`	9 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
blazor.cdn.telerik.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-15`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.clickdimensions.com Go Daddy Secure Certificate Authority - G2	`2022-11-22` - `2023-12-24`	a year	crt.sh
feathr.co GTS CA 1P5	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
polo.feathr.co R3	`2023-05-14` - `2023-08-12`	3 months	crt.sh
marco.feathr.co Amazon RSA 2048 M02	`2023-02-28` - `2023-09-20`	7 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.fsibenefits.org/
Frame ID: 595E1CDDC55DF4D58BB0480557C9B967
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome - FSI Benefits

Page URL History Show full URLs

http://www.fsibenefits.org/ HTTP 301
https://www.fsibenefits.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

60
Requests

97 %
HTTPS

58 %
IPv6

14
Domains

20
Subdomains

18
IPs

3
Countries

3191 kB
Transfer

7320 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.fsibenefits.org/ HTTP 301
https://www.fsibenefits.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://px.ads.linkedin.com/collect/?pid=3973937&fmt=gif HTTP 302
https://px.ads.linkedin.com/collect?pid=3973937&fmt=gif&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D3973937%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?pid=3973937&fmt=gif&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?pid=3973937&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQJsjObS1JyutQAAAYlCLKbVDPhxKksI48bbIQsQ4crBcXSNZWTSHgdvT3n8p6qcwcEqLXNPYxdB1Q

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.fsibenefits.org/
Redirect Chain

http://www.fsibenefits.org/
https://www.fsibenefits.org/

20 KB
20 KB

409ms
202ms

Document
text/html

54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6e3d74e651df10ee655c7d4f9740b2c36df3aa235bcb0f320ab0591bfe73b4ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-type: text/html; charset=utf-8
date: Mon, 10 Jul 2023 23:39:28 GMT
pragma: no-cache
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Mon, 10 Jul 2023 23:39:28 GMT
Location: https://www.fsibenefits.org/
Pragma: no-cache
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 97ms
36ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fsibenefits.org/
Origin: https://www.fsibenefits.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 1078
cdn-cachedat: 01/04/2023 11:35:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 35131082ee07fb906d8712a4beb61c2b
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e4ca56fda173683-FRA
cdn-requestpullsuccess: True

GET
H2 200 kendo.common.min.css
kendo.cdn.telerik.com/2020.1.114/styles/ 286 KB
48 KB 110ms
25ms Stylesheet
text/css 18.66.122.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kendo.cdn.telerik.com/2020.1.114/styles/kendo.common.min.css
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-32.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 9eff76defa971fe689bd5d78092cde8ef52715fcd1ea28a739e2785d3e6f1608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 07:17:22 GMT
content-encoding: gzip
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 06:48:14 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 26756525
etag: W/"62b169ae-478ef"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-id: 2Zjmt_vQUESs2iaGZxsKlhkwzltgS1dWaqM_EDdk7i9goeuz-5onbw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 kendo.default.min.css
kendo.cdn.telerik.com/2020.1.114/styles/ 77 KB
12 KB 107ms
23ms Stylesheet
text/css 18.66.122.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kendo.cdn.telerik.com/2020.1.114/styles/kendo.default.min.css
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-32.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 533adebf9022c57440b99dcdaf935313c48ad7eded0c206b03348d740aa7c748

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:27:25 GMT
content-encoding: gzip
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 10:39:36 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 21726723
etag: W/"63205de8-133c6"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-id: NogmNRwA64AsZOii3PoK4QVOzqCxz8uQFNk_mbewVSL0ryPwd2zn8Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.3.1/dist/ 85 KB
31 KB 77ms
19ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Jul 2023 23:39:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6627087
x-jsd-version: 3.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32029
x-served-by: cache-fra-eddf8230092-FRA
x-jsd-version-type: version
etag: W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.validate.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/ 23 KB
8 KB 76ms
19ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/jquery.validate.min.js

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Jul 2023 23:39:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4141439
x-jsd-version: 1.17.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8057
x-served-by: cache-fra-eddf8230092-FRA
x-jsd-version-type: version
etag: W/"5add-anbkx9tHkFM1BYBGmqAQ/r/crNA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.unobtrusive-ajax.min.js Show response
cdn.jsdelivr.net/npm/jquery-ajax-unobtrusive@3.2.6/dist/ 4 KB
2 KB 94ms
37ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-ajax-unobtrusive@3.2.6/dist/jquery.unobtrusive-ajax.min.js

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c00b4d34cae1edefc9eccc9d913b43a20ccbbfb8bccf2d19584e4f09dc03b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Jul 2023 23:39:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 593649
x-jsd-version: 3.2.6
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1869
x-served-by: cache-fra-eddf8230092-FRA
x-jsd-version-type: version
etag: W/"fdd-LbUnl8gUNr1Xp5EiSfGhJEt5iCk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation-unobtrusive@3.2.11/dist/ 6 KB
2 KB 95ms
38ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation-unobtrusive@3.2.11/dist/jquery.validate.unobtrusive.min.js

