urlscan.io logo urlscan.io
SecurityTrails logo

secure.olympiabenefits.com Open in urlscan Pro
208.98.226.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure.olympiahsa.com/
Effective URL: https://secure.olympiabenefits.com/mylogin
Submission: On June 15 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 35 HTTP transactions. The main IP is 208.98.226.203, located in Calgary, Canada and belongs to SHAW-ENVISION, CA. The main domain is secure.olympiabenefits.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 14th 2019. Valid for: 2 years.
This is the only time secure.olympiabenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 208.98.226.203 25983 (SHAW-ENVI...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 13.225.74.66 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 99.86.241.37 16509 (AMAZON-02)
1 99.86.241.77 16509 (AMAZON-02)
13 104.18.72.113 13335 (CLOUDFLAR...)
2 104.16.53.111 13335 (CLOUDFLAR...)
35 12
8    208.98.226.203 (Calgary, Canada)

ASN25983 (SHAW-ENVISION, CA)
PTR: a208-98-226-203.sb.shawcable.net
secure.olympiahsa.com
secure.olympiabenefits.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    13.225.74.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-66.fra2.r.cloudfront.net
static.hotjar.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    99.86.241.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-37.vie50.r.cloudfront.net
script.hotjar.com
1    99.86.241.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-77.vie50.r.cloudfront.net
vars.hotjar.com
13    104.18.72.113 (United States)

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
2    104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)
olympiabenefits.zendesk.com
Domain Requested by
12 static.zdassets.com secure.olympiabenefits.com
static.zdassets.com
7 secure.olympiabenefits.com 1 redirects secure.olympiabenefits.com
3 ajax.googleapis.com secure.olympiabenefits.com
2 olympiabenefits.zendesk.com static.zdassets.com
2 ssl.google-analytics.com secure.olympiabenefits.com
2 use.typekit.net secure.olympiabenefits.com
use.typekit.net
2 maxcdn.bootstrapcdn.com secure.olympiabenefits.com
1 ekr.zdassets.com static.zdassets.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com secure.olympiabenefits.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com secure.olympiabenefits.com
1 secure.olympiahsa.com 1 redirects
35 14

This site contains links to these domains. Also see Links.

Domain
help.olympiabenefits.com
Subject Issuer Validity Valid
secure.olympiabenefits.com
Go Daddy Secure Certificate Authority - G2		 2019-08-14 -
2021-08-14		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
ssl911790.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-04-07 -
2021-10-14		 6 months crt.sh
olympiabenefits.zendesk.com
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh

This page contains 3 frames:

Primary Page: https://secure.olympiabenefits.com/mylogin
Frame ID: A0125DB1F0C99E9BAB6CAAE3C7B41D71
Requests: 22 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 8D54DFEB3FE4122D13417122E55B4C88
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.2fe91da23888156687ed.js
Frame ID: 8667C8130BB8A118840F223C4AE20E92
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://secure.olympiahsa.com/ HTTP 301
    https://secure.olympiabenefits.com/ HTTP 302
    https://secure.olympiabenefits.com/mylogin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

35
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

14
Subdomains

12
IPs

3
Countries

794 kB
Transfer

2593 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.olympiahsa.com/ HTTP 301
    https://secure.olympiabenefits.com/ HTTP 302
    https://secure.olympiabenefits.com/mylogin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set mylogin
secure.olympiabenefits.com/
Redirect Chain
  • https://secure.olympiahsa.com/
  • https://secure.olympiabenefits.com/
  • https://secure.olympiabenefits.com/mylogin
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.olympiabenefits.com/mylogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.98.226.203 Calgary, Canada, ASN25983 (SHAW-ENVISION, CA),
Reverse DNS
a208-98-226-203.sb.shawcable.net
Software
Apache /
Resource Hash
a8359ca7860063515243330481ea50489ea5deef13a408aeffea58da9ccd0a4f

Request headers

Host
secure.olympiabenefits.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=m8m95p9vepk82cntf3nrfdan66
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 15:10:17 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
hsa_app=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.secure.olympiabenefits.com hsa_app_data=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.secure.olympiabenefits.com
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 15 Jun 2021 15:10:15 GMT
Server
Apache
Set-Cookie
PHPSESSID=m8m95p9vepk82cntf3nrfdan66; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
location
https://secure.olympiabenefits.com/mylogin
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		2 KB
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:300,400
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28331a828496a949a31bc5410197bd074e3f892d107c50b5c902402738e791eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 15:10:09 GMT
server
ESF
date
Tue, 15 Jun 2021 15:10:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 15:10:17 GMT
myolympia_new.css
secure.olympiabenefits.com/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.olympiabenefits.com/css/myolympia_new.css
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.98.226.203 Calgary, Canada, ASN25983 (SHAW-ENVISION, CA),
Reverse DNS
a208-98-226-203.sb.shawcable.net
Software
Apache /
Resource Hash
de0e043f0bc880908e913d8b825c87c4683e70365b41f5edc965fb1107f33c51

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.olympiabenefits.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure.olympiabenefits.com/mylogin
Cookie
PHPSESSID=m8m95p9vepk82cntf3nrfdan66
Connection
keep-alive
Referer
https://secure.olympiabenefits.com/mylogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 15:10:18 GMT
Last-Modified
Mon, 22 Mar 2021 15:49:10 GMT
Server
Apache
ETag
"10052a-44e7-5be2201ba874e"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
17639
style_2020.css
secure.olympiabenefits.com/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.olympiabenefits.com/css/style_2020.css
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.98.226.203 Calgary, Canada, ASN25983 (SHAW-ENVISION, CA),
Reverse DNS
a208-98-226-203.sb.shawcable.net
Software
Apache /
Resource Hash
4f4535a2e5a34cc284d4cd5180c82420d7d58e71a5e048b9251382fe7da3a04c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.olympiabenefits.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure.olympiabenefits.com/mylogin
Cookie
PHPSESSID=m8m95p9vepk82cntf3nrfdan66
Connection
keep-alive
Referer
https://secure.olympiabenefits.com/mylogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 15:10:18 GMT
Last-Modified
Mon, 22 Mar 2021 15:20:27 GMT
Server
Apache
ETag
"1007eb-4ec-5be219afcbaec"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1260
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://secure.olympiabenefits.com
Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
632, 617, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab1d23a3d00004a55e39a7000000001
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1cd49ac2df572f848e80de318847b3ed
cf-ray
65fcb97068b74a55-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 19:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8060
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 Jun 2022 19:36:56 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 10:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 10:13:26 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/ 		234 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 08:28:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64362
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 08:28:31 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://secure.olympiabenefits.com
Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
722, 617, 617, 617, 617, 617, 617, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-08 21:35:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab1d23a4100004a55a4949000000001
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d733171513e37dc12edb344594b3a867
cf-ray
65fcb97068bc4a55-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
site.js
secure.olympiabenefits.com/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.olympiabenefits.com/js/site.js
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.98.226.203 Calgary, Canada, ASN25983 (SHAW-ENVISION, CA),
Reverse DNS
a208-98-226-203.sb.shawcable.net
Software
Apache /
Resource Hash
82a5e212431442c6c0880e16138e7af418c237ec380d5a5d81aab0fdc32be711

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.olympiabenefits.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.olympiabenefits.com/mylogin
Cookie
PHPSESSID=m8m95p9vepk82cntf3nrfdan66
Connection
keep-alive
Referer
https://secure.olympiabenefits.com/mylogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 15:10:18 GMT
Last-Modified
Thu, 28 Jan 2021 18:02:16 GMT
Server
Apache
ETag
"10036d-3198-5b9f9b019ab5d"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
12696
logo_myOLYMPIA_spring_2021.png
secure.olympiabenefits.com/data/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.olympiabenefits.com/data/images/logo_myOLYMPIA_spring_2021.png
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.98.226.203 Calgary, Canada, ASN25983 (SHAW-ENVISION, CA),
Reverse DNS
a208-98-226-203.sb.shawcable.net
Software
Apache /
Resource Hