www.benefits.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.benefits.com/
Submission: On July 12 via manual (July 12th 2022, 6:10:56 pm UTC) from US — Scanned from NL

Summary HTTP 62 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 19 domains to perform 62 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.benefits.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 1st 2022. Valid for: a year.

This is the only time www.benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.17.119 108.138.17.119	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2	104.20.229.67 104.20.229.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:4dc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223e:3400:19:6119:81c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.40 18.66.139.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	52.215.128.203 52.215.128.203	16509 (AMAZON-02) (AMAZON-02)
4	44.199.33.73 44.199.33.73	14618 (AMAZON-AES) (AMAZON-AES)
62	26

21 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.benefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

ba3068fe3e2142d68354c198d575728a.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-119.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:4dc3 (United States)

ASN13335 (CLOUDFLARENET, US)

benefits.disabilityguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:3400:19:6119:81c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

pixel.ampry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80f::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.128.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-128-203.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.199.33.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-33-73.compute-1.amazonaws.com

renderer.ampry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	benefits.com www.benefits.com	1 MB
5	ampry.com pixel.ampry.com — Cisco Umbrella Rank: 176693 renderer.ampry.com — Cisco Umbrella Rank: 166272	22 KB
5	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 819	132 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 698 script.hotjar.com — Cisco Umbrella Rank: 1004 vars.hotjar.com — Cisco Umbrella Rank: 1019 in.hotjar.com — Cisco Umbrella Rank: 1681	68 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 398	12 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 7725	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 17	655 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 138 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 13939 c.statcounter.com — Cisco Umbrella Rank: 9100	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	111 KB
2	ubembed.com ba3068fe3e2142d68354c198d575728a.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 11352	49 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 350 fonts.googleapis.com — Cisco Umbrella Rank: 81	32 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 134	15 KB
1	disabilityguide.com benefits.disabilityguide.com — Cisco Umbrella Rank: 845165	75 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1437	40 KB
1	gstatic.com fonts.gstatic.com	44 KB
62	19

	Domain	Requested by
21	www.benefits.com	www.benefits.com
5	maxcdn.bootstrapcdn.com	www.benefits.com maxcdn.bootstrapcdn.com
4	renderer.ampry.com	pixel.ampry.com
3	bat.bing.com	www.benefits.com bat.bing.com
2	www.google.nl	www.benefits.com
2	www.google.com	www.benefits.com
2	www.facebook.com	www.benefits.com
2	connect.facebook.net	www.benefits.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.benefits.com www.googletagmanager.com
1	in.hotjar.com	script.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	c.statcounter.com	www.statcounter.com
1	pixel.ampry.com	www.benefits.com
1	benefits.disabilityguide.com	www.benefits.com
1	www.statcounter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	assets.ubembed.com	ba3068fe3e2142d68354c198d575728a.js.ubembed.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.benefits.com
1	ba3068fe3e2142d68354c198d575728a.js.ubembed.com	www.benefits.com
1	ajax.googleapis.com	www.benefits.com
62	27

This site contains links to these domains. Also see Links.

Domain
get.benefits.com

Subject Issuer	Validity	Valid
benefits.com Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-20` - `2022-07-19`	3 months	crt.sh
*.ampry.com Amazon	`2022-03-21` - `2023-04-19`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
ampry.com Amazon	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.benefits.com/
Frame ID: BC901EA1A506E8D8C67C4F2A326F8BD3
Requests: 59 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html
Frame ID: A191F354204604E5902BBA06F280471A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benefits.com®

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

100 %
HTTPS

65 %
IPv6

19
Domains

27
Subdomains

26
IPs

5
Countries

1953 kB
Transfer

3420 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://get.benefits.com/request-call/?utm_source=bcom&campaign=requestcall
Title: Request a call

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.benefits.com/ 26 KB
7 KB 932ms
867ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 5d39290e9d5065ad94fc2b66b616ab5fb3c3aa880e4ffd7843d908b3c727e08c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 729bbce3da16912e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Jul 2022 18:10:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2B5loIu4wb5NPTqzQvyru1N1DFOCpudDSX7vEc2fanDhd4MWdascOIzpYiMuuRFEERuHdaj9BbhMnXybkWJweT%2FeNHZ74Akzw7C%2F%2BvgMmdiLYdHOh6rf5aohQetVG1pL3dnVBQihJqXDSCfRVQ8h"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 79ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 12565486
cdn-cachedat: 2021-06-08 21:21:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f3a3007506374a305b1a96efe5ee1490
cf-ray: 729bbce99fa49b4c-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 78ms
31ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 14875123
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
cf-ray: 729bbce99fa59b4c-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 home.css
www.benefits.com/assets/css/ 13 KB
3 KB 839ms
837ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.benefits.com/assets/css/home.css?id=eec8539bb8dfe9551271
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d7dfa2979140e426dc7160916eb4901ac7303ff7d31bb4088bebe4ec5b963c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Dec 2021 21:48:28 GMT
server: cloudflare
etag: W/"61c0fa2c-3517"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LelUsje8j6S7JzWVwbNJmNKp95XsTt%2BvJK%2B8KdpkUkkHIYrHFpTQMAA5sgd0Kax8MkWI5AuCRLW%2BELRUTpOc3kqzopSkftuKyhQN64cbCPqTFzQpdP0iWjEuTIvgmwkBLR%2FRAWNKYUCqj3mo6d5s"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 729bbce95cce912e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 84ms
32ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 17:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 17:07:06 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 75ms
29ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 755
age: 16126703
cdn-cachedat: 12/13/2021 20:18:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cf-ray: 729bbce99fa69b4c-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
ba3068fe3e2142d68354c198d575728a.js.ubembed.com/ 3 KB
1 KB 64ms
15ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ba3068fe3e2142d68354c198d575728a.js.ubembed.com/
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 45eed02c505440ede29e3aa6f2eb31c9eaace20197fa463f187a50686207672b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 7198
etag: W/64dc62eb24614169cdfad2f28ec332bb-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: AMS1-C1
accept-ranges: none
x-amz-apigw-id: VKV6CFj1DoEFvlQ=