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Jul 2023 23:39:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1806689
x-jsd-version: 3.2.11
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2290
x-served-by: cache-fra-eddf8230092-FRA
x-jsd-version-type: version
etag: W/"16ef-euZ7NCDJjHPFAgzJKmAQi/1uibs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 77 KB
23 KB 100ms
40ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fsibenefits.org/
Origin: https://www.fsibenefits.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 755
cdn-cachedat: 08/20/2022 02:32:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a454220fc07088bf1fdd19313b6bfd50"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9c3fedc91664aec704817b3b879068a4
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e4ca56fda1a3683-FRA
cdn-requestpullsuccess: True

GET
H2 200 kendo.all.min.js Show response
kendo.cdn.telerik.com/2020.1.114/js/ 3 MB
1 MB 125ms
41ms Script
application/x-javascript 18.66.122.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kendo.cdn.telerik.com/2020.1.114/js/kendo.all.min.js
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-32.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: a7e2a8c284eadcbe945e6ee6b3f1cfaf4e95a0a604ff9e65d536baeaa887cb6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:23:52 GMT
content-encoding: gzip
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 11:28:27 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 5307335
etag: W/"6447b95b-37d694"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-id: y3YP1BZ3o0TDQeiV4afMoPOcOU6RIt0kxurrxc-yx8D7ruWiGW5NYw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 kendo.aspnetmvc.min.js Show response
kendo.cdn.telerik.com/2020.1.114/js/ 18 KB
5 KB 133ms
49ms Script
application/x-javascript 18.66.122.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kendo.cdn.telerik.com/2020.1.114/js/kendo.aspnetmvc.min.js
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-32.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 43946d098f722c69b64a2557fedd1a7253a09f36bfc61087ee074df88365c5fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 10:02:16 GMT
content-encoding: gzip
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 15:38:15 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 8602632
etag: W/"641094e7-472e"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-id: SPC3FQ6i-_wVisLOTwrf2oAeKSy87LBYR_kenViDeufdWJ1Qo74KCg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bf2af8aca4.js Show response
kit.fontawesome.com/ 11 KB
5 KB 98ms
39ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/bf2af8aca4.js

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec9b13da07cee8fdd41fa684f9b50f040a3a3a60a9ba8401570a932a9c763cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:28 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7e4ca56fd9f02c57-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F28qCBESwWRc18yFEFbi

GET
H2 200 fonts.css
www.fsibenefits.org/css/ 116 KB
116 KB 111ms
109ms Stylesheet
text/css 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/css/fonts.css
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 98a3b7b162687c31e7a5008f86fcad00520f855e6cdc7bf8a8dbaa1dc1af5939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:28 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001cd461"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 118369

GET
H2 200 style.css
www.fsibenefits.org/css/ 183 KB
183 KB 212ms
210ms Stylesheet
text/css 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/css/style.css
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ec89e99b28afb40398aaafb1c9884277e5b7b0ad1ac68fca1f53faf455ab87d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:28 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001fc0e7"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 187111

GET
H2 200 site.css
www.fsibenefits.org/css/ 13 KB
13 KB 110ms
108ms Stylesheet
text/css 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/css/site.css
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7b10d4bcc99a11181e54ad22973cf054c07d390f483ccc39532cb5ba31cbdd83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:28 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001d28a4"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 12964

GET
H2 200 jquery-confirm.css
www.fsibenefits.org/css/ 28 KB
28 KB 211ms
210ms Stylesheet
text/css 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/css/jquery-confirm.css
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: acdb01fc196fd91f7bde36265f951e67d818de69f5b3597e9a32cbf00cac44e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:28 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001d75fc"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 28668

GET
H2 200 siteCalcs.js Show response
www.fsibenefits.org/js/ 29 KB
29 KB 212ms
210ms Script
application/javascript 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/js/siteCalcs.js?v=JXncwGBWzuwiiAe7D7YMvYNQ4WJWTuKUvXIfCQcC91g
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 746051db7e76e6d1086377aaf07dcb901d2d02ee7a307c62c4240500b901c529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:28 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001d6edc"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 29916

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
79 KB 113ms
61ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-024X4H9LRC

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4392f46d0d055d7a3077720fe3d7a2d98bb41917e3cfb273a8fde82683da5a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81079
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Jul 2023 23:39:29 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect/?pid=3973937&fmt=gif
https://px.ads.linkedin.com/collect?pid=3973937&fmt=gif&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D3973937%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue
https://px.ads.linkedin.com/collect?pid=3973937&fmt=gif&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?pid=3973937&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQJsjObS1JyutQAAAYlCLKbVDPhxKksI48bbIQsQ4crBcXSNZWTSHgdvT3n8p6qcwcEqLXNPYxdB1Q

