www.benefits.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.benefits.com/
Submission: On August 09 via manual (August 9th 2022, 3:27:24 pm UTC) from US — Scanned from NL

Summary HTTP 61 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 19 domains to perform 61 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.benefits.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 1st 2022. Valid for: a year.

This is the only time www.benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.129.131 151.101.129.131	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.66.34 65.9.66.34	16509 (AMAZON-02) (AMAZON-02)
2	104.20.229.67 104.20.229.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:d36c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:206... 2600:9000:206f:de00:19:6119:81c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.240.26 99.86.240.26	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	3.222.225.19 3.222.225.19	14618 (AMAZON-AES) (AMAZON-AES)
61	25

21 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

www.benefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.131 (United States)

ASN54113 (FASTLY, US)

ba3068fe3e2142d68354c198d575728a.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:d36c (United States)

ASN13335 (CLOUDFLARENET, US)

benefits.disabilityguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:de00:19:6119:81c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

pixel.ampry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-26.vie50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.222.225.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-225-19.compute-1.amazonaws.com

renderer.ampry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	benefits.com www.benefits.com	1 MB
5	ampry.com pixel.ampry.com — Cisco Umbrella Rank: 82803 renderer.ampry.com — Cisco Umbrella Rank: 55493	22 KB
5	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 731	132 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 351	12 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 642 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 803	68 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 8761	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 10	655 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	388 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	111 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 12919 c.statcounter.com — Cisco Umbrella Rank: 8514	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	114 KB
2	ubembed.com ba3068fe3e2142d68354c198d575728a.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 10274	49 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 267 fonts.googleapis.com — Cisco Umbrella Rank: 67	32 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	disabilityguide.com benefits.disabilityguide.com	75 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1278	42 KB
1	gstatic.com fonts.gstatic.com	44 KB
61	19

	Domain	Requested by
21	www.benefits.com	www.benefits.com
5	maxcdn.bootstrapcdn.com	www.benefits.com maxcdn.bootstrapcdn.com
4	renderer.ampry.com	pixel.ampry.com
3	bat.bing.com	www.benefits.com bat.bing.com
2	www.google.nl	www.benefits.com
2	www.google.com	www.benefits.com
2	www.facebook.com	www.benefits.com
2	connect.facebook.net	www.benefits.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.benefits.com www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	c.statcounter.com	www.statcounter.com
1	assets.ubembed.com	ba3068fe3e2142d68354c198d575728a.js.ubembed.com
1	pixel.ampry.com	www.benefits.com
1	benefits.disabilityguide.com	www.benefits.com
1	www.statcounter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.benefits.com
1	ba3068fe3e2142d68354c198d575728a.js.ubembed.com	www.benefits.com
1	ajax.googleapis.com	www.benefits.com
61	26

This site contains links to these domains. Also see Links.

Domain
get.benefits.com

Subject Issuer	Validity	Valid
benefits.com Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.ampry.com Amazon	`2022-03-21` - `2023-04-19`	a year	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
ampry.com Amazon	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.benefits.com/
Frame ID: B666BBF009C6B3D90882FD5D905388A6
Requests: 58 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Frame ID: DF8912B6DF36A761408D049E0CE05338
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benefits.com®

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

100 %
HTTPS

68 %
IPv6

19
Domains

26
Subdomains

25
IPs

5
Countries

1959 kB
Transfer

3438 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://get.benefits.com/request-call/?utm_source=bcom&campaign=requestcall
Title: Request a call

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.benefits.com/ 26 KB
7 KB 897ms
835ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 5d39290e9d5065ad94fc2b66b616ab5fb3c3aa880e4ffd7843d908b3c727e08c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 738183e1da3e917c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 15:27:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOTxHEXgWIwiC0ew6jHQOmP9agWYPoD2qPK9WPqg%2FPI%2FG1PubH%2BqNbWJVIStA0T%2BaFvUUyD2BpLmtycLGkkULHET73Zdtt300sE%2FS0hgDbkTNRIUhs35XY66EXLfVY1BL0wHjUQy3AI81ZpisCLe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 78ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 14974876
cdn-cachedat: 2021-06-08 21:21:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f3a3007506374a305b1a96efe5ee1490
cf-ray: 738183e75b679a30-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 80ms
37ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 17284513
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
cf-ray: 738183e75b6b9a30-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 home.css
www.benefits.com/assets/css/ 13 KB
3 KB 28ms
27ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.benefits.com/assets/css/home.css?id=eec8539bb8dfe9551271
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d7dfa2979140e426dc7160916eb4901ac7303ff7d31bb4088bebe4ec5b963c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Dec 2021 21:48:28 GMT
server: cloudflare
age: 3292
etag: W/"61c0fa2c-3517"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4m2P81JCXqrJ%2B2u9M8Vy4n7To3glAvB45EGpbYVT6o3FhsCVgwEdz12%2FVrnErhEvrp7%2FEN9RT8bABNn%2BObQHOzX9j0MPv1ahbbkARAjrjxrhLCVVqL1Vq1hNJQmXAAOJef15NLZTrDFwyqnnWofL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 738183e71ad6917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 82ms
31ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 13:32:57 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 74ms
32ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 755
age: 18536093
cdn-cachedat: 12/13/2021 20:18:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cf-ray: 738183e75b6d9a30-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
ba3068fe3e2142d68354c198d575728a.js.ubembed.com/ 3 KB
2 KB 163ms
79ms Script
application/json 151.101.129.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ba3068fe3e2142d68354c198d575728a.js.ubembed.com/
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 45eed02c505440ede29e3aa6f2eb31c9eaace20197fa463f187a50686207672b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: W/64dc62eb24614169cdfad2f28ec332bb-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: AMS1-C1
accept-ranges: none
x-amz-apigw-id: Wmhx1HuTjoEFdYw=

GET
H3 200 logo-top.svg
www.benefits.com/static/images/home/ 6 KB
3 KB 31ms
30ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/logo-top.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b25a09d4e27b3e0d46bae6963b853598399dfc591e2a1644218b13b622ad0197

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Sep 2020 00:37:24 GMT
server: cloudflare
age: 3291
etag: W/"5f62afc4-1638"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aW%2Bc49%2Bou3c5pasFst4dZ23sfshMH3kOjYApbYvo0nFDMpnRamvb1p3xSWxG2TZPQb9oTsNOvc3mMUw8VL7Th3orA%2FVO6Co7hJ5l1e9ew%2FwhqHI2vY4xSAfnF2cDJ3vrS9yD61igSMUdSKaBIQXR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 738183e7ef2e9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cookie-consent.css
www.benefits.com/static/css/partials/ 1 KB
1 KB 30ms
30ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.benefits.com/static/css/partials/cookie-consent.css
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f5c054634b10543601c09d88abd939904b898419f16973ecc3536ce2b7095b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 23:56:03 GMT
server: cloudflare
age: 3292
etag: W/"61c26993-5d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rJYxBPH%2BgcG0YP2b6ysOWPScZr5%2BaDFegDp68q2k8QnusjE5bZFmgwJ2TMMnONJWdigigzMj004ncxfaYPq1Ojz1IMVVDMtaFzFDgsQVsshZ%2Fz4ebblK7sSar1e%2FF2afmtXzzSjtv7PfyqxFTYe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 738183e7bee49189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 money-computer.png
www.benefits.com/static/images/home/ 4 KB
4 KB 31ms
26ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/money-computer.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa70a457372ec9a3aa6801d889b295473f41c2626329f37477d1ccb5135044c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-fbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7n1lZU%2F0LEzlE5%2B25HNcB6RsGcX2vkqEXYUEZ2adLRe7l%2BZRjoKZtY5PA%2BLel5YrgvjrTsu7Mkq1b9u%2BSlnMz08j1XKsfKa0%2Bmcd5%2FZdz%2B5RHxIvit2lf5aU%2FLy9rXLQqsORziDeSBcXwsf2S1QA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef3d9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4031

GET
H3 200 money-target.png
www.benefits.com/static/images/home/ 10 KB
10 KB 32ms
27ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/money-target.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 534294e3d2d89b46b6437f645af1c287b0fc0bb2c1bf348a9c6fd8fba850586e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-265a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRtHKSCrRIV%2BQssJAl8Pl141VvD05V5XmYPMyp3q4PAjgzB7pEILBlRoUTgcGF6fxS4KzcLS%2F8D8PUTcCzenST%2BtF1L59C6qgGd6ScfsWD1H16IIpcGleVXYHXfLrGTkpJd5uA1k0m6qMciwS07p"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef409189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9818

GET
H3 200 desk.png
www.benefits.com/static/images/home/ 7 KB
8 KB 96ms
90ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/desk.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1ec417e0b9fed491c4ba50de15003b4f64a5d1b4c3d33bb56da9cb8a064b9d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-1c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1laQLJGB5%2BujfFyAJlOw401ZDJQqIV5d9f7Vk2wp863q%2BpZo5AbRs4TyIGCip7i1biWaUF6c6sKprzzM8qNgKubI4g4lr%2BR641V4q4AOI41nIRTkCKxIBhe49bg9IxiIixVj1P87Yi79zsEmlej"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef429189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7312

GET
H3 200 person.png
www.benefits.com/static/images/home/ 7 KB
7 KB 51ms
46ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/person.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d90eac8969fcffc86fc8627cc8a19a247ce6fa7f3f1e4a81ab885c113bb0c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-1b54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDzuVp3Hdqq5qbOYvjbcbpzMkvyYKCxCnTjfs4hgG5DNqGmyWph%2BLzVMMV%2BKuf7jIzlrZpSFvmJ2Kw%2BUueBBZekxj9Wp8CJ9hkBNUaT0%2BPthF5qqo7botBOm2VzlkPw50mOj3bVOKA4DMrrHGXGk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef449189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6996

GET
H3 200 newsletter.png
www.benefits.com/static/images/home/ 9 KB
9 KB 52ms
47ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/newsletter.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e52e79894f08ccd19b0ce2d0efc497bf066f2b3eb79fcff4f7d57425fefc17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-22ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDkdW%2FGNnrsPIF6ShwBrRftY9wWGJ2F7extVtDhICqsPenh8bCnyumfemOWMiWZD1ohBsoBaLdYRcLPsVX2yY5WFKi5Bh8onxRTnSFeIczedigyIOatOhkPzvC4kr1DSF4Zvdojg3Fthm6awoXYa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef459189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8890