GET
H3 200 logo-top.svg
www.benefits.com/static/images/home/ 6 KB
3 KB 27ms
27ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/logo-top.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b25a09d4e27b3e0d46bae6963b853598399dfc591e2a1644218b13b622ad0197

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Sep 2020 00:37:24 GMT
server: cloudflare
age: 645
etag: W/"5f62afc4-1638"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0mz7JZcEZevIRrYEqbSlP6Rv8YHmqucJdgCHkTqiAv4Dg6dMKRfJl3azWpaT9t4ZickmhavU66wmoUJK%2Fo6btoeJ6T5obWT98Ge5UGKzA%2Bwtx5i9MYJ8fE5UEYjWeS6aRqKJZ6Q4rbFZYOe2x9A"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 729bbcee9aae9013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cookie-consent.css
www.benefits.com/static/css/partials/ 1 KB
1 KB 700ms
699ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.benefits.com/static/css/partials/cookie-consent.css
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f5c054634b10543601c09d88abd939904b898419f16973ecc3536ce2b7095b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Dec 2021 23:56:03 GMT
server: cloudflare
etag: W/"61c26993-5d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BzdEE%2Fhs49YsihE72EHTee0lqdf6X08N3C7HFYG%2FYGiqb5pPVBhFSt%2FFfjrK1yQhOeVt75nvEWeFOXStyEdz2EvCu%2BsvedO%2FRLKpBm%2BvN2hY%2F9Edt0ohnWcqYuYiCCph27F6%2FavNhRv2a0t4zhZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 729bbce9fb919013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 money-computer.png
www.benefits.com/static/images/home/ 4 KB
4 KB 679ms
678ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/money-computer.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa70a457372ec9a3aa6801d889b295473f41c2626329f37477d1ccb5135044c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-fbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BGn%2BuMDgrQcQDy3o1lfaQYq3yXWhjKjSFwJnhGyOIj%2BaysZVAW3BrOCp2aSeJdhxT3j%2BZq%2BMqFqoCYmFz7bukR%2F%2BxnjnPdR1jRDefbtx9iplPP99HDTu4ttPcJPk%2FKFAdFdWXGvN2R0tp0Mvq6t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbceecafc9013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4031

GET
H3 200 money-target.png
www.benefits.com/static/images/home/ 10 KB
10 KB 811ms
811ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/money-target.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 534294e3d2d89b46b6437f645af1c287b0fc0bb2c1bf348a9c6fd8fba850586e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-265a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLFGlibtMBdf0QoeXUE22X%2Bi%2FtpOUCVuMdK26yXd8R67%2Fm7R5LXFfJQAoKGzJV7bkPPJBk5mPr13p%2BRP9EcdcdPew7BECqnQLkONG5rW8dklUeCz3cNSIaojLy%2FrnWJfErXGb0rnsH10Owklmt9a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef1b659013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9818

GET
H3 200 desk.png
www.benefits.com/static/images/home/ 7 KB
8 KB 669ms
668ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/desk.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1ec417e0b9fed491c4ba50de15003b4f64a5d1b4c3d33bb56da9cb8a064b9d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-1c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7uUuNMY0AJc2MoZVj1iXF1K3cpKq0GSj4j9mMWcgWQg8wZ3a2BAyS2bZGuFDZK5Uuf99sXZuhPphF3vcvEvE7e9WZIaQulMGH%2BwP5QQeoqhaL%2Fpf%2BVH9IMBGWtruKzrX5n9FodG91Ml%2B7p4yHet"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2b8e9013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7312

GET
H3 200 person.png
www.benefits.com/static/images/home/ 7 KB
7 KB 723ms
720ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/person.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d90eac8969fcffc86fc8627cc8a19a247ce6fa7f3f1e4a81ab885c113bb0c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-1b54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vitaw6WW3mAhm4sai7RpyWQcLFNuLuR4a%2Frh%2FGd3qUU7JR%2Fw2l5qR2yPzr55Se7IfcxaKdWLG2s4Rq%2BPlB1nukSqylpd9pjYwcywXWFiBMC9Bi%2BEbEybyRMNrv6yRaWRmAR%2Fy%2B%2F0vI9EuzwNx88x"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2b919013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6996

GET
H3 200 newsletter.png
www.benefits.com/static/images/home/ 9 KB
9 KB 724ms
721ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/newsletter.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e52e79894f08ccd19b0ce2d0efc497bf066f2b3eb79fcff4f7d57425fefc17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-22ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuTL3c5n7imGJiJseHRqMgeHcuCFfE20bB1ASTqc6CVBZwnrgMUlmzGsGOKQmC8u2X1eZqiXCJCjVbgka6u5Nu38BeVjKam8hqc1KXLHwWMEDBMM1MO8G5vwRdHBUzmC%2FQGVAu40rH2sEX56vMjD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2b929013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8890

GET
H3 200 hands.png
www.benefits.com/static/images/home/ 8 KB
9 KB 721ms
718ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/hands.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c9dfe60b22882d0b808c7a5a6f8a39cc8f472d7758b822eca646e11601232c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-2163"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASNOJDqrcbQLbxOxGm%2FK6ZkIABcXs3gFAwba9RMmyNYHSqbH7MyHHyfskQXLbFK4LewBY0AILlIMA7qpdbQWr5v9pud1YP55l6abZrZIiChXTd063IxJBTooFKNdv7D2t2GCf%2FugjQlYRJkXHvNI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2b949013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8547

GET
H3 200 dashboard-computer.png
www.benefits.com/static/images/home/ 68 KB
69 KB 671ms
668ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/dashboard-computer.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d47b20402b22059d96774d3df0eaf7fd165a6614de43f840035822fe3a12131c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-11145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOx09j%2Fw0H8Rd%2BrPZB0r%2Fvnnz8olXH12Y5%2Bfky5WtwRSwzgLFeefVYdEFeEL3Xe1ij%2Fv6K3lklw3nVgG6yBSfgT2ZB7J%2FQEcz4ug%2Bdd6yUuh1u5YbxCoC4ncq30wVWXIJcff0zlzQzG0LCsufAc3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2b999013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69957

GET
H3 200 family.png
www.benefits.com/static/images/home/ 233 KB
234 KB 866ms
864ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/family.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c3d3cfacc4e6b8fcd526ca759c1481a1f156f212788aceaa58913ec9ea29c71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-3a4f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozrza9ztAS%2F2moWRffamhKy%2FaqI%2Fj0TVdVxq8ih2PwxmYURT4PsMMyKe7F4Rk0cCcSfC8uFIdZlmkUo59QU7sojtMRfQGH%2BApO2lvCcMPcelR0FUSGyb0bt2oGsNKR6iBHaxtd2VhZFUE3qI2oTp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2b9f9013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 238835

GET
H3 200 old-men.png
www.benefits.com/static/images/home/ 184 KB
184 KB 845ms
842ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/old-men.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fbfcaa9c4f693c28b09910c8f4ecbbce4c2575ae568ef83159bdcaed562276

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-2de65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjAuIrLb2c3aXLrgU8mMXPxYrU0PC2mlnE52IXRu8AQerjPsXAGPIXcAezqc4kVCE%2Bx%2B7O%2FQyxlatcWXu4tgbYYUk717EP0SLTm76ZmQnuNk5gQ2AsfeDGVtpij0avK%2FKe7dqqtNELZLPaQEZt73"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2ba09013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188005

GET
H3 200 sad-guy.png
www.benefits.com/static/images/home/ 129 KB
129 KB 693ms
691ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/sad-guy.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1c4bba34172d987846c45f3dc9a8fb47c38deff5a3937319b27706896787dac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-2026a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu1MBTXrCxEZYa0yOTkh5y0MZI9cH%2FUHp6oJpTYzbaBpzklVeETi5DQ%2FTtDZrep3tUUijH2EmMU8CNhU6%2BdVbMS9siHOtlvSreO939rhpwYoaPP0671ImKJaFLSQhQv%2B3z%2BuEDm6KAES9U1Svpa3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2ba39013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131690

GET
H3 200 man-woman.png
www.benefits.com/static/images/home/ 223 KB
224 KB 728ms
726ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/man-woman.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f7b4ee5e81e1dba3f68d52543223f7ef16cd11a1cfa85dca91fa7ca8759c33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-37dca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNfKmq9%2B%2F7XUYHnLSC8TJQLIOnO%2FAmEOC1cH3c64mCdc5jH8WkJC%2FX%2FH%2FxvrenDURp4ABThduh5%2BzEU0fUBVtMkXo8Lp6kKQKxzEu0xfweyAenlwCX%2BWc3VQk6h2AhrAvQfUEpQydU4zTVXjQnxd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2ba59013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 228810

GET
H3 200 bzj-inc.svg
www.benefits.com/static/images/home/ 3 KB
2 KB 829ms
826ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/bzj-inc.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812d86d3f50f10a3c04f54e8bb0d9b9da247bbd57ee13550273e170041f7a38e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Aug 2021 00:47:17 GMT
server: cloudflare
etag: W/"610b3515-ca7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0qUs4oRb7KVYLCAdn44Z1fI11vQj%2FQRuO2zREFLDL7JluGpy%2FJvMeO9MDpT2mLzZJrwghZn1f5fUBSAoK2%2Bqzy9P1dQdHLv9FMeKVNaJZUzJpGnbAdmeoV9eT5HHIa2pBJr74ZUHG0mavblgySP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 729bbcef2ba69013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 inc.svg
www.benefits.com/static/images/home/ 1 KB
1 KB 829ms
827ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/inc.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24921d91ed53311ac17f49091c831b9b3baa0bb20c94a483ba7886cda9d7db55

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Aug 2021 00:47:17 GMT
server: cloudflare
etag: W/"610b3515-49c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZfnKUaVizom0ILLX3os%2BQ1GXIILklvJ2jngwc%2Fp6e86UT0Y9TuK9KTBW5mfmi1Vr%2BwEFb2fwiyx%2B%2BRJqG8I8%2Fpae7O5c7i%2BbWvUzRwVG1KHhuuLFkPFsMT1YigeD9Gi4vp864C4DWRAhxNVLzYa"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 729bbcef2ba79013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fbs.svg
www.benefits.com/static/images/home/ 3 KB
2 KB 829ms
827ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/fbs.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711a17cc4699431581e591074416c643155af48a38ee5ca1b62ad6051740a021

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Aug 2021 00:47:17 GMT
server: cloudflare
etag: W/"610b3515-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vIQlj7%2BlLqzMapQuj86PTZDWl3zDvF%2BsbOk5yuF9Qo9P4lqWZ%2F6maPn78HP%2B2Kuv1msrLxXnrXLgnKWueZPkdeo880zyX0088GvTmRMObJun2xsWjhSk54IzBHNSVzGDO%2FsYRxYCf8hsOnUdz4C"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 729bbcef2ba89013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ent.svg
www.benefits.com/static/images/home/ 5 KB
3 KB 896ms
894ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/ent.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9ce76d1845851912368a983599ecb5fd8587e1bff74732732743cb0770d2c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Aug 2021 00:47:17 GMT
server: cloudflare
etag: W/"610b3515-1453"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzzfbGD8tccoqVPAGlQXICjSl%2BIeG%2FTebdIAMC%2FHuRlPS2pCdjqM4roWg3%2FlAiOvCXH7g7MsTvjdnXCIkgGlGjPpl00zVGgN0CdZynN%2FohZjDHrgmOOmWRe8%2B4pCxaAAmcu7qNusJEoUNXwi1RRy"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 729bbcef2baa9013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo-footer.svg
www.benefits.com/static/images/home/ 6 KB
3 KB 898ms
896ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/logo-footer.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d6490ee1a555820fa2605ff17757f6c4dcb9f2e0ef37e3df8124edda1a19a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Sep 2020 00:37:24 GMT
server: cloudflare
etag: W/"5f62afc4-162d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHGyyxV%2F33B155p2A1yxUo2QvTYC8wspxBWVShavjrwmGXvkwNKHbKkkQ6T44qlaFJba79oOps9WOwkXlL%2FOivoCQbu1Kpmki3VFwn0haCAmwgTO8Hm3XT25KfONuZN%2BJ%2BjzFY%2Bz6s2snkNlydRS"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 729bbcef2bab9013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
68 KB 90ms
37ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f490a5b328b1ef3a0e567a47320a7461b56dbffc37256dcfae0d88e5d0cb44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68776
x-xss-protection: 0
expires: Tue, 12 Jul 2022 18:10:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/assets/css/home.css?id=eec8539bb8dfe9551271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c26388c1ddbab7f35de1019767bf23489d0bb72aa115cf10a899f96b65718270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 17:50:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 12 Jul 2022 18:10:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jul 2022 18:10:51 GMT

GET
H3 200 silhouette-bg.png
www.benefits.com/static/images/home/ 294 KB
294 KB 825ms
825ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/silhouette-bg.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/assets/css/home.css?id=eec8539bb8dfe9551271
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f42b4edcc602d335eb8322d73644a8f05112f9cdf181dbd71af2f9dc2e43f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/assets/css/home.css?id=eec8539bb8dfe9551271
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
etag: "5f4847cb-49616"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BC2o3%2F5ZFZUmo3%2FFAb%2F67uhJDjoBEtSLoh0SCbbzu53VybwePJxB2WvOSfWXwXKb6H%2FjnxoD%2F9039CspCny3Qhup0n1AdD7Q%2ByuveSRYB6v4mbCpvliYDoqm2WmRfhk%2FcSAJvkiEeKAx77NIrwpP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 729bbcef2bb09013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 300566

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 67122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 23:32:09 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 59ms
33ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.benefits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 473415
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3c0ee80b2a2a696afec2860f2be6b8ea
accept-ranges: bytes
cf-ray: 729bbcef6ed5bb65-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 18 KB
18 KB 100ms
75ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin: https://www.benefits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 2574611
cdn-proxyver: 1.0
cdn-cachedat: 08/03/2021 23:23:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d267c80222f7a077186d161384d64d1e
accept-ranges: bytes
cf-ray: 729bbcef5ed0bb65-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 80ms
26ms Script
application/javascript 108.138.17.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: ba3068fe3e2142d68354c198d575728a.js.ubembed.com
URL: https://ba3068fe3e2142d68354c198d575728a.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:45:33 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 4202718
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: aFoeDyBHrZZcQbTLXAcuLI5W7JthpJOwfMvbVPzNgd6TeioB-oesNg==

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 103 KB
40 KB 110ms
35ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5DZDX4V

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3bcaedde95061324790e09a04859b527c3c5401feec0c6dff1a88dcd936da852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40537
x-xss-protection: 0
expires: Tue, 12 Jul 2022 18:10:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 79ms
20ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3894
date: Tue, 12 Jul 2022 17:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 12 Jul 2022 19:05:57 GMT

GET
H2 200 hotjar-1122411.js Show response
static.hotjar.com/c/ 5 KB
3 KB 106ms
52ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1122411.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

a46e9e43b88c2603145be7a7461bc5e4379dd4a680ad4c9cd2399a27f9ae10b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/32c50393e61b7f491e4f8b4bce75f3b2
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: vIS-1OvahBe9ZTMMGBvsG2JZwjT8JhAQIuOSZ4PEYctHt8hy_56xQQ==
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 42 KB
14 KB 85ms
33ms Script
application/javascript 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0bd9bfaf4def6656a9233d93df518c01be681326e72cd9e00aa73fd29702b83