43 B
348 B

217ms
164ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?pid=3973937&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQJsjObS1JyutQAAAYlCLKbVDPhxKksI48bbIQsQ4crBcXSNZWTSHgdvT3n8p6qcwcEqLXNPYxdB1Q
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C9544D6DCB7247B4AE1A7F74B0160872 Ref B: FRAEDGE1822 Ref C: 2023-07-10T23:39:30Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
content-type: image/gif
x-li-proto: http/2
content-length: 65
x-li-uuid: AAYAKn5u6W3QiuACoRoSMA==

Redirect headers

date: Mon, 10 Jul 2023 23:39:29 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4FE3505DFC0248C2A46BF138A8CE5747 Ref B: FRAEDGE1907 Ref C: 2023-07-10T23:39:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?pid=3973937&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQJsjObS1JyutQAAAYlCLKbVDPhxKksI48bbIQsQ4crBcXSNZWTSHgdvT3n8p6qcwcEqLXNPYxdB1Q
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAKn5rmbPPgSu+sCFcvg==

GET
H2 200 fsi-flag-50.png
www.fsibenefits.org/images/ 4 KB
5 KB 107ms
106ms Image
image/png 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fsibenefits.org/images/fsi-flag-50.png
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3c900bc060b3aa59acbd3c4704f9738bbce3d3fad1dcef655c6ad1baba832d6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001d0bbc"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 4540

GET
H2 200 fsi_covered_advisor_2.png
www.fsibenefits.org/images/ 16 KB
16 KB 106ms
105ms Image
image/png 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fsibenefits.org/images/fsi_covered_advisor_2.png
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 24001071c08773af3a6f00636d1875b437605263a84595dd39fcbf84303438d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001d5a09"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 16393

GET
H2 200 bg-secondary.jpg
www.fsibenefits.org/images/ 39 KB
39 KB 105ms
104ms Image
image/jpeg 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fsibenefits.org/images/bg-secondary.jpg
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 951c8f1911eb30c6ebdb01f8e568b03f223fa2ba1c575e118607e9014b5e2f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001d8665"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 40037

GET
H2 200 jquery-confirm.js Show response
www.fsibenefits.org/js/ 52 KB
52 KB 105ms
104ms Script
application/javascript 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/js/jquery-confirm.js
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00b87d5d4a0f88363089016d7ef2e87f785c8c77bc90165b673ae571adf8f2b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001dd4bb"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 52923

GET
H2 200 site.js Show response
www.fsibenefits.org/js/ 442 B
625 B 103ms
103ms Script
application/javascript 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/js/site.js?v=v-EHaA6SEQzTGguN3ywSWBTSRiLmSARRfjzormXOagU
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8c8bf3c6085175bb4e3fc212d6dc64f3a342b7c5c629d080be18f6a10f14e82d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001d1bba"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 442

GET
H2 200 core.min.js Show response
www.fsibenefits.org/js/ 376 KB
377 KB 105ms
105ms Script
application/javascript 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/js/core.min.js
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 52e408505ce6d5906d1243dba5b07845174b27d911db2fe3b1f27d60614f624e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea0018fa24"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 385060

GET
H2 200 script.js Show response
www.fsibenefits.org/js/ 54 KB
54 KB 108ms
107ms Script
application/javascript 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/js/script.js
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ac4409f9180490513108f1e5907f81eab5b7f3c172abff81bfbb4719b8d404f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001dcd59"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 55129

GET
H2 200 kendo.common.min.css
www.fsibenefits.org/lib/kendo/styles/ 331 KB
331 KB 275ms
274ms Stylesheet
text/css 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/lib/kendo/styles/kendo.common.min.css
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c09decd0b992ed6a34d925c7419189b56bf0b1f6a794173cfa6117ea3155d718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:28 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001830da"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 338650

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 93ms
35ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=bf2af8aca4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/bf2af8aca4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVUutciYZtxjzVwADq3f%2FX0bnQ00vLrBcaPMTTTHB0Yc5Gn%2B1icCWdnNYDQD6nKe6AFBrTsC9Qwdn7AsG1Iw5BhZ8h4hiZmbmHgjJN7WhvdzhGLOeQubcTy1KeTAczuwrw7Gs%2Bc4Uf%2BQlEkVl4scZWKhSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7e4ca57429ebbbf2-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: G5i-PQpLIDVKXl0KYj0vzhjqHChkVC_wpgh7MLH5HMViEloDxRYxJw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 172ms
113ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=bf2af8aca4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/bf2af8aca4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
via: 1.1 283a3ebaefd33728d45267e54657c3e2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ARN56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTZHaY2kQkd8B7cQVic9O7I1BWpUn%2BSFBMpfuB76zGLiWDLsO3w433h0x3esc0IMOA%2FFW3%2FWIUautsKlFljgJdtjUxamOxGQq4gHvZrDhK%2FFr8PE0bbmNESX5RB1lX7z68fK%2FXJaRfUXp9pobYt9O4%2Be7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7e4ca57429eebbf2-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: RDh9nJRQdwYCSJCLhW02C30WZ-iBtl1TiskaayVPJ6ZSUitz1yoDSw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 92ms
34ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=bf2af8aca4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/bf2af8aca4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCRsmUwGrF%2FoWfBFGODz5fCcDzWH3n1iSe39eJPb2%2FnYpBzBxlw59B8QvOjfqy8MuHNV577vptMff2ZkLVIbDY6qXIi76CPOJli2D16WMnHzYnc%2F2i%2FtmMq5Urvt5xt9F7AoQTZt35SzzCJMe%2B62J0z40A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7e4ca57429f0bbf2-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: DnTFqon011x4giecY0_XahgeDFGAXISUQ3rsLrmtB_gdgt-JuF_79w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
73 KB 85ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN5M696

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0570923791f46b546392bb925c8d2b2d9087c3b6a9d22eb3d2bdc84726e2c985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74481
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 22:26:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jul 2023 23:39:29 GMT

GET
H2 200 fl-justicons.woff
www.fsibenefits.org/fonts/ 16 KB
16 KB 104ms
104ms Font
application/font-woff 54.224.89.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fsibenefits.org/fonts/fl-justicons.woff
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/css/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.89.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-89-75.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cfd881ad084ca202aacf2814f8254163bb4d9cf407de8d3e818626c829ececc4

Request headers

Referer: https://www.fsibenefits.org/css/fonts.css
Origin: https://www.fsibenefits.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Mon, 03 Jul 2023 20:07:32 GMT
server: Microsoft-IIS/10.0
etag: "1d9adea001d5acc"
x-powered-by: ASP.NET
content-type: application/font-woff
accept-ranges: bytes
content-length: 16588

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
18ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN5M696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Jul 2023 22:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3850
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 11 Jul 2023 00:35:19 GMT

GET
H2 200 ts.js Show response
analytics.clickdimensions.com/ 28 KB
28 KB 537ms
262ms Script
application/javascript 52.159.97.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.clickdimensions.com/ts.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN5M696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.159.97.111 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 29c3b6b0e2246ae17fb03b13a2bb3003c4d07c37092b76b3d854708bcf99aa11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Tue, 16 May 2023 08:10:18 GMT
server: Microsoft-HTTPAPI/2.0
etag: "1d987cdda05a132"
x-servicefabricrequestid: 8360aa2e-c80a-4aae-919d-9e091a977d2a
content-type: application/javascript
accept-ranges: bytes
content-length: 28722

GET
H2 200 boomerang.min.js Show response
cdn.feathr.co/js/ 184 KB
53 KB 84ms
27ms Script
text/javascript 2606:4700:3031::ac43:9f5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feathr.co/js/boomerang.min.js
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebcc4d43d31df7982ad1969a9256632e8de9f3ba601d53afd05292485bcfe2d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
x-amz-version-id: tB4hDpweFtj1TM0MTuYs.s_6MBpV665l
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z0BR87Q92JJBDZWM
age: 6497
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iYkZ1bTMhNSVycLz9iHLNvYn0mkC2niUgI1tjUzVSXQlbGXw6c33fpv5JA7N2t7NQN9cMjXrylI=
last-modified: Mon, 29 May 2023 15:20:13 GMT
server: cloudflare
etag: W/"500ed5e84b71afdb1bcc2413d6583f37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gI8ZD6hgP0Yl5I%2BCEprnpbIJTTCZ1k4ON3LD4BCoMlxt%2Fpi%2FwHKS%2B4zxtdwhyV1DNQX7y0OeM9JJlJKa%2FUITQEPK1Camq7leiaDcLSBBBZQIL5frQvJhh31UOreSB2mqVDP9k%2FXaEvmJTOcf"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7e4ca5752deb1b93-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1VTZ09TB92&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN5M696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f7a5e84cc7c37058d86eab26b7e569b06709a81495da820e77405f09b55c0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91873
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Jul 2023 23:39:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-024X4H9LRC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN5M696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83694ec2dfe7f79ee6fc80fd918878a3c18b4cea317563ef1008d1d76c19ed66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Jul 2023 23:39:29 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 74ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-024X4H9LRC&gtm=45je37a0&_p=1656181448&cid=896704971.1689032369&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689032369&sct=1&seg=0&dl=https%3A%2F%2Fwww.fsibenefits.org%2F&dt=Welcome%20-%20FSI%20Benefits&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-024X4H9LRC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 23:39:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fsibenefits.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 27ms
26ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://www.fsibenefits.org/
Origin: https://www.fsibenefits.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cSKhIkV%2FCCxl51YAjxBdTP4%2F3z0czR3XDas%2F0dJ5sxfMuA1eg0soZbBk8rmU8bKojVjLSAttHVZ8JRZKTH6BF%2F3voLm6%2FPaSGPBZtBLd%2BKE1SAd%2F93kgtLrlwH8cfddC8%2Bhyj3fyAPlZuCMpG1CLfvfTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7e4ca574fa92bbf2-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: SDFMS6CpQF9EVDzyBTduJway5kXWiCwTaw_aeyV5sh_r1pqykrQs1g==

