urlscan.io logo urlscan.io
SecurityTrails logo

participant.myameriflex.com Open in urlscan Pro
146.88.104.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/ggKhCpYqE3cPZVE6HDE_A9?domain=click.ameriflex-emails.com
Effective URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term...
Submission: On March 02 via manual from RO — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 13 domains to perform 34 HTTP transactions. The main IP is 146.88.104.115, located in United States and belongs to RMH-14, US. The main domain is participant.myameriflex.com. The Cisco Umbrella rank of the primary domain is 689993.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 12th 2022. Valid for: a year.
This is the only time participant.myameriflex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 207.211.31.113 14135 (NAVISITE-...)
1 1 13.111.71.11 22606 (EXACT-7)
12 146.88.104.115 33070 (RMH-14)
9 2600:141b:900... 20940 (AKAMAI-ASN1)
2 2a04:4e42:400... 54113 (FASTLY)
3 74.207.254.209 63949 (AKAMAI-AP...)
1 99.84.208.119 16509 (AMAZON-02)
1 99.84.108.89 16509 (AMAZON-02)
1 151.139.128.10 20446 (STACKPATH...)
1 1 72.14.187.68 63949 (AKAMAI-AP...)
2 3 2600:1f18:61c... 14618 (AMAZON-AES)
2 2 142.250.64.98 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 52.201.125.124 14618 (AMAZON-AES)
34 11
2    207.211.31.113 (Providence, United States)

ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com
protect-us.mimecast.com
1    13.111.71.11 (United States)

ASN22606 (EXACT-7, US)
PTR: click.s11.exacttarget.com
click.ameriflex-emails.com
12    146.88.104.115 (United States)

ASN33070 (RMH-14, US)
participant.myameriflex.com
producer-api.ameriflexbenefits.com
9    2600:141b:9000::1725:7b88 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
3    74.207.254.209 (Fremont, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: d3.adspeed.us
host.fsastore.com
1    99.84.208.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-208-119.iad79.r.cloudfront.net
static.hotjar.com
1    99.84.108.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-89.iad79.r.cloudfront.net
script.hotjar.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.fsastore.com
1    72.14.187.68 (Richardson, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: d1.adspeed.us
g.adspeed.net
3    2600:1f18:61c0:2206:aa4c:f20d:4411:1542 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
2    142.250.64.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net
cm.g.doubleclick.net
1    2600:9000:2199:5800:1b:1126:8840:21 (United States)

ASN16509 (AMAZON-02, US)
dg9yx063wiiht.cloudfront.net
1    2600:141b:13::17d7:82a8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    52.201.125.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-125-124.compute-1.amazonaws.com
api.raygun.io
Apex Domain
Subdomains		 Transfer
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 440
p.typekit.net — Cisco Umbrella Rank: 568
333 KB
10 myameriflex.com
participant.myameriflex.com — Cisco Umbrella Rank: 689993
6 MB
4 fsastore.com
host.fsastore.com — Cisco Umbrella Rank: 199368
cdn.fsastore.com — Cisco Umbrella Rank: 160491
10 KB
3 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1452
2 KB
2 raygun.io
api.raygun.io — Cisco Umbrella Rank: 12974
155 B
2 ameriflexbenefits.com
producer-api.ameriflexbenefits.com — Cisco Umbrella Rank: 483970
351 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
852 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
script.hotjar.com — Cisco Umbrella Rank: 769
72 KB
2 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2232
838 B
2 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 8561
3 KB
1 cloudfront.net
dg9yx063wiiht.cloudfront.net
31 KB
1 adspeed.net
g.adspeed.net — Cisco Umbrella Rank: 55823
167 B
1 ameriflex-emails.com
click.ameriflex-emails.com
401 B
34 13
Domain Requested by
10 participant.myameriflex.com participant.myameriflex.com
9 use.typekit.net participant.myameriflex.com
3 d.adroll.com 2 redirects participant.myameriflex.com
3 host.fsastore.com participant.myameriflex.com
host.fsastore.com
2 api.raygun.io participant.myameriflex.com
2 producer-api.ameriflexbenefits.com participant.myameriflex.com
2 cm.g.doubleclick.net 2 redirects
2 cdn.polyfill.io participant.myameriflex.com
2 protect-us.mimecast.com 2 redirects
1 p.typekit.net participant.myameriflex.com
1 dg9yx063wiiht.cloudfront.net participant.myameriflex.com
1 g.adspeed.net 1 redirects
1 cdn.fsastore.com participant.myameriflex.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com participant.myameriflex.com
1 click.ameriflex-emails.com 1 redirects
34 16

This site contains links to these domains. Also see Links.