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Jul 2022 09:57:21 GMT
server: cloudflare
age: 4496
etag: W/"62cd4581-a7ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 729bbcf08db79bdd-FRA
expires: Wed, 13 Jul 2022 04:55:55 GMT

GET
H2 200 escape-redirect.js Show response
benefits.disabilityguide.com/js/ 218 KB
75 KB 1086ms
1018ms Script
application/javascript 2606:4700:3033::6815:4dc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.disabilityguide.com/js/escape-redirect.js?71802018
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4dc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd3f77c147c996466e7275194ac8cd0f380fa13910181768727dfa2ebe46ba6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Jun 2022 16:45:35 GMT
server: cloudflare
etag: W/"62b3472f-366fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1Iy5vMIgGXAjbWRHKOEczarg%2BVSrOL96QWRNC%2Fx5YHaPwnBktksJlZJJ6gcVRk1M1aFwkju9S%2BOktXOzfNpBtx7RljeeBH0IofF9Ar9lABJ6pAKpZeO8moFw3BltJlCoL4tGr9UL1N9ktDbI%2BwtMCflf9nt8XJg%2FAIX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 729bbcf09d7a9ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 320ms
275ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CF399AE05D6C40AAADCDDB21E6B6B57F Ref B: AMS04EDGE1609 Ref C: 2022-07-12T18:10:51Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 12 Jul 2022 18:10:51 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 85ms
26ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: 1P9DgBEHVopBPq6+uSlC3D/7F0/t4FLOB8Nxce1fmV4U557nvUOyNXn7AKxtWlekxvX7duAgg9NSa99SToNO3Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 12 Jul 2022 18:10:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 78ms
35ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-371988851

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ac870467dc33dbfb4d8a3116a51151995e1cecda154a163f1919ab78e5e5c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43923
x-xss-protection: 0
expires: Tue, 12 Jul 2022 18:10:51 GMT

GET
H2 200 track.js Show response
pixel.ampry.com/static/ 155 KB
20 KB 97ms
25ms Script
application/javascript 2600:9000:223e:3400:19:6119:81c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.ampry.com/static/track.js
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3400:19:6119:81c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0429aa4af534b3874dfa58d583f0a7b6d21a6f2804de31c40e567ebdf3bc76c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: ot_WkAfrgqkVz35wc4JBL2c5vkc0SrR2
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 09:05:18 GMT
server: AmazonS3
age: 49992
etag: W/"ae9bb86f439c3a871e75404b17399c5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
date: Tue, 12 Jul 2022 09:47:53 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: a9MvK8szcQWSxsSdMbPiMD8StjINXe1UsdF2A-3PMtF_iBj1t4ZOvw==

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
571 B 444ms
433ms XHR
application/json 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12231059&u1=96CD1DE095B04F6989AAA8EFF774E673&java=1&security=06bd3d1e&sc_snum=1&sess=5e022a&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.benefits.com/&t=Benefits.com%C2%AE&invisible=1&sc_rum_e_s=2129&sc_rum_e_e=2133&sc_rum_f_s=0&sc_rum_f_e=2122&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 729bbcf0ee929bdd-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.benefits.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 252ms
55ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-371988851

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 18:10:51 GMT

GET
H3 200 815144366094512 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 192ms
169ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/815144366094512?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0da1fad231b1e14010bcc883c46b55a32972c99c51e2b3de23e8d95db9501909

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ngDVXz+nq8HpmHGyGdWnz1ASNlzTKYq5drQIlIc4WqZMQDmqqxKdnMf98ehIN3d1WTYmUc712PTV2bJo/D0+Cg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 12 Jul 2022 18:10:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1657649451794
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.aeb592dea6b3cbc7f74e.js Show response
script.hotjar.com/ 245 KB
63 KB 216ms
39ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.aeb592dea6b3cbc7f74e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1122411.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

a5f9ef657331b431ebf99cf2833f8c7237668745bbf416035108e8a148d744b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15224
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64430
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 13:56:43 GMT
etag: "ba4c5af54f5c0c12647c1f386a56236f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: yN6Bu3zc5KnsxJiY7z-eTOvwmwSpfb7x7we-jw-yvz7kCOdb_96lUw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 179ms
28ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1163828224&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefits.com%2F&ul=en-us&de=UTF-8&dt=Benefits.com%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=2113119078&gjid=2146068110&cid=1324755359.1657649452&tid=UA-119266907-1&_gid=198931162.1657649452&_r=1&gtm=2wg7b0M84KTS9&z=477433506

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 18:10:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.benefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-5e0db0f25ef573fe233efc0372d38d69.html Show response
vars.hotjar.com/ Frame A191 2 KB
1 KB 314ms
20ms Document
text/html 18.66.139.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1122411.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-40.fra60.r.cloudfront.net

Software

Resource Hash

897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.benefits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 453585
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 12:11:07 GMT
etag: "247bae6bc5dfc2c9bd258e7b3935cacc"
last-modified: Thu, 07 Jul 2022 12:11:03 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-id: msm2ceFrUqg7Wa49VmrVe_FtJWkCxzfWh3Tma28bQWnc-xhV5vgJXA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 82ms
21ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-119266907-1&cid=1324755359.1657649452&jid=2113119078&gjid=2146068110&_gid=198931162.1657649452&_u=aEBAAEAAQAAAAC~&z=1432964270

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 12 Jul 2022 18:10:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.benefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 134004590.js Show response
bat.bing.com/p/action/ 0
120 B 128ms
127ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134004590.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4605E4C87A6B45868D6D6EA0DB7E34E7 Ref B: AMS04EDGE1609 Ref C: 2022-07-12T18:10:51Z
date: Tue, 12 Jul 2022 18:10:51 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134004590&Ver=2&mid=d5713a19-061b-4c42-89b9-0ce979f7e513&sid=f6ebce10020d11edafb509895c2d27c4&vid=f6ec0f80020d11ed9cd073a69c339dee&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Benefits.com%C2%AE&p=https%3A%2F%2Fwww.benefits.com%2F&r=&lt=1915&evt=pageLoad&msclkid=N&sv=1&rn=70542

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 156DBF064BD9479BA8F008A14E08DC68 Ref B: AMS04EDGE1609 Ref C: 2022-07-12T18:10:51Z
date: Tue, 12 Jul 2022 18:10:51 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 72ms
21ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=815144366094512&ev=PageView&dl=https%3A%2F%2Fwww.benefits.com%2F&rl=&if=false&ts=1657649451959&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1657649451958.540875673&it=1657649451664&coo=false&rqm=GET

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 12 Jul 2022 18:10:52 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/371988851/ 2 KB
2 KB 83ms
33ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/371988851/?random=1657649451961&cv=9&fst=1657649451961&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7b0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefits.com%2F&tiba=Benefits.com%C2%AE&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26d62e0d384239729a48c6666dad8f3036d69e4ab08c16290261367adb7e966d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 18:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 147ms
73ms Image
image/gif 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119266907-1&cid=1324755359.1657649452&jid=2113119078&_u=aEBAAEAAQAAAAC~&z=890234431

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 18:10:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 447ms
383ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119266907-1&cid=1324755359.1657649452&jid=2113119078&_u=aEBAAEAAQAAAAC~&z=890234431

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 18:10:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1122411/ 147 B
323 B 153ms
38ms XHR
application/json 52.215.128.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1122411/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.aeb592dea6b3cbc7f74e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.128.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-128-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://www.benefits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/371988851/ 42 B
154 B 61ms
60ms Image
image/gif 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/371988851/?random=1657649451961&cv=9&fst=1657648800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefits.com%2F&tiba=Benefits.com%C2%AE&async=1&fmt=3&is_vtc=1&random=759577553&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 18:10:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/371988851/ 42 B
548 B 41ms
41ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/371988851/?random=1657649451961&cv=9&fst=1657648800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefits.com%2F&tiba=Benefits.com%C2%AE&async=1&fmt=3&is_vtc=1&random=759577553&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 18:10:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 73ms
50ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=815144366094512&ev=Microdata&dl=https%3A%2F%2Fwww.benefits.com%2F&rl=&if=false&ts=1657649452462&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Benefits.com%C2%AE%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.benefits.com%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Benefits.com%C2%AE%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Benefits.com%26reg%3B%22%2C%22alternateName%22%3A%22Your%20Free%20Advocate%20for%20Benefit%20Programs%22%2C%22url%22%3A%22https%3A%2F%2Fwww.benefits.com%22%7D%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.1.1657649451958.540875673&it=1657649451664&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:10:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 12 Jul 2022 18:10:52 GMT

OPTIONS
H2 204 cookie
renderer.ampry.com/register/conversion/ Frame 0
0 316ms
107ms Preflight 44.199.33.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer.ampry.com/register/conversion/cookie?pixel_code=49199886798e260a77999888fe9da5940eb4bc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.33.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-33-73.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.benefits.com
access-control-max-age: 0
cache-control: no-cache, private
date: Tue, 12 Jul 2022 18:10:52 GMT
server: awselb/2.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 cookie Show response
renderer.ampry.com/register/conversion/ 39 B
256 B 657ms
142ms Fetch
application/json 44.199.33.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer.ampry.com/register/conversion/cookie?pixel_code=49199886798e260a77999888fe9da5940eb4bc
Requested by: Host: pixel.ampry.com
URL: https://pixel.ampry.com/static/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.33.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-33-73.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 7d1971b24c491befa0de070b93f69444fe8e3206b88dd67c01f43ab7eb0bbde6

Request headers

Referer: https://www.benefits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Jul 2022 18:10:53 GMT
server: awselb/2.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.benefits.com
x-ratelimit-remaining: 998
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
content-length: 39

POST
H2 200 templates Show response
renderer.ampry.com/filter/ 1 KB
2 KB 1295ms
784ms Fetch
application/json 44.199.33.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer.ampry.com/filter/templates
Requested by: Host: pixel.ampry.com
URL: https://pixel.ampry.com/static/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.33.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-33-73.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 2e51cc9aebb3b5def3d2cead634db4a5024a68ba6820cc0025ab1b507658bb8a

Request headers

Referer: https://www.benefits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Jul 2022 18:10:53 GMT
server: awselb/2.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.benefits.com
x-ratelimit-remaining: 999
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
content-length: 1370

OPTIONS
H2 204 templates
renderer.ampry.com/filter/ Frame 0
0 317ms
110ms Preflight 44.199.33.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer.ampry.com/filter/templates
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.33.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-33-73.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.benefits.com
access-control-max-age: 0
cache-control: no-cache, private
date: Tue, 12 Jul 2022 18:10:52 GMT
server: awselb/2.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.benefits.com/	1970-01-20 04:27:36	Name: XSRF-TOKEN Value: eyJpdiI6InRHc0pEV0pDd3dTNkllTVVhMUJzSEE9PSIsInZhbHVlIjoid3hmdXVjRGY0MkZ3b2dBVDAwXC82dVVtSVprU004anBRcmxtWk1oOGM5NFhpRWM2Um9WZktMdkJnVnd6UGhWKzZiTkRcL3JXV01PTU1HSGRLYlVScDlZdz09IiwibWFjIjoiN2YyN2MyYjE0MzRlOTNjZDYwNDY0MGY5NDM1YzM5MGVjZDNlZjJlNTZkYWI4ZmVjMDUzYWQzYjQxOWI5ZjUxYiJ9
www.benefits.com/	1970-01-20 04:27:36	Name: laravel_session Value: eyJpdiI6IlwvUmdNM3p2djJjT1M2SFpMV3AzeXhBPT0iLCJ2YWx1ZSI6IlRuXC83QkJ5ejdvbng2WFwvanY1Y2ZqZ1IxZkxYUnFiSXJocFwvbVgwcHMwb1p3djNHdGQrM20wKzRNXC8xUGpNNGxyeGptaThCR29lSFllU0EycnVWUjh5dz09IiwibWFjIjoiNTc5NWRiNGI4YmZiNDA4ZmNlZGVkZWQzYmFhYmNkMzdiNWU1MzFhYTZkNWJmOWEwYzY4ZjMyODc2NWNmZTcyZCJ9
.benefits.com/	1970-01-20 06:37:05	Name: _gcl_au Value: 1.1.1707544478.1657649452
.benefits.com/	1970-01-20 21:58:41	Name: sc_is_visitor_unique Value: rx12231059.1657649452.96CD1DE095B04F6989AAA8EFF774E673.1.1.1.1.1.1.1.1.1
.benefits.com/	1970-01-20 21:58:41	Name: _ga Value: GA1.2.1324755359.1657649452
.benefits.com/	1970-01-20 04:28:55	Name: _gid Value: GA1.2.198931162.1657649452
.benefits.com/	1970-01-20 04:27:29	Name: _gat_UA-119266907-1 Value: 1
.bing.com/	1970-01-20 13:49:05	Name: MUID Value: 1BC7E0A4E473636E1D46F17BE5D062C4
.benefits.com/	1970-01-20 04:28:55	Name: _uetsid Value: f6ebce10020d11edafb509895c2d27c4
.benefits.com/	1970-01-20 13:49:05	Name: _uetvid Value: f6ec0f80020d11ed9cd073a69c339dee
.benefits.com/	1970-01-20 06:37:05	Name: _fbp Value: fb.1.1657649451958.540875673
.benefits.com/	1970-01-20 13:13:05	Name: _hjSessionUser_1122411 Value: eyJpZCI6ImQwZmQ5ZWU5LTI5NjYtNWU2Yi1iODcxLWE2MDk5OTVhNzE2NCIsImNyZWF0ZWQiOjE2NTc2NDk0NTE5MzYsImV4aXN0aW5nIjpmYWxzZX0=
.benefits.com/	1970-01-20 04:27:31	Name: _hjFirstSeen Value: 1
www.benefits.com/	1970-01-20 04:27:29	Name: _hjIncludedInSessionSample Value: 0
.benefits.com/	1970-01-20 04:27:31	Name: _hjSession_1122411 Value: eyJpZCI6IjIwMjcyOWFjLTNiYjktNDc0Zi1iMTk5LTc2Yzc4ZDA1ZDA1MSIsImNyZWF0ZWQiOjE2NTc2NDk0NTIwNDUsImluU2FtcGxlIjpmYWxzZX0=
.doubleclick.net/	1970-01-20 04:27:30	Name: test_cookie Value: CheckForPermission
www.benefits.com/	1970-01-20 04:27:29	Name: _hjIncludedInPageviewSample Value: 1
.benefits.com/	1970-01-20 04:27:31	Name: _hjAbsoluteSessionInProgress Value: 0
.statcounter.com/	1970-01-22 00:15:29	Name: is_unique Value: sc12231059.1657649451.0
.statcounter.com/	1970-01-20 21:58:41	Name: is_visitor_unique Value: 1657649451294308274
.ampry.com/	1970-01-20 08:46:41	Name: visited_urls Value: eyJpdiI6IjcwT0taUjRhM3JBakU1ZlQ2dDVXQ2c9PSIsInZhbHVlIjoiUmMwRU9ISE1zbFAvbE1DUEt1eDBESW1kRzRuTGxQaXRKNzM2SE04QnRsR1hMYU1YcjNPbnVKSGlnamFuZkhhRiIsIm1hYyI6IjU3MGY2ZjE2YWRhMzIzYjc4ODdiMmFmNzg5MmY4MWM2OGRlODk2YzA1MjY5YjA1YmE3OWYwMThjOTkzOTk2M2IiLCJ0YWciOiIifQ%3D%3D
.ampry.com/	1970-01-20 08:46:41	Name: ampry_unique Value: eyJpdiI6ImVRUVFneVRPTDBDN3g3OFRuQlZLRmc9PSIsInZhbHVlIjoiQWlGK21ObDJMT0hXd2huQU8wZ1VjYWFnUDhrSlZ0cGNBeGM3Z1NIQWwzQXBZaHJaK0w5WE1KbEJYbXBHdXArVWtFN0ltcUs4dEQyeDR0STA2ZityRi83b1JQbko2Q3hqSVhNZWxaTmo0ZWs9IiwibWFjIjoiYjcwNzZjNjc2ZTMzOTBkZDAxNDVlMTMzMzZlMmExNGE3ZWY5ZTMwZDcwYzVlYWNlMzI0YTRjOTI5MmE1Y2EwMiIsInRhZyI6IiJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.ubembed.com
ba3068fe3e2142d68354c198d575728a.js.ubembed.com
bat.bing.com
benefits.disabilityguide.com
c.statcounter.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
maxcdn.bootstrapcdn.com
pixel.ampry.com
renderer.ampry.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.benefits.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.statcounter.com
104.20.229.67
108.138.17.119
142.250.186.98
151.101.193.131
18.66.139.40
18.66.97.10
2600:9000:223e:3400:19:6119:81c0:93a1
2606:4700:3033::6815:4dc3
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c06::9b
2a00:1450:4014:80f::2004
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
44.199.33.73
52.215.128.203
52.222.236.74
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
0429aa4af534b3874dfa58d583f0a7b6d21a6f2804de31c40e567ebdf3bc76c1
09d90eac8969fcffc86fc8627cc8a19a247ce6fa7f3f1e4a81ab885c113bb0c7
0da1fad231b1e14010bcc883c46b55a32972c99c51e2b3de23e8d95db9501909
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17e52e79894f08ccd19b0ce2d0efc497bf066f2b3eb79fcff4f7d57425fefc17
24921d91ed53311ac17f49091c831b9b3baa0bb20c94a483ba7886cda9d7db55
26d62e0d384239729a48c6666dad8f3036d69e4ab08c16290261367adb7e966d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e51cc9aebb3b5def3d2cead634db4a5024a68ba6820cc0025ab1b507658bb8a
39f7b4ee5e81e1dba3f68d52543223f7ef16cd11a1cfa85dca91fa7ca8759c33
3bcaedde95061324790e09a04859b527c3c5401feec0c6dff1a88dcd936da852
45eed02c505440ede29e3aa6f2eb31c9eaace20197fa463f187a50686207672b
4c3d3cfacc4e6b8fcd526ca759c1481a1f156f212788aceaa58913ec9ea29c71
52d7dfa2979140e426dc7160916eb4901ac7303ff7d31bb4088bebe4ec5b963c
534294e3d2d89b46b6437f645af1c287b0fc0bb2c1bf348a9c6fd8fba850586e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5d39290e9d5065ad94fc2b66b616ab5fb3c3aa880e4ffd7843d908b3c727e08c
5fd3f77c147c996466e7275194ac8cd0f380fa13910181768727dfa2ebe46ba6
68d6490ee1a555820fa2605ff17757f6c4dcb9f2e0ef37e3df8124edda1a19a3
6a9ce76d1845851912368a983599ecb5fd8587e1bff74732732743cb0770d2c6
6ac870467dc33dbfb4d8a3116a51151995e1cecda154a163f1919ab78e5e5c06
711a17cc4699431581e591074416c643155af48a38ee5ca1b62ad6051740a021
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c9dfe60b22882d0b808c7a5a6f8a39cc8f472d7758b822eca646e11601232c1
7d1971b24c491befa0de070b93f69444fe8e3206b88dd67c01f43ab7eb0bbde6
812d86d3f50f10a3c04f54e8bb0d9b9da247bbd57ee13550273e170041f7a38e
897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53
89fbfcaa9c4f693c28b09910c8f4ecbbce4c2575ae568ef83159bdcaed562276
8aa70a457372ec9a3aa6801d889b295473f41c2626329f37477d1ccb5135044c
8f490a5b328b1ef3a0e567a47320a7461b56dbffc37256dcfae0d88e5d0cb44b
9f5c054634b10543601c09d88abd939904b898419f16973ecc3536ce2b7095b2
a0bd9bfaf4def6656a9233d93df518c01be681326e72cd9e00aa73fd29702b83
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a46e9e43b88c2603145be7a7461bc5e4379dd4a680ad4c9cd2399a27f9ae10b3
a5f9ef657331b431ebf99cf2833f8c7237668745bbf416035108e8a148d744b5
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
b25a09d4e27b3e0d46bae6963b853598399dfc591e2a1644218b13b622ad0197
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
c26388c1ddbab7f35de1019767bf23489d0bb72aa115cf10a899f96b65718270
d1ec417e0b9fed491c4ba50de15003b4f64a5d1b4c3d33bb56da9cb8a064b9d3
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d47b20402b22059d96774d3df0eaf7fd165a6614de43f840035822fe3a12131c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c4bba34172d987846c45f3dc9a8fb47c38deff5a3937319b27706896787dac
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
f9f42b4edcc602d335eb8322d73644a8f05112f9cdf181dbd71af2f9dc2e43f0
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.benefits.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

65 %IPv6

19 Domains

27 Subdomains

26 IPs

5 Countries

1953 kBTransfer

3420 kBSize

22 Cookies

1 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.benefits.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

65 %
IPv6

19
Domains

27
Subdomains

26
IPs

5
Countries

1953 kB
Transfer

3420 kB
Size

22
Cookies

62 HTTP transactions
0 data transactions