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
13 KB 36ms
36ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer: https://www.fsibenefits.org/
Origin: https://www.fsibenefits.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13216
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "b8f1c6a3a94d42b082c29f0b1db8ba95"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6Y3hKhFKXD8984Eoz0mUUfurAVjSpwdTNbGdf3rb2jmLBsHjxAWo0PDN8wp8BKaou2H2DRSxH1hHBUHtNP1me%2BSJ9CvwlLquW%2B2D2uf%2F3KkAmMWy9I8vVBL0XQTColMcijza8nBX%2Fjf3waq%2FhcuHgxtEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7e4ca574fa93bbf2-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: E4DQxRyknJUPIUxrTC5foh6cLgkmFhHNCZsBmamBmA50PI3-8yj5Jg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1VTZ09TB92&gtm=45je3750h1&_p=1656181448&_gaz=1&cid=896704971.1689032369&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689032369&sct=1&seg=0&dl=https%3A%2F%2Fwww.fsibenefits.org%2F&dt=Welcome%20-%20FSI%20Benefits&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VTZ09TB92&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 23:39:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fsibenefits.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 86ms
27ms Ping
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1VTZ09TB92&cid=896704971.1689032369&gtm=45je3750h1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VTZ09TB92&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 23:39:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fsibenefits.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 95ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1VTZ09TB92&cid=896704971.1689032369&gtm=45je3750h1&aip=1&z=1011459303

Requested by

Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 23:39:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 42ms
42ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://www.fsibenefits.org/
Origin: https://www.fsibenefits.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
via: 1.1 adb83a3a3628f104e6d1d9d74c07d92c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zY8CDfxkhbcQl0IutuvS%2Fx8nbfByWh6U18t2JNWPSdnMzcMdjcJaHoekwzX3GoabkFj9RJQChYYzkXYvwSacG6qFncO7EpzaN0n65sOCG5IbSg56YsWf0n7qYanw9%2B%2BrXEVdLAWsd%2FhF%2B3mB5ID3wAuFSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7e4ca5756dd230ee-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: IeFXxXgnhCWB5q0NLJLwAjk1cNKF7HPuxqMY22l7erEm7fW9wUCTLg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
225 B 26ms
26ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1656181448&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fsibenefits.org%2F&ul=en-us&de=UTF-8&dt=Welcome%20-%20FSI%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=283972771&gjid=477571298&cid=896704971.1689032369&tid=UA-3825784-1&_gid=2035273152.1689032370&_r=1&_slc=1&gtm=45He3750n81NN5M696&z=1515553200

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d47feb6cdefeb735741c97a57ab7e14babfff3a606974ac0550d566d1273feef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fsibenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 23:39:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fsibenefits.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrations Show response
polo.feathr.co/v1/accounts/5f4e48044661e4d84b0d7aa4/ 42 B
379 B 385ms
121ms XHR
application/json 34.224.14.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/5f4e48044661e4d84b0d7aa4/integrations

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.224.14.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-14-96.compute-1.amazonaws.com

Software

Resource Hash

faa1444cbae74aad09a3bae4849dd1b0fead937d10b8b79321da628b461f59bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 42

GET
H2 200 refresh
marco.feathr.co/v1/ 43 B
607 B 435ms
312ms Image
image/gif 65.9.66.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marco.feathr.co/v1/refresh
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-121.fra56.r.cloudfront.net
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: f3ab39f1-7dcc-4455-801e-3b67e1841da3
x-amzn-trace-id: Root=1-64ac96b1-676b9b59672ce09d77e954a7;Sampled=0;lineage=5eb2f403:0
access-control-allow-methods: *
content-type: image/gif
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-apigw-id: H3x72FP6oAMFYcA=
content-length: 43
x-amz-cf-id: bJwlRpiwSi47TitEakMpf51Pp6h5UIiX3GszQvygeAfpY1iB6cYnWw==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 31ms
26ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3825784-1&cid=896704971.1689032369&jid=283972771&gjid=477571298&_gid=2035273152.1689032370&_u=YADAAEAAAAAAACAAI~&z=1849640900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fsibenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 10 Jul 2023 23:39:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fsibenefits.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1VTZ09TB92&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6e64b40d7c6eaac8b2fc1a8dedf86c7732d8e116efa5586fc63d25a46295d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Jul 2023 23:39:29 GMT

GET
H2 200 optout.js Show response
analytics.clickdimensions.com/ 6 KB
6 KB 129ms
128ms Script
application/javascript 52.159.97.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.clickdimensions.com/optout.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN5M696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.159.97.111 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 437f95f9fd81c962314f0809c103565c1ebb3270f03fd319c851c4457642c840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:29 GMT
last-modified: Tue, 16 May 2023 08:13:20 GMT
server: Microsoft-HTTPAPI/2.0
etag: "1d987ce4680c662"
x-servicefabricrequestid: 82cb098a-3f5c-4aa2-9b2a-7cfd781cc580
content-type: application/javascript
accept-ranges: bytes
content-length: 5730

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
679 B 323ms
111ms Script
text/javascript 34.224.14.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1689032369975

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.224.14.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-14-96.compute-1.amazonaws.com

Software

Resource Hash

46ceb12cd13b62ff80e6092a9748f4d15408d2febb2be84a9f085826a4dd6a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "64ac96b1a02d8d0008aa71da"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 290

GET
H2 200 pixel.js Show response
polo.feathr.co/v1/accounts/5f4e48044661e4d84b0d7aa4/ 32 B
402 B 333ms
122ms Script
text/javascript 34.224.14.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/5f4e48044661e4d84b0d7aa4/pixel.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.224.14.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-14-96.compute-1.amazonaws.com

Software

Resource Hash

eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=14400
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 32

GET
H2 200 tsr.js Show response
analytics.clickdimensions.com/ 189 B
484 B 151ms
151ms Script
text/javascript 52.159.97.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.clickdimensions.com/tsr.js?ac=aCvv76mR0C0aMH2JYsMwfA&urk=1689032370073&cm=&s=1689032370072&v=&lc=English&pt=Welcome%20-%20FSI%20Benefits&dn=financialservices.org&dnk=&pk=&hn=www.fsibenefits.org&uri=https%3A%2F%2Fwww.fsibenefits.org%2F&r=&t=PAGE&b=CHROME&os=WINDOWS&pr=false&sc=0&sv=6.0&qd=&dt=1689032370073&pvon=
Requested by: Host: analytics.clickdimensions.com
URL: https://analytics.clickdimensions.com/ts.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.159.97.111 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 044701c42e8e4d33f7f35f8f53c2b7e8191b741145f8e1ef52b51d2841923729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:30 GMT
referrer-policy: no-referrer-when-downgrade
server: Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: 1d5a0683-8d66-42c8-9dcf-2b087948c6ac
access-control-max-age: 3600
access-control-allow-methods: GET,POST
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Accept,g-recaptcha-response

GET
H2 200 tsr.js Show response
analytics.clickdimensions.com/ 189 B
484 B 177ms
176ms Script
text/javascript 52.159.97.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.clickdimensions.com/tsr.js?ac=aCvv76mR0C0aMH2JYsMwfA&urk=1689032370074&cm=&s=1689032370072&v=&lc=English&pt=Welcome%20-%20FSI%20Benefits&dn=financialservices.org&dnk=&pk=&hn=www.fsibenefits.org&uri=https%3A%2F%2Fwww.fsibenefits.org%2F&r=&t=PAGE&b=CHROME&os=WINDOWS&pr=false&sc=0&sv=6.0&qd=&dt=1689032370074&pvon=
Requested by: Host: analytics.clickdimensions.com
URL: https://analytics.clickdimensions.com/ts.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.159.97.111 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 4a105d853f33531fae00ff309955ffd93c11b7ea73411d60d5894d56d9750808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:30 GMT
referrer-policy: no-referrer-when-downgrade
server: Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: 541e33da-107f-4237-b7af-12cd35fc8655
access-control-max-age: 3600
access-control-allow-methods: GET,POST
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Accept,g-recaptcha-response

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 136ms
43ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=64ac96b1a02d8d0008aa71da&gdpr=0
Requested by: Host: www.fsibenefits.org
URL: https://www.fsibenefits.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 10 Jul 2023 23:39:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
678 B 108ms
108ms Script
text/javascript 34.224.14.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1689032370470

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.224.14.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-14-96.compute-1.amazonaws.com

Software

Resource Hash

46ceb12cd13b62ff80e6092a9748f4d15408d2febb2be84a9f085826a4dd6a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "64ac96b1a02d8d0008aa71da"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 290

GET
H2 200 pixel.js Show response
polo.feathr.co/v1/accounts/5f4e48044661e4d84b0d7aa4/integrations/facebook/ 0
324 B 111ms
111ms Script
text/html 34.224.14.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/5f4e48044661e4d84b0d7aa4/integrations/facebook/pixel.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.224.14.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-14-96.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 23:39:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1656181448&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.fsibenefits.org%2F&ul=en-us&de=UTF-8&dt=Welcome%20-%20FSI%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=25%25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=896704971.1689032369&tid=UA-3825784-1&_gid=2035273152.1689032370&gtm=45He3750n81NN5M696&z=197691773

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 08:47:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1656181448&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.fsibenefits.org%2F&ul=en-us&de=UTF-8&dt=Welcome%20-%20FSI%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=50%25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=896704971.1689032369&tid=UA-3825784-1&_gid=2035273152.1689032370&gtm=45He3750n81NN5M696&z=1461604554

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fsibenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 08:47:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET crumb
polo.feathr.co/v1/analytics/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: polo.feathr.co
URL: https://polo.feathr.co/v1/analytics/crumb?cb=1689032374538&a_id=5f4e48044661e4d84b0d7aa4&f_id=64ac96b1a02d8d0008aa71da&ses_id=64ac96b163605df823c2ce3b&flvr=page_view&loc_url=https%3A%2F%2Fwww.fsibenefits.org%2F&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fsibenefits.org/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.jRNRD-rJBGo Value: CfDJ8KfWm5wocBVFv7rOo5oAuIyDR-ykgDUub_R9ltR79JApYrcpDu09fcoGlUos90uQo_jNKabkpcHaG2JW_QqqjMo9tUoD1pjmZIb7nP8X_ywxsmi1bv1mP1zOZrcSkmH4JG3FMIJz6VMhhKG3iE819eM
.fsibenefits.org/	1970-01-20 22:46:32	Name: _ga_024X4H9LRC Value: GS1.1.1689032369.1.0.1689032369.0.0.0
.linkedin.com/	1970-01-20 15:20:08	Name: li_sugr Value: c3471220-d28f-4e9a-a17e-6efda120e0fb
.linkedin.com/	1970-01-20 21:56:08	Name: bcookie Value: "v=2&edb5a152-74b1-4cdc-8e31-8fdd0f753856"
.linkedin.com/	1970-01-20 13:11:58	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2966:u=1:x=1:i=1689032369:t=1689118769:v=2:sig=AQGoHs2wtPG_JTgzKIheHRZlfyKa8VXQ"
.fsibenefits.org/	1970-01-20 22:46:32	Name: _ga_1VTZ09TB92 Value: GS1.1.1689032369.1.0.1689032369.60.0.0
.fsibenefits.org/	1970-01-20 22:46:32	Name: _ga Value: GA1.2.896704971.1689032369
.fsibenefits.org/	1970-01-20 13:11:58	Name: _gid Value: GA1.2.2035273152.1689032370
.fsibenefits.org/	1970-01-20 13:10:32	Name: _gat_UA-3825784-1 Value: 1
.www.fsibenefits.org/	1970-01-20 13:10:35	Name: feathr_session_id Value: 64ac96b163605df823c2ce3b
.linkedin.com/	1970-01-20 13:53:44	Name: UserMatchHistory Value: AQIFrlO4TWOI_wAAAYlCLKWDdHqcjThOHW6Zo6Iutv0ShZo6aNEPRZXXgMFKidjEEGAxsP6iHtFo0Q
.linkedin.com/	1970-01-20 13:53:44	Name: AnalyticsSyncHistory Value: AQIcQxDKoAsrswAAAYlCLKWDPpuz1Loivw3_pwpu9P_qeyMckkgRt-pxkeHJiCzraFXz9pWYXoYU_YjDM5rLNA
.www.linkedin.com/	1970-01-20 21:56:08	Name: bscookie Value: "v=1&20230710233929d8e27536-9304-4d03-8cae-a2138a7e6bc4AQHklhHvigiy7p8ekp1x7N0Tha3k5leL"
.linkedin.com/	1970-01-20 17:29:44	Name: li_gc Value: MTswOzE2ODkwMzIzNjk7MjswMjHfki0TQ04+ZmNXfwvPtEk4MSJIxv92UlhtDOz4bcF5KQ==
.feathr.co/	1970-01-20 21:56:08	Name: f_id Value: 64ac96b1a02d8d0008aa71da
.www.fsibenefits.org/	1970-01-20 13:10:34	Name: cusid Value: 1689032370072

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.clickdimensions.com
cdn.feathr.co
cdn.jsdelivr.net
ka-f.fontawesome.com
kendo.cdn.telerik.com
kit.fontawesome.com
marco.feathr.co
match.adsrvr.org
polo.feathr.co
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.fsibenefits.org
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.linkedin.com
polo.feathr.co
13.107.42.14
18.66.122.32
2001:4860:4802:32::36
2001:4860:4802:38::178
2606:4700:3031::ac43:9f5c
2606:4700::6812:1634
2606:4700::6812:acf
2606:4700:e6::ac40:cb1c
2620:1ec:21::14
2a00:1450:4001:829::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c1b::9a
2a04:4e42:200::485
34.224.14.96
35.71.131.137
50.16.221.99
52.159.97.111
54.224.89.75
65.9.66.121
00b87d5d4a0f88363089016d7ef2e87f785c8c77bc90165b673ae571adf8f2b5
044701c42e8e4d33f7f35f8f53c2b7e8191b741145f8e1ef52b51d2841923729
0570923791f46b546392bb925c8d2b2d9087c3b6a9d22eb3d2bdc84726e2c985
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
24001071c08773af3a6f00636d1875b437605263a84595dd39fcbf84303438d2
29c3b6b0e2246ae17fb03b13a2bb3003c4d07c37092b76b3d854708bcf99aa11
3c00b4d34cae1edefc9eccc9d913b43a20ccbbfb8bccf2d19584e4f09dc03b5d
3c900bc060b3aa59acbd3c4704f9738bbce3d3fad1dcef655c6ad1baba832d6f
437f95f9fd81c962314f0809c103565c1ebb3270f03fd319c851c4457642c840
4392f46d0d055d7a3077720fe3d7a2d98bb41917e3cfb273a8fde82683da5a43
43946d098f722c69b64a2557fedd1a7253a09f36bfc61087ee074df88365c5fb
46ceb12cd13b62ff80e6092a9748f4d15408d2febb2be84a9f085826a4dd6a77
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4a105d853f33531fae00ff309955ffd93c11b7ea73411d60d5894d56d9750808
4f7a5e84cc7c37058d86eab26b7e569b06709a81495da820e77405f09b55c0e8
52e408505ce6d5906d1243dba5b07845174b27d911db2fe3b1f27d60614f624e
533adebf9022c57440b99dcdaf935313c48ad7eded0c206b03348d740aa7c748
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e3d74e651df10ee655c7d4f9740b2c36df3aa235bcb0f320ab0591bfe73b4ea
746051db7e76e6d1086377aaf07dcb901d2d02ee7a307c62c4240500b901c529
7b10d4bcc99a11181e54ad22973cf054c07d390f483ccc39532cb5ba31cbdd83
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83694ec2dfe7f79ee6fc80fd918878a3c18b4cea317563ef1008d1d76c19ed66
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c8bf3c6085175bb4e3fc212d6dc64f3a342b7c5c629d080be18f6a10f14e82d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
951c8f1911eb30c6ebdb01f8e568b03f223fa2ba1c575e118607e9014b5e2f0f
98a3b7b162687c31e7a5008f86fcad00520f855e6cdc7bf8a8dbaa1dc1af5939
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9eff76defa971fe689bd5d78092cde8ef52715fcd1ea28a739e2785d3e6f1608
a7e2a8c284eadcbe945e6ee6b3f1cfaf4e95a0a604ff9e65d536baeaa887cb6e
ac4409f9180490513108f1e5907f81eab5b7f3c172abff81bfbb4719b8d404f5
acdb01fc196fd91f7bde36265f951e67d818de69f5b3597e9a32cbf00cac44e2
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
c09decd0b992ed6a34d925c7419189b56bf0b1f6a794173cfa6117ea3155d718
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c6e64b40d7c6eaac8b2fc1a8dedf86c7732d8e116efa5586fc63d25a46295d8a
cfd881ad084ca202aacf2814f8254163bb4d9cf407de8d3e818626c829ececc4
d47feb6cdefeb735741c97a57ab7e14babfff3a606974ac0550d566d1273feef
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
ebcc4d43d31df7982ad1969a9256632e8de9f3ba601d53afd05292485bcfe2d5
ec89e99b28afb40398aaafb1c9884277e5b7b0ad1ac68fca1f53faf455ab87d0
ec9b13da07cee8fdd41fa684f9b50f040a3a3a60a9ba8401570a932a9c763cf8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46
faa1444cbae74aad09a3bae4849dd1b0fead937d10b8b79321da628b461f59bd
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.fsibenefits.org Open in urlscan Pro 54.224.89.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

58 %IPv6

14 Domains

20 Subdomains

18 IPs

3 Countries

3191 kBTransfer

7320 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fsibenefits.org Open in urlscan Pro
54.224.89.75 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

58 %
IPv6

14
Domains

20
Subdomains

18
IPs

3
Countries

3191 kB
Transfer

7320 kB
Size

16
Cookies

60 HTTP transactions
0 data transactions