Domain
fsastore.com
host.fsastore.com
Subject Issuer Validity Valid
*.myameriflex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-12 -
2023-04-25		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
host.fsastore.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-27 -
2023-08-27		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-11-23		 9 months crt.sh
*.fsastore.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-16 -
2024-03-01		 a year crt.sh
*.ameriflexbenefits.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-30 -
2024-01-25		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.raygun.io
Amazon RSA 2048 M02		 2022-10-11 -
2023-11-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Frame ID: E90CC899733C53F346BFFC9DBF24750B
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ameriflex Participant PortalOpen Chat

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/ggKhCpYqE3cPZVE6HDE_A9?domain=click.ameriflex-emails.com HTTP 307
    https://protect-us.mimecast.com/r/T0weNj8v6aqqzavuVI-m1kP8By9mJUbmdTHRlK38RVqb4nb64cU0fl7M_YLPCafoOA6q3l4XKQ... HTTP 307
    http://click.ameriflex-emails.com/?qs=ad20711e9f73de7bd95f8644b712e7786181c01d8fe703b8d0f0807938d3e3371048afdb... HTTP 302
    https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participan... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

34
Requests

97 %
HTTPS

33 %
IPv6

13
Domains

16
Subdomains

11
IPs

1
Countries

6800 kB
Transfer

7074 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/ggKhCpYqE3cPZVE6HDE_A9?domain=click.ameriflex-emails.com HTTP 307
    https://protect-us.mimecast.com/r/T0weNj8v6aqqzavuVI-m1kP8By9mJUbmdTHRlK38RVqb4nb64cU0fl7M_YLPCafoOA6q3l4XKQ9C_Sc-pobuhX7DFbZIslyrID_k6U86Ro5gWqx4CJMdGjn8loKxc1SJUAm3Xzy8p14KZrZQC5AqbCBkj5bugQ0n50ygQr56pbm3HL9cYE_EmTD9RliOwz4gWp1-DZjUU-jCSDJ2ai6TtmMqwp-wE43-tba6JbgFivZFtUijhDMdknTvKelC-x6mX3yHU_0eamhc2l2gxg6QtcVHi1arHP1mElcVcgWmmZyagFAZhloLGfMLvLiyazcQxkOv3vFqEwKg_9LuCiLPZIjKp1KKN9fvVOM1boR-VwrVohIOlkh7sNstPvXOPoNgnfiVDuqlIRht8DVRhOiSGCL5sCUZ-GxOuxqPGUCoQnHZOoYHZjoL7GnNM58VJT4CoYZ5G-uVedfkbsJZiu095r7oiXjT4aokkp4EOWdWw8Jf2ZArhskBXzs9aG9TxdhE14xAa_cZm0FOQDHoee4k_0ZkIle42kuD60zYD6zGUNCpFxJYQ3piH6tceeDx9QF-fSMup-R_uhe05YhFsUf7IrCASWINpWB7o9rBR2jsY37l94sYgH9gVsJzoEL8u86LSig60jWOC3KlO6W-Sm9kkmsHMfMDFtyuddgPFLbGieOl3U1mnGN9HN23zGLx3xLKw7qqC5VCTr50t-N6joywhG28BnvmiseSKLOTFE8mJ1jIwcwsbOr28Ri0oAJEDmkmx8rHV17ck57MFEhG5bQtPaNjyYv5aNm_5TGofsIcy1YwVBDPI1OgT324XKtVd17mmoO0XLQg5bMNm7IxNAtTPcP0jxwYDoICiL-CBfP1uotpW4UThEOYTYbpOU2uPLoTRgm4HTIQOzskq3MAaw-DMv47BwdSdnyZ5bMp93cBk05JOGooBJyob3BbFaYAb-ERZ9SuRDWdJzLVlZfIubI3-Yyp_R1np22Oe95TvvFjl59AKc4m174nhngyBWSDpyNwheb7VZDbVFks1yt91jW8LahfIGwgYy1Z62KhxPyNaWX1iByWWxQxurTgbLIXL013c6X9-zZdhg-KqTeXUPjUI2KrhYY7WOlIAg-1c9_YuztjOqsArh-ScoxcsJ6XKrg_1wC3jTZ6pavqyLDQO05kjSj4KDojxc_xhB-QN9fo-zQ2V1UdyRolDWIUKyepUm8PgHLkaLjEMGBn0eum380pBNzkh_wwQLdhNeEbX68c6AT3R4XG17Q3WczxqoIG3nBrQfc3S-V4xiIo9JT4LB_htHSMN4l2_9OtzuWG-uK7Q8xy8EVhfzAqP1n5e0Wa3jfSj3vRNXNXrWZxHb6xnaEyy7OIzOWrWY5iMh82T3z1iO_OtyBAG90yp2xzDoP2oL3fsegbk23c3eVzdlY3nETJT__tpjmiaPIAphYq75pon-o3Qg1OAx8XzNex1YUegCMYo7fj99VTdVmyfp9iW6MNfXvqlro0L8yaDqzbygodKUrsUWKwkX7RZPC33Q6tJ6GqUPe9vhyl9D3SqBvdcJ8ddVbkdhYQz0Cl-gRpQ5zlQYW8d9fcMVIZKv2m9ius2-KvFvWFFPTLYQEP5fKI7A5SZx4901oIZ76PVZ5qPZOhZD8uiL7YgYCmf67HM0XVSoZmgvJbBsFrDNkjSO2oFtAW13t9W05-X_Opm-UBOm8SMkx-0GAKn2nrW8T9pDxFOyOWUJaqyLOCBhxbP08EMY5QGGaJzMgVIO2JyKYn4cVEoD_r7bKKmWBe3YXK-RR9ziNPlFet_ULSPzVgYvDU4KI7RMB9w47za085cKKkLdE6IEtOrrMQBqEmO3QWBVdwwfNpPzSuvGVySGpp0W66o-LSI1edQgo1g53b5Twedf5r36s HTTP 307
    http://click.ameriflex-emails.com/?qs=ad20711e9f73de7bd95f8644b712e7786181c01d8fe703b8d0f0807938d3e3371048afdbf7ff1ee1e52492618c661c213a326cc512bd70286b88d08c5666ba11 HTTP 302
    https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://g.adspeed.net/qc.php?do=pixel3p&aid=581385&oid=22625&cb=1677784519 HTTP 302
  • https://d.adroll.com/ipixel/S6N6R5JXAJC35DUNEZUZ2E/LCNO3PT6OJCT7NAYJVQ443?name=32060c90 HTTP 302
  • https://d.adroll.com/cm/g/out?advertisable=S6N6R5JXAJC35DUNEZUZ2E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=pXpuy-Zd90LTrqJZ_itjCQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=pXpuy-Zd90LTrqJZ_itjCQ&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
participant.myameriflex.com/
Redirect Chain
  • https://protect-us.mimecast.com/s/ggKhCpYqE3cPZVE6HDE_A9?domain=click.ameriflex-emails.com
  • https://protect-us.mimecast.com/r/T0weNj8v6aqqzavuVI-m1kP8By9mJUbmdTHRlK38RVqb4nb64cU0fl7M_YLPCafoOA6q3l4XKQ9C_Sc-pobuhX7DFbZIslyrID_k6U86Ro5gWqx4CJMdGjn8loKxc1SJUAm3Xzy8p14KZrZQC5AqbCBkj5bugQ0n50y...
  • http://click.ameriflex-emails.com/?qs=ad20711e9f73de7bd95f8644b712e7786181c01d8fe703b8d0f0807938d3e3371048afdbf7ff1ee1e52492618c661c213a326cc512bd70286b88d08c5666ba11
  • https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=2...
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
76a6928201eca433b0e33b1cd497d7351cb1a2a08f8716b2e1b5492a892b1972
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
3746
content-type
text/html
date
Thu, 02 Mar 2023 19:15:17 GMT
etag
"43175784c14bd91:0"
last-modified
Tue, 28 Feb 2023 22:10:50 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