GET
H3 200 hands.png
www.benefits.com/static/images/home/ 8 KB
9 KB 49ms
45ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/hands.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c9dfe60b22882d0b808c7a5a6f8a39cc8f472d7758b822eca646e11601232c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-2163"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4BnKK1fa9ic%2B1nwejmkfus5Ebq8KAXscy%2FrYm1GFbp6rIVJgcerLiyhIFGYwWWDG6vw42oKLMVGUSpEJZ2A7%2FgD2W3rf0gCOXMa%2F8qJj5RCFhzAXj0TsTxfZLfvXeI6P7evzi9Yi8MmFsGZrOjd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef479189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8547

GET
H3 200 dashboard-computer.png
www.benefits.com/static/images/home/ 68 KB
69 KB 152ms
147ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/dashboard-computer.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d47b20402b22059d96774d3df0eaf7fd165a6614de43f840035822fe3a12131c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-11145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HW38fKLpmCZHEOLDt0OHlzauoMvwtPOztvFXnY4jkzeaXdrB6XYRsbINdBiIkh3n26Z2HeTl2wLeFi4lnstnes79dIymVfHSHuH2dhQlcYsppvjLdevY5yNTySwNIdXJx6SgbREzCGPoKuwJTLSY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef489189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69957

GET
H3 200 family.png
www.benefits.com/static/images/home/ 233 KB
234 KB 132ms
127ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/family.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c3d3cfacc4e6b8fcd526ca759c1481a1f156f212788aceaa58913ec9ea29c71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-3a4f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlj%2Bj6ZDzf8t5axVnntM%2B3UQkhi4DEJU%2F0x%2FqYo8ibACF4qTvC1yJrZn5Yup5NkLXDKWqfQ%2BAWmaF7DjJHtnct688i2kNQAvcApa%2F%2FdrJKUhla1y4tlkKFJ9yl5cax2jxv0%2BTnXb8tbtXZfKsm%2BO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef499189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 238835

GET
H3 200 old-men.png
www.benefits.com/static/images/home/ 184 KB
184 KB 95ms
91ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/old-men.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fbfcaa9c4f693c28b09910c8f4ecbbce4c2575ae568ef83159bdcaed562276

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-2de65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkFGwcN%2B79kYRj6gMpmfjqrfn5P%2FoDh6RE1T8d1kLV%2BcujhO95DKJzqxgKN%2FmnruaYo750ydbo1%2FGZ1eLrL64wGZD0HoZFEPZCOLd%2Bd%2Fvawedf%2B21rQERk8wVF5gt5pWCcPaUdMRFGLPPm1uMEtk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef4c9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188005

GET
H3 200 sad-guy.png
www.benefits.com/static/images/home/ 129 KB
129 KB 154ms
150ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/sad-guy.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1c4bba34172d987846c45f3dc9a8fb47c38deff5a3937319b27706896787dac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-2026a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FJrlTFqzAb5pqgVE8ZQuO4DLVCreBW8ewiGQS6LctCVMBXQAH3IZvmeKg4eQhp7taYJxnEYwwE%2FWoAX84rRTXy2LEcQZhWgBSz16MH%2BZlQBnHomOme7TPc58emSWpcvw9WkYavjkWrGvqavQx41"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef4d9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131690

GET
H3 200 man-woman.png
www.benefits.com/static/images/home/ 223 KB
224 KB 68ms
64ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/man-woman.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f7b4ee5e81e1dba3f68d52543223f7ef16cd11a1cfa85dca91fa7ca8759c33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-37dca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcIxnRSFfZxxmFpD5XDy1xWfiQ6w9vQT%2F5S5L%2FdmiJ2n0smi%2BNmoEsKBB577zjdrnavgG2EFUBl1I9eBtzsl%2BUbI1ekwuY6EKPJv%2F7gIZk1QwEnP7exAJddULdBHeEfjvhnuTo70PuZLsIwV7bDZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ef4e9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 228810

GET
H3 200 bzj-inc.svg
www.benefits.com/static/images/home/ 3 KB
2 KB 174ms
169ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/bzj-inc.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812d86d3f50f10a3c04f54e8bb0d9b9da247bbd57ee13550273e170041f7a38e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 00:47:17 GMT
server: cloudflare
age: 3291
etag: W/"610b3515-ca7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FPCChsuedip%2BZqqfV18Bq1crC5MNgyqVY7YWph1s5MMxzDQozVWlp%2Flci3xW31HvOV7Mb5dloYxHDL6acLa0zpbMFDDXuHpXXtDknzee6DRqRErpO4Sy63q0YvYoNVfuolmsGRLmeg02TGHTBHc"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 738183e7ef4f9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 inc.svg
www.benefits.com/static/images/home/ 1 KB
1 KB 174ms
170ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/inc.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24921d91ed53311ac17f49091c831b9b3baa0bb20c94a483ba7886cda9d7db55

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 00:47:17 GMT
server: cloudflare
age: 3291
etag: W/"610b3515-49c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDCzf8MBe3osY%2FFn7PmCtAmg%2BzAjYlhGLzNAVRtDPOZDe7i9I7OyKBG5p6H4SXTHrarJ4DdfNnrfHbWe%2BrkxARdfSbyR8zJOE8gtIE%2BkVei8DbY6mVF0ug3u59voTh12iKPegI6AfKmUk0K9kwqA"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 738183e7ef519189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fbs.svg
www.benefits.com/static/images/home/ 3 KB
2 KB 48ms
44ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/fbs.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711a17cc4699431581e591074416c643155af48a38ee5ca1b62ad6051740a021

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 00:47:17 GMT
server: cloudflare
age: 3291
etag: W/"610b3515-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxDdG%2BEFbnf0rMJLY3yAT%2FYzEvi%2B2Qwz4wMjefIw%2BGz2lUTq2zv4D2Um6q%2FvLbEiyJSsr1%2FmMgmWoqlP0CFSbmCZsMrayW3I9B4op9WT4ixxRNKjnqtC%2Bb3jL7FjhIGf0iyelnkfw7V0uLlbx6gb"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 738183e7ef549189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ent.svg
www.benefits.com/static/images/home/ 5 KB
3 KB 175ms
171ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/ent.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9ce76d1845851912368a983599ecb5fd8587e1bff74732732743cb0770d2c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 00:47:17 GMT
server: cloudflare
age: 3291
etag: W/"610b3515-1453"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeYhh%2B3nU3TKb1epvWSxFqHzPRcVI1K8q7BCIuH0GDErayNWSaXPSLMLw2YoGRusUVrQq21f0XuMX3q6OKGamdmm4gNHNCB9Si6mj%2BRQUjrBGd3xjGx9qJuVUBtV%2BxYVbeyiBNhNMMxhUJlKst8X"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 738183e7ef559189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo-footer.svg
www.benefits.com/static/images/home/ 6 KB
3 KB 175ms
171ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/logo-footer.svg
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d6490ee1a555820fa2605ff17757f6c4dcb9f2e0ef37e3df8124edda1a19a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Sep 2020 00:37:24 GMT
server: cloudflare
age: 3291
etag: W/"5f62afc4-162d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJD4ejYDgq3O8gdsbWYe3mUQyhmOENMCabtdKRIhADOcZl5FTej%2BL9tv1Z44XfH5QyFrTRe49FCs6WJMq5jajYeSVI04UkfgOYkduJe4EBci%2BQBnvkyPHf0m9ylkNuHMwWk5hMUizkBPz8njQFvZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 738183e7ef599189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
69 KB 102ms
37ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc96f9f671f9fc2b0c3ddb56bd594e54c7cb50fb346e459cb08a42b819c2a32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70363
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Aug 2022 15:27:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 80ms
28ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/assets/css/home.css?id=eec8539bb8dfe9551271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c26388c1ddbab7f35de1019767bf23489d0bb72aa115cf10a899f96b65718270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 13:46:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 15:27:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 15:27:20 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 74ms
23ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 57311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 23:32:09 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 83ms
58ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.benefits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 1287903
cdn-proxyver: 1.02
cdn-cachedat: 04/09/2022 08:19:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 605e8d420e1f0f027d44da6c31693b91
accept-ranges: bytes
cf-ray: 738183e80a4d6957-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 18 KB
18 KB 63ms
38ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin: https://www.benefits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 15975525
cdn-proxyver: 1.0
cdn-cachedat: 08/03/2021 23:23:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d267c80222f7a077186d161384d64d1e
accept-ranges: bytes
cf-ray: 738183e80a4f6957-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 silhouette-bg.png
www.benefits.com/static/images/home/ 294 KB
294 KB 161ms
161ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.benefits.com/static/images/home/silhouette-bg.png
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/assets/css/home.css?id=eec8539bb8dfe9551271
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f42b4edcc602d335eb8322d73644a8f05112f9cdf181dbd71af2f9dc2e43f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/assets/css/home.css?id=eec8539bb8dfe9551271
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 23:54:51 GMT
server: cloudflare
age: 3291
etag: "5f4847cb-49616"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvhPnHl4zHSgAPXr8jlb46vMfesJB8MKjKx%2BU0h0HyDfwLOPnr9yiODtm%2FYFZAOZsYct2hIQoxsGeeDfqV6pUOcuxP9cv5iu3U9JPfagmgP4FTCmKYwiAxGJAXot%2FqFXOoDNBrb2zyW%2F8MR1jUh2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 738183e7ff829189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 300566

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 106 KB
42 KB 97ms
35ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5DZDX4V

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

894fe66edaf21b3fcab8480e25e9b8b05e6edaafd14c24fcf0fd307b0cca02bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42172
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Aug 2022 15:27:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 80ms
20ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1520
date: Tue, 09 Aug 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Aug 2022 17:02:00 GMT

GET
H2 200 hotjar-1122411.js Show response
static.hotjar.com/c/ 4 KB
2 KB 108ms
53ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1122411.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-34.fra56.r.cloudfront.net

Software

Resource Hash

823c89af339b6eae304cb047002e6bf728e7d028b9d179dd7ee8280427df3a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
date: Tue, 09 Aug 2022 15:27:20 GMT
cross-origin-resource-policy: cross-origin
content-length: 1841
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/365e6dd5ba77528c3b8113319da10e9b
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: yK7XCDfh1pdYbuisBscAu30pDvXK7tpBe8pIQEcSVA9ACJpmQRlKDA==

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 43 KB
14 KB 86ms
30ms Script
application/javascript 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Aug 2022 15:30:44 GMT
server: cloudflare
age: 17118
etag: W/"62f12c24-aa70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 738183e94c2bbbce-FRA
expires: Tue, 09 Aug 2022 22:42:01 GMT

GET
H2 200 escape-redirect.js Show response
benefits.disabilityguide.com/js/ 218 KB
75 KB 1082ms
996ms Script
application/javascript 2606:4700:3034::ac43:d36c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.disabilityguide.com/js/escape-redirect.js?883436177
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d36c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd3f77c147c996466e7275194ac8cd0f380fa13910181768727dfa2ebe46ba6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Jun 2022 16:56:11 GMT
server: cloudflare
etag: W/"62b349ab-366fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoD4v4PY3JexSqd5Yb42t%2F9POtHtymups6DojfswXVIcaVkOqARSVjNASMyMEz%2FHHrf%2BIQVvZBj38Wfs2kuvHFtW22Gdu7iwH2I%2BIYHKJ0FCdILO3J56oi5laPgFqHWKjiOgne0LFzHA4PFCKWzQz%2FfebhWHOvLEeo%2BH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 738183e97b1b901c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 89ms
38ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 71890A4E6AC34F389797DF8BA8E55111 Ref B: AMBEDGE0819 Ref C: 2022-08-09T15:27:20Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 09 Aug 2022 15:27:20 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 75ms
22ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26506
x-xss-protection: 0
pragma: public
x-fb-debug: lpOvKSXZfp2XJd0tccQsODBTPcgqleIZ5mHTZDfcKgWluP4mRcjI+qvuH9fN6w9to8OI1BvncJeKaYjO+PKcag==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 09 Aug 2022 15:27:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 82ms
40ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-371988851

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M84KTS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31d318fd526be535e6cfc801ba9c0bd9a7d145e892a2b6eacb865a4b43fc97a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45575
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Aug 2022 15:27:20 GMT

GET
H2 200 track.js Show response
pixel.ampry.com/static/ 155 KB
20 KB 124ms
21ms Script
application/javascript 2600:9000:206f:de00:19:6119:81c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.ampry.com/static/track.js
Requested by: Host: www.benefits.com
URL: https://www.benefits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:19:6119:81c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0429aa4af534b3874dfa58d583f0a7b6d21a6f2804de31c40e567ebdf3bc76c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: ot_WkAfrgqkVz35wc4JBL2c5vkc0SrR2
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 09:05:18 GMT
server: AmazonS3
age: 35415
etag: W/"ae9bb86f439c3a871e75404b17399c5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
date: Tue, 09 Aug 2022 05:47:37 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6lJv2_ort1Y0LJtY7hgycoA2fPP5qtnJo_Oj2zuyiERjhEcqOnhgRQ==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 137ms
35ms Script
application/javascript 99.86.240.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: ba3068fe3e2142d68354c198d575728a.js.ubembed.com
URL: https://ba3068fe3e2142d68354c198d575728a.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-26.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:45:33 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 6612107
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: wZTycAX_rOX1LgnXYpDqWDV5NQKepQB_SM1G41GrIyeSMGpVpvcwUw==

GET
H3 200 815144366094512 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 101ms
79ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/815144366094512?v=2.9.73&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a0d4ca621fde4040f85644441fb71e81d1d7fcf433c596e7c19c740ff87dc03

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: cfR8W6c5/7WQNZnhxtPzYim2Lr/C2VaYaeT4zhweyVbO7smU5JUjeR7unQnao5BKOXKVamrkQVvxklNtcWte5w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 09 Aug 2022 15:27:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660058840648
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
571 B 160ms
147ms XHR
application/json 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12231059&u1=74CA9578AA154F6610FBF3DF1593540B&java=1&security=06bd3d1e&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.benefits.com/&t=Benefits.com%C2%AE&invisible=1&sc_rum_e_s=1294&sc_rum_e_e=1299&sc_rum_f_s=0&sc_rum_f_e=1281&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 738183e9acf3bbce-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.benefits.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 134004590.js Show response
bat.bing.com/p/action/ 0
118 B 180ms
180ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134004590.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 98A029CF25F74F8C939FFAEFBF237F41 Ref B: AMBEDGE0819 Ref C: 2022-08-09T15:27:20Z
date: Tue, 09 Aug 2022 15:27:20 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
174 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134004590&Ver=2&mid=dfd7d066-9d90-4a62-9701-239a2fed8590&sid=c27d791017f711edbc62ff52ccf112a9&vid=c27d8e5017f711ed8d8fcf37d32dbb92&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Benefits.com%C2%AE&p=https%3A%2F%2Fwww.benefits.com%2F&r=&lt=1055&evt=pageLoad&sv=1&rn=643305

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F2181516ED8404CA12AA8024EA1F86A Ref B: AMBEDGE0819 Ref C: 2022-08-09T15:27:20Z
date: Tue, 09 Aug 2022 15:27:20 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 111ms
49ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-371988851

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 Aug 2022 15:27:20 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 70ms
28ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1832661859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefits.com%2F&ul=en-us&de=UTF-8&dt=Benefits.com%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=1774691501&gjid=1107439501&cid=44337196.1660058841&tid=UA-119266907-1&_gid=1579533884.1660058841&_r=1&gtm=2wg880M84KTS9&z=801885915

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 15:27:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.benefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.0e32ccb9bfd67090f5ca.js Show response
script.hotjar.com/ 249 KB
64 KB 110ms
25ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0e32ccb9bfd67090f5ca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1122411.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

b8ea26b655664c090e9458919e81401c39f87d2e8a675663b1da92351840f067

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 428953
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64991
access-control-allow-origin: *
last-modified: Thu, 04 Aug 2022 16:17:15 GMT
etag: "1c50abd15784ee393d3fe4003e188eef"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -KrB-4syAx7br-97W5Ckj3TXs2_Yo3YJNvyJhzT46OGs5vbSADj5RQ==

GET
H2 200 box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Show response
vars.hotjar.com/ Frame DF89 2 KB
1 KB 102ms
19ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1122411.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-118.fra53.r.cloudfront.net

Software

Resource Hash

3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.benefits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 697153
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 13:48:07 GMT
etag: "b310868fbdb4c8ee7d37e1b85ae269fa"
last-modified: Mon, 01 Aug 2022 13:47:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-id: a78pB5QuZz9ijcQMGV2R-pdXCIlYa7maFqtDseKQ30fbM_94_w4R0g==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 71ms
23ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-119266907-1&cid=44337196.1660058841&jid=1774691501&gjid=1107439501&_gid=1579533884.1660058841&_u=aEBAAEAAQAAAAC~&z=217416270

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Aug 2022 15:27:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.benefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/371988851/ 2 KB
2 KB 134ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/371988851/?random=1660058840701&cv=9&fst=1660058840701&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa880&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefits.com%2F&tiba=Benefits.com%C2%AE&auid=797377161.1660058840&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33af8899c46a3a0a05c0ce2d9a0878a128c2de8c70f6d08605a9071a4fec1b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 15:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1024
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 109ms
33ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=815144366094512&ev=PageView&dl=https%3A%2F%2Fwww.benefits.com%2F&rl=&if=false&ts=1660058840714&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=30&fbp=fb.1.1660058840713.1118906733&it=1660058840557&coo=false&rqm=GET

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 09 Aug 2022 15:27:20 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 104ms
44ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119266907-1&cid=44337196.1660058841&jid=1774691501&_u=aEBAAEAAQAAAAC~&z=113054353

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 105ms
45ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119266907-1&cid=44337196.1660058841&jid=1774691501&_u=aEBAAEAAQAAAAC~&z=113054353

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/371988851/ 42 B
154 B 35ms
34ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/371988851/?random=1660058840701&cv=9&fst=1660057200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa880&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefits.com%2F&tiba=Benefits.com%C2%AE&async=1&fmt=3&is_vtc=1&random=2398959478&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/371988851/ 42 B
548 B 33ms
33ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/371988851/?random=1660058840701&cv=9&fst=1660057200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa880&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.benefits.com%2F&tiba=Benefits.com%C2%AE&async=1&fmt=3&is_vtc=1&random=2398959478&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 66ms
31ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=815144366094512&ev=Microdata&dl=https%3A%2F%2Fwww.benefits.com%2F&rl=&if=false&ts=1660058841217&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Benefits.com%C2%AE%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.benefits.com%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Benefits.com%C2%AE%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Benefits.com%26reg%3B%22%2C%22alternateName%22%3A%22Your%20Free%20Advocate%20for%20Benefit%20Programs%22%2C%22url%22%3A%22https%3A%2F%2Fwww.benefits.com%22%7D%5D&sw=1600&sh=1200&v=2.9.73&r=stable&ec=1&o=30&fbp=fb.1.1660058840713.1118906733&it=1660058840557&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.benefits.com
URL: https://www.benefits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 09 Aug 2022 15:27:21 GMT

OPTIONS
H2 204 cookie
renderer.ampry.com/register/conversion/ Frame 0
0 371ms
122ms Preflight 3.222.225.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer.ampry.com/register/conversion/cookie?pixel_code=49199886798e260a77999888fe9da5940eb4bc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.225.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-225-19.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.benefits.com
access-control-max-age: 0
cache-control: no-cache, private
date: Tue, 09 Aug 2022 15:27:21 GMT
server: awselb/2.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 cookie Show response
renderer.ampry.com/register/conversion/ 39 B
256 B 301ms
119ms Fetch
application/json 3.222.225.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer.ampry.com/register/conversion/cookie?pixel_code=49199886798e260a77999888fe9da5940eb4bc
Requested by: Host: pixel.ampry.com
URL: https://pixel.ampry.com/static/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.225.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-225-19.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 7d1971b24c491befa0de070b93f69444fe8e3206b88dd67c01f43ab7eb0bbde6

Request headers

Referer: https://www.benefits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Aug 2022 15:27:22 GMT
server: awselb/2.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.benefits.com
x-ratelimit-remaining: 955
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
content-length: 39

POST
H2 200 templates Show response
renderer.ampry.com/filter/ 1 KB
2 KB 436ms
241ms Fetch
application/json 3.222.225.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer.ampry.com/filter/templates
Requested by: Host: pixel.ampry.com
URL: https://pixel.ampry.com/static/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.225.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-225-19.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 5addf339a6f4224e204a998a3e90385a8ff4c5fafe653e44ad442b0083056c45

Request headers

Referer: https://www.benefits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Aug 2022 15:27:22 GMT
server: awselb/2.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.benefits.com
x-ratelimit-remaining: 956
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
content-length: 1371

OPTIONS
H2 204 templates
renderer.ampry.com/filter/ Frame 0
0 355ms
110ms Preflight 3.222.225.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer.ampry.com/filter/templates
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.225.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-225-19.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.benefits.com
access-control-max-age: 0
cache-control: no-cache, private
date: Tue, 09 Aug 2022 15:27:21 GMT
server: awselb/2.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.benefits.com/	1970-01-20 05:07:46	Name: XSRF-TOKEN Value: eyJpdiI6InlKZ3VGVDNYcTdrSmJjdmYwU2J1eEE9PSIsInZhbHVlIjoiMzR4UkpWSENseGdsbmhIMTVWVFZ4MmZlNStwdVVDNVVINWUwVUlcL3ZyWmExalNMOXNqcDNVR1wvbW03eTFWdGdtMnJrRDJYcW52UmZiQXN4K2xcL2VuTkE9PSIsIm1hYyI6IjdhZjdlZTBmZTEyM2Y0NmQxZDdlNGVmY2MyMzVkZWIzZjk5ZjEzODE1OWU5NmU2MDIyOWVjMmE0NTA1OWY4YzYifQ%3D%3D
www.benefits.com/	1970-01-20 05:07:46	Name: laravel_session Value: eyJpdiI6Imo1OVM4TllUdHFcL3lwekdMS3BFRE9nPT0iLCJ2YWx1ZSI6IkRLRzFqK21jTUFDY3doaWJwV25XaWozVWUybEJ3RFYzazZcL21iWnNjWGlEWlB2TjhwelB3K21aMUVaZFpCcksyXC8xYlFHemtNTVM5TlNnaVliTnJINkE9PSIsIm1hYyI6Ijc1ZTYwZTAyNGYxYmRiYjAxODEzY2I0MmNhNWJkMDMyNGQyMGVhNjMwYzQ3MzNhYzQwMjVjYzg0OTMxZWRiNDUifQ%3D%3D
.benefits.com/	1970-01-20 07:17:14	Name: _gcl_au Value: 1.1.797377161.1660058840
.bing.com/	1970-01-20 14:29:14	Name: MUID Value: 1ED7AD7B0B6466FA0452BC800A916774
.benefits.com/	1970-01-20 14:43:38	Name: sc_is_visitor_unique Value: rx12231059.1660058841.74CA9578AA154F6610FBF3DF1593540B.1.1.1.1.1.1.1.1.1
.benefits.com/	1970-01-20 05:09:05	Name: _uetsid Value: c27d791017f711edbc62ff52ccf112a9
.benefits.com/	1970-01-20 14:29:14	Name: _uetvid Value: c27d8e5017f711ed8d8fcf37d32dbb92
.benefits.com/	1970-01-20 14:43:38	Name: _ga Value: GA1.2.44337196.1660058841
.benefits.com/	1970-01-20 05:09:05	Name: _gid Value: GA1.2.1579533884.1660058841
.benefits.com/	1970-01-20 05:07:38	Name: _gat_UA-119266907-1 Value: 1
.benefits.com/	1970-01-20 07:17:14	Name: _fbp Value: fb.1.1660058840713.1118906733
.statcounter.com/	1970-01-20 14:43:38	Name: is_unique Value: sc12231059.1660058840.0
.statcounter.com/	1970-01-20 14:43:38	Name: is_visitor_unique Value: 1660058840190344076
.doubleclick.net/	1970-01-20 05:07:39	Name: test_cookie Value: CheckForPermission
.ampry.com/	1970-01-20 09:26:50	Name: visited_urls Value: eyJpdiI6Ijc5MGQwY1l6c3F4UE9ycWsrYlhUbVE9PSIsInZhbHVlIjoiWG5Gdk9vazRIT2pNQkU2eU03TmVSUTZtVkdNeG5OV3NGK0ZWRGNmQTg3NGtzSWQ2eFRhUlFic1lTYWJ0RnZCNCIsIm1hYyI6IjU3YjM4Y2Y4OWYwZWY4ZDc5ZmVjOGNkMGJmMDUyYzVlNjM1ZmFjODYwZjQzYTBmNmQ2MmFhMzYxZTdjZjA0MDIiLCJ0YWciOiIifQ%3D%3D
.ampry.com/	1970-01-20 09:26:50	Name: ampry_unique Value: eyJpdiI6Ilh6ZDNOZGY1K0t4VDZ0TkVCTmRXUUE9PSIsInZhbHVlIjoiL2pLdi82RmhkS3h0NTNoaDh4YlhlSmhlWHNLQzlqOWFlbm14SlhqdFhQWjNUT1NYWWoweWRnanFxWUhVbVN2bWNPeEt2SFA2bkQySVNSWE5tcEJPOFZ5OHJyd0J4RU1MTnEvUUF3MEFNanc9IiwibWFjIjoiZjczZmVmZWIzNjk5YzNiZjcwMGM2MDcxYTM1MjZmZTNiMzk0MmM4MDM0ODU5M2ExZWM4YjRmYjU1MzQzOTdmMCIsInRhZyI6IiJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.ubembed.com
ba3068fe3e2142d68354c198d575728a.js.ubembed.com
bat.bing.com
benefits.disabilityguide.com
c.statcounter.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pixel.ampry.com
renderer.ampry.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.benefits.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.statcounter.com
104.20.229.67
142.250.185.162
143.204.215.118
151.101.129.131
2600:9000:206f:de00:19:6119:81c0:93a1
2606:4700:3034::ac43:d36c
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:803::2008
2a00:1450:4001:809::200e
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c03::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a06:98c1:3120::c
3.222.225.19
52.222.236.63
65.9.66.34
99.86.240.26
0429aa4af534b3874dfa58d583f0a7b6d21a6f2804de31c40e567ebdf3bc76c1
09d90eac8969fcffc86fc8627cc8a19a247ce6fa7f3f1e4a81ab885c113bb0c7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17e52e79894f08ccd19b0ce2d0efc497bf066f2b3eb79fcff4f7d57425fefc17
24921d91ed53311ac17f49091c831b9b3baa0bb20c94a483ba7886cda9d7db55
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31d318fd526be535e6cfc801ba9c0bd9a7d145e892a2b6eacb865a4b43fc97a5
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598
39f7b4ee5e81e1dba3f68d52543223f7ef16cd11a1cfa85dca91fa7ca8759c33
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
45eed02c505440ede29e3aa6f2eb31c9eaace20197fa463f187a50686207672b
4c3d3cfacc4e6b8fcd526ca759c1481a1f156f212788aceaa58913ec9ea29c71
52d7dfa2979140e426dc7160916eb4901ac7303ff7d31bb4088bebe4ec5b963c
534294e3d2d89b46b6437f645af1c287b0fc0bb2c1bf348a9c6fd8fba850586e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5addf339a6f4224e204a998a3e90385a8ff4c5fafe653e44ad442b0083056c45
5d39290e9d5065ad94fc2b66b616ab5fb3c3aa880e4ffd7843d908b3c727e08c
5fd3f77c147c996466e7275194ac8cd0f380fa13910181768727dfa2ebe46ba6
68d6490ee1a555820fa2605ff17757f6c4dcb9f2e0ef37e3df8124edda1a19a3
6a9ce76d1845851912368a983599ecb5fd8587e1bff74732732743cb0770d2c6
711a17cc4699431581e591074416c643155af48a38ee5ca1b62ad6051740a021
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c9dfe60b22882d0b808c7a5a6f8a39cc8f472d7758b822eca646e11601232c1
7d1971b24c491befa0de070b93f69444fe8e3206b88dd67c01f43ab7eb0bbde6
812d86d3f50f10a3c04f54e8bb0d9b9da247bbd57ee13550273e170041f7a38e
823c89af339b6eae304cb047002e6bf728e7d028b9d179dd7ee8280427df3a3e
894fe66edaf21b3fcab8480e25e9b8b05e6edaafd14c24fcf0fd307b0cca02bd
89fbfcaa9c4f693c28b09910c8f4ecbbce4c2575ae568ef83159bdcaed562276
8a0d4ca621fde4040f85644441fb71e81d1d7fcf433c596e7c19c740ff87dc03
8aa70a457372ec9a3aa6801d889b295473f41c2626329f37477d1ccb5135044c
9f5c054634b10543601c09d88abd939904b898419f16973ecc3536ce2b7095b2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
b25a09d4e27b3e0d46bae6963b853598399dfc591e2a1644218b13b622ad0197
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b8ea26b655664c090e9458919e81401c39f87d2e8a675663b1da92351840f067
c26388c1ddbab7f35de1019767bf23489d0bb72aa115cf10a899f96b65718270
c33af8899c46a3a0a05c0ce2d9a0878a128c2de8c70f6d08605a9071a4fec1b2
d1ec417e0b9fed491c4ba50de15003b4f64a5d1b4c3d33bb56da9cb8a064b9d3
d47b20402b22059d96774d3df0eaf7fd165a6614de43f840035822fe3a12131c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c4bba34172d987846c45f3dc9a8fb47c38deff5a3937319b27706896787dac
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9f42b4edcc602d335eb8322d73644a8f05112f9cdf181dbd71af2f9dc2e43f0
fc96f9f671f9fc2b0c3ddb56bd594e54c7cb50fb346e459cb08a42b819c2a32a
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.benefits.com Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

68 %IPv6

19 Domains

26 Subdomains

25 IPs

5 Countries

1959 kBTransfer

3438 kBSize

16 Cookies

1 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.benefits.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

68 %
IPv6

19
Domains

26
Subdomains

25
IPs

5
Countries

1959 kB
Transfer

3438 kB
Size

16
Cookies

61 HTTP transactions
0 data transactions