Cache-Control
private
Connection
close
Content-Length
363
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Mar 2023 19:15:17 GMT
Location
https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748#/login
eex8ezx.js
use.typekit.net/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/eex8ezx.js
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b88 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0fcddbeb4da7f72fb82e83970e2dddbbabf9493574df896ab625e2729b9b95ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 02 Mar 2023 19:15:18 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6884
polyfill.min.js
cdn.polyfill.io/v2/ 		100 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 19:15:18 GMT
age
717842
detected-user-agent
Chrome Mobile/110.0.0
useragent_normaliser
chrome/110.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Wed, 22 Feb 2023 11:03:04 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/110.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
fonts.css
participant.myameriflex.com/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://participant.myameriflex.com/fonts.css
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8a2de23d0a1ae5711886f9fd002e56c02ca094280f33821ccec07c91e6a480cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:17 GMT
last-modified
Mon, 27 Feb 2023 22:54:00 GMT
server
Microsoft-IIS/10.0
etag
"0746061fe4ad91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
14917
qc.php
host.fsastore.com/ 		269 B
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.207.254.209 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
d3.adspeed.us
Software
nginx /
Resource Hash
e352678cf6d79046a1fb15152a37bc39890e8f72ded43cfb94562f4776f872be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 19:15:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
app.a809f6d82a0a682aa424.js
participant.myameriflex.com/ 		5 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://participant.myameriflex.com/app.a809f6d82a0a682aa424.js
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ee6c0b8a8f175037b42cd1d91be8a07f4b555c8cce274a593f2105d3abf2f57
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:17 GMT
last-modified
Tue, 28 Feb 2023 22:10:50 GMT
server
Microsoft-IIS/10.0
etag
"ec786a84c14bd91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
5471004
hotjar-1256861.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1256861.js?sv=6
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-119.iad79.r.cloudfront.net
Software
/
Resource Hash
0e11c95e4362cc0379a741fbcaff158bf756d65095f52263e6cfac1356a42bf0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 19:14:52 GMT
via
1.1 e7311287a3a52035e5fcaf9a58791104.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
age
45
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/8a93ce701ef25aee960b59d31375a9e6
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
0ou4d6EanJMRJqyMzJPJyHEkImH1Y9n9lA-WfcDJ0af_uLJ8Dlo5Pg==
polyfill.min.js
cdn.polyfill.io/v2/ 		100 B
186 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 19:15:18 GMT
age
717842
detected-user-agent
Chrome Mobile/110.0.0
useragent_normaliser
chrome/110.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Wed, 22 Feb 2023 11:03:04 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/110.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
modules.3bdf981e73ecd1bf9fca.js
script.hotjar.com/ 		263 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.3bdf981e73ecd1bf9fca.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1256861.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-89.iad79.r.cloudfront.net
Software
/
Resource Hash
5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 09:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C2
age
295572
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68683
last-modified
Mon, 27 Feb 2023 09:08:08 GMT
etag
"ebfd5ece1732ea77a9b33e8ec7afb91a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ZFGXp8R8pkAaZxZffxDKxFah3VcWjGG964QJRz-My8hLxDK3OODoBA==
qc.php
host.fsastore.com/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank&cb=0.5639120078917021&ref=&uri=https%3A//participant.myameriflex.com/%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DDigital+Wallet+for+participants+3.2.2023%26utm_term%3Dhttps%253a%252f%252fparticipant.myameriflex.com%252f%2523%252flogin%26utm_id%3D231575%26sfmc_id%3D65442748%23/login
Requested by
Host: host.fsastore.com
URL: https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.207.254.209 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
d3.adspeed.us
Software
nginx /
Resource Hash
12b4679ece409a81769a29fb3b5e8cd0ef304d57ceac0a31d85562c3b16e70ee

Request headers

Referer
https://participant.myameriflex.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 19:15:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
1180x125.jpg
cdn.fsastore.com/tpa/fsa/PartnerAssets/Ban/OTC/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fsastore.com/tpa/fsa/PartnerAssets/Ban/OTC/1180x125.jpg
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
beb6f491167c8b47575c89aad57323ab8717e0da5d094cabc62f8a689c9abc57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Mar 2023 19:15:19 GMT
content-md5
1CcF2TyX8uFPGnLhKXrsTw==
content-length
7750
x-ms-lease-status
unlocked
last-modified
Thu, 23 Sep 2021 08:04:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D97E68B501CFF9
x-hw
1677784519.cds038.mi1.hn,1677784519.cds068.mi1.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
3b56e4ce-901e-0024-769b-1b29cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=447
x-ms-version
2009-09-19
accept-ranges
bytes
in
d.adroll.com/cm/g/
Redirect Chain
  • https://g.adspeed.net/qc.php?do=pixel3p&aid=581385&oid=22625&cb=1677784519
  • https://d.adroll.com/ipixel/S6N6R5JXAJC35DUNEZUZ2E/LCNO3PT6OJCT7NAYJVQ443?name=32060c90
  • https://d.adroll.com/cm/g/out?advertisable=S6N6R5JXAJC35DUNEZUZ2E
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=pXpuy-Zd90LTrqJZ_itjCQ
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=pXpuy-Zd90LTrqJZ_itjCQ&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Server
2600:1f18:61c0:2206:aa4c:f20d:4411:1542 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 19:15:20 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 19:15:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.adroll.com/cm/g/in
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qc.php
host.fsastore.com/ 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://host.fsastore.com/qc.php?do=imp&aid=581385&zid=103957&t=1677784519&auth=c74332e77b5150b551d715d9d6a16692&oid=22625&wd=-1&ht=-1&ref=&uri=https%3A%2F%2Fparticipant.myameriflex.com%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DDigital+Wallet+for+participants+3.2.2023%26utm_term%3Dhttps%253a%252f%252fparticipant.myameriflex.com%252f%2523%252flogin%26utm_id%3D231575%26sfmc_id%3D65442748%23%2Flogin
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.207.254.209 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
d3.adspeed.us
Software
nginx /
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 02 Mar 2023 19:15:19 GMT
cache-control
max-age=315360000
server
nginx
content-length
43
expires
Thu, 31 Dec 2037 23:55:55 GMT
app-config.json
participant.myameriflex.com/ 		36 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://participant.myameriflex.com/app-config.json?t=1677784519443
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.a809f6d82a0a682aa424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f7dbdabfcc6dd5a9b3b6122b78cfb6ad14848d5500ce658e51fbfdf168140829
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:18 GMT
last-modified
Tue, 28 Feb 2023 22:10:50 GMT
server
Microsoft-IIS/10.0
etag
"2505884c14bd91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/json
accept-ranges
bytes
content-length
36
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b88 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer
https://participant.myameriflex.com/
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
nginx
etag
"a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33660
l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b88 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
40b87680850d61dff26f2280eaac2487e2261e8771cca1f4eba69dc366cd1fe2

Request headers

Referer
https://participant.myameriflex.com/
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
nginx
etag
"7419d3e31dff61919238b7104d975fb9f66eb724"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35128
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b88 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer
https://participant.myameriflex.com/
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32688
l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b88 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629

Request headers

Referer
https://participant.myameriflex.com/
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
nginx
etag
"98ea2e3888e90196090ca6bc7ddc5345e1871a7a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34380
l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b88 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
04dd88ec3632bfd618a21c8657d6faf685a33fde9d3bf3c7e0e43ce9f517c55d

Request headers

Referer
https://participant.myameriflex.com/
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
nginx
etag
"e7811049bfa1845589c42f0b31c9740a16cee93a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
43076
l
use.typekit.net/af/eb729a/000000000000000000010092/27/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/eb729a/000000000000000000010092/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b88 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
57ed2485ff1f9eb21bcd5209debc16b3c18a07140571367f0dca76a1922dbcae

Request headers

Referer
https://participant.myameriflex.com/
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
nginx
etag
"457eff33d9f4e8245ff5b71b234463ccb76ddf1e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
43084
l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b88 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
96b67419d2538b42413797739000601d5884a81872b8346559c04770100a29fb

Request headers

Referer
https://participant.myameriflex.com/
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
nginx
etag
"22520917f01d8d34c0dcc1417c749962b8a47011"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
51524
l
use.typekit.net/af/cf3e4e/000000000000000000010095/27/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/cf3e4e/000000000000000000010095/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b88 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2c8c12fdc681f574ea559e937f22422a2264362d044dd522c9442071098c4f07

Request headers

Referer
https://participant.myameriflex.com/
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
nginx
etag
"8c71903d09dd901d68e476eaeb1bb223941b9348"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
57500
feature
producer-api.ameriflexbenefits.com/papi/ 		117 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://producer-api.ameriflexbenefits.com/papi/feature
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.a809f6d82a0a682aa424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2b9584ea424dfac4f94252f783ba8524e1de0335fc97c70bcaf722a49c22d88c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://participant.myameriflex.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://participant.myameriflex.com
access-control-allow-credentials
true
content-length
117
amazon-connect-chat-interface-client.js
dg9yx063wiiht.cloudfront.net/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dg9yx063wiiht.cloudfront.net/amazon-connect-chat-interface-client.js
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:5800:1b:1126:8840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4afcec3eb568dacc2daf2f5c8e181d52585cd26646a2b6889291f7224f4f73c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
.WZBcNafRj30ZsU6.F_HvAAJIL0UEYf3
content-encoding
gzip
via
1.1 a4d8112508e8450a57296bb3736a5136.cloudfront.net (CloudFront)
date
Thu, 02 Mar 2023 10:08:13 GMT
last-modified
Tue, 13 Dec 2022 22:11:52 GMT
server
AmazonS3
age
33521
x-amz-cf-pop
IAD79-C1
x-amz-server-side-encryption
AES256
etag
W/"e1d057e0e81acec9ba4a72a1b16f6579"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
lqG7YvFtzpsGVlvQoRKE9cLKyKzDnv4xI36bB4MO01LKE7T3rsbEMA==
announcement
producer-api.ameriflexbenefits.com/ 		2 B
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://producer-api.ameriflexbenefits.com/announcement?clientName=pportal
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.a809f6d82a0a682aa424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://participant.myameriflex.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://participant.myameriflex.com
access-control-allow-credentials
true
content-length
2
infinite-logo-white.svg
participant.myameriflex.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://participant.myameriflex.com/images/infinite-logo-white.svg
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7558b91240194ef67db09873e7e22f27b67cafb43a6d03b1ddeb92e1a901c586
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
last-modified
Mon, 27 Feb 2023 22:54:00 GMT
server
Microsoft-IIS/10.0
etag
"0746061fe4ad91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
7590
infinite-logo-blue.svg
participant.myameriflex.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://participant.myameriflex.com/images/infinite-logo-blue.svg
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
882e10bc1d8a607d784dc6a3111a40b570f7b030b53b5383694dc1ba2dd7ba6a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
last-modified
Mon, 27 Feb 2023 22:54:00 GMT
server
Microsoft-IIS/10.0
etag
"0746061fe4ad91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
7590
Background1.jpg
participant.myameriflex.com/images/ 		930 KB
931 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://participant.myameriflex.com/images/Background1.jpg
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8c49cfe6e6a41a1941a29b773e7f3766af4ac77f8d125d2b1c32aa2de1ec1f58
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
last-modified
Mon, 27 Feb 2023 22:54:00 GMT
server
Microsoft-IIS/10.0
etag
"0746061fe4ad91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
952547
OpenSans-Regular.woff2
participant.myameriflex.com/font/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://participant.myameriflex.com/font/OpenSans-Regular.woff2
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://participant.myameriflex.com/fonts.css
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
last-modified
Mon, 27 Feb 2023 22:54:00 GMT
server
Microsoft-IIS/10.0
etag
"0746061fe4ad91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
accept-ranges
bytes
content-length
14048
OpenSans-Light.woff2
participant.myameriflex.com/font/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://participant.myameriflex.com/font/OpenSans-Light.woff2
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://participant.myameriflex.com/fonts.css
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
last-modified
Mon, 27 Feb 2023 22:54:00 GMT
server
Microsoft-IIS/10.0
etag
"0746061fe4ad91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
accept-ranges
bytes
content-length
14564
OpenSans-ExtraBold.woff2
participant.myameriflex.com/font/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://participant.myameriflex.com/font/OpenSans-ExtraBold.woff2
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1851477cb41c27ff7b3955e1257044041a2de0890b025368782263252033dff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://participant.myameriflex.com/fonts.css
Origin
https://participant.myameriflex.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:19 GMT
last-modified
Mon, 27 Feb 2023 22:54:00 GMT
server
Microsoft-IIS/10.0
etag
"0746061fe4ad91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
accept-ranges
bytes
content-length
14740
p.gif
p.typekit.net/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=eex8ezx&ht=tk&h=participant.myameriflex.com&f=139.140.175.176.10881.10882.10884.10885&a=6853977&js=1.21.0&app=typekit&e=js&_=1677784519963
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://participant.myameriflex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:15:20 GMT
last-modified
Sat, 09 Oct 2021 06:42:30 GMT
server
nginx
etag
"616139d6-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
events
api.raygun.io/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.raygun.io/events?apikey=800p6l9010LivuCBjG5R6g%3D%3D
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.a809f6d82a0a682aa424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.125.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-125-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://participant.myameriflex.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 02 Mar 2023 19:15:20 GMT
content-length
0
content-type
application/json
events
api.raygun.io/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.raygun.io/events?apikey=800p6l9010LivuCBjG5R6g%3D%3D
Requested by
Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.a809f6d82a0a682aa424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.125.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-125-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://participant.myameriflex.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 02 Mar 2023 19:15:20 GMT
content-length
0
content-type
application/json

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| Typekit function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| asdate string| q string| c object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| amf object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched string| raygunUserAgent object| raygunUserAgentData number| raygunUserAgentDataStatus string| RaygunObject function| rg4js object| TraceKit object| webVitals function| raygunUtilityFactory function| raygunErrorUtilitiesFactory function| raygunNetworkTrackingFactory function| raygunViewportFactory function| raygunBreadcrumbsFactory function| raygunCoreWebVitalFactory object| Raygun function| flatpickr object| s function| amazon_connect number| 2f1acc6c3a606b082e5eef5e54414ffb

9 Cookies

Domain/Path Name / Value
host.fsastore.com/ Name: impuniraw
Value: 581385-1677870919
.myameriflex.com/ Name: _hjSessionUser_1256861
Value: eyJpZCI6ImVjZjMxNDg3LWU1ODQtNTVlNy1iNTE1LTE0YTMxMzFiZTUzMCIsImNyZWF0ZWQiOjE2Nzc3ODQ1MTg5ODUsImV4aXN0aW5nIjpmYWxzZX0=
.myameriflex.com/ Name: _hjFirstSeen
Value: 1
.myameriflex.com/ Name: _hjIncludedInSessionSample_1256861
Value: 0
.myameriflex.com/ Name: _hjSession_1256861
Value: eyJpZCI6IjFkYjNmNzUyLTM0YjMtNGZiYy1hMDA0LTljMWJhMTk0MmMwOCIsImNyZWF0ZWQiOjE2Nzc3ODQ1MTk0ODAsImluU2FtcGxlIjpmYWxzZX0=
.myameriflex.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUmzxwvuW8G5mWWpfjb3VUKjWnUyik6ViJrIU8oLp7gJpf197vO2zTNVIV3kkwA
.d.adroll.com/ Name: __adroll
Value: a57a6ecbe65df742d3aea259fe2b6309-g_1677784520-a_1677784519
.adroll.com/ Name: __adroll_shared
Value: a57a6ecbe65df742d3aea259fe2b6309-g_1677784520-a_1677784519

6 Console Messages

Source Level URL
Text
javascript warning URL: https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank&cb=0.5639120078917021&ref=&uri=https%3A//participant.myameriflex.com/%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DDigital+Wallet+for+participants+3.2.2023%26utm_term%3Dhttps%253a%252f%252fparticipant.myameriflex.com%252f%2523%252flogin%26utm_id%3D231575%26sfmc_id%3D65442748%23/login, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank&cb=0.5639120078917021&ref=&uri=https%3A//participant.myameriflex.com/%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DDigital+Wallet+for+participants+3.2.2023%26utm_term%3Dhttps%253a%252f%252fparticipant.myameriflex.com%252f%2523%252flogin%26utm_id%3D231575%26sfmc_id%3D65442748%23/login, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748#/login
Message:
Mixed Content: The page at 'https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748#/login' was loaded over HTTPS, but requested an insecure element 'http://g.adspeed.net/qc.php?do=pixel3p&aid=581385&oid=22625&cb=1677784519'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748#/login
Message:
Mixed Content: The page at 'https://participant.myameriflex.com/?utm_source=sfmc&utm_medium=email&utm_campaign=Digital+Wallet+for+participants+3.2.2023&utm_term=https%3a%2f%2fparticipant.myameriflex.com%2f%23%2flogin&utm_id=231575&sfmc_id=65442748#/login' was loaded over HTTPS, but requested an insecure element 'http://g.adspeed.net/qc.php?do=pixel3p&aid=581385&oid=22625&cb=1677784519'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://api.raygun.io/events?apikey=800p6l9010LivuCBjG5R6g%3D%3D
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://api.raygun.io/events?apikey=800p6l9010LivuCBjG5R6g%3D%3D
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.raygun.io
cdn.fsastore.com
cdn.polyfill.io
click.ameriflex-emails.com
cm.g.doubleclick.net
d.adroll.com
dg9yx063wiiht.cloudfront.net
g.adspeed.net
host.fsastore.com
p.typekit.net
participant.myameriflex.com
producer-api.ameriflexbenefits.com
protect-us.mimecast.com
script.hotjar.com
static.hotjar.com
use.typekit.net
13.111.71.11
142.250.64.98
146.88.104.115
151.139.128.10
207.211.31.113
2600:141b:13::17d7:82a8
2600:141b:9000::1725:7b88
2600:1f18:61c0:2206:aa4c:f20d:4411:1542
2600:9000:2199:5800:1b:1126:8840:21
2a04:4e42:400::282
52.201.125.124
72.14.187.68
74.207.254.209
99.84.108.89
99.84.208.119
04dd88ec3632bfd618a21c8657d6faf685a33fde9d3bf3c7e0e43ce9f517c55d
0e11c95e4362cc0379a741fbcaff158bf756d65095f52263e6cfac1356a42bf0
0fcddbeb4da7f72fb82e83970e2dddbbabf9493574df896ab625e2729b9b95ef
12b4679ece409a81769a29fb3b5e8cd0ef304d57ceac0a31d85562c3b16e70ee
2b9584ea424dfac4f94252f783ba8524e1de0335fc97c70bcaf722a49c22d88c
2c8c12fdc681f574ea559e937f22422a2264362d044dd522c9442071098c4f07
2ee6c0b8a8f175037b42cd1d91be8a07f4b555c8cce274a593f2105d3abf2f57
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
40b87680850d61dff26f2280eaac2487e2261e8771cca1f4eba69dc366cd1fe2
4afcec3eb568dacc2daf2f5c8e181d52585cd26646a2b6889291f7224f4f73c1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57ed2485ff1f9eb21bcd5209debc16b3c18a07140571367f0dca76a1922dbcae
5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e
7558b91240194ef67db09873e7e22f27b67cafb43a6d03b1ddeb92e1a901c586
76a6928201eca433b0e33b1cd497d7351cb1a2a08f8716b2e1b5492a892b1972
882e10bc1d8a607d784dc6a3111a40b570f7b030b53b5383694dc1ba2dd7ba6a
8a2de23d0a1ae5711886f9fd002e56c02ca094280f33821ccec07c91e6a480cd
8c49cfe6e6a41a1941a29b773e7f3766af4ac77f8d125d2b1c32aa2de1ec1f58
96b67419d2538b42413797739000601d5884a81872b8346559c04770100a29fb
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
b1851477cb41c27ff7b3955e1257044041a2de0890b025368782263252033dff
beb6f491167c8b47575c89aad57323ab8717e0da5d094cabc62f8a689c9abc57
e352678cf6d79046a1fb15152a37bc39890e8f72ded43cfb94562f4776f872be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7dbdabfcc6dd5a9b3b6122b78cfb6ad14848d5500ce658e51fbfdf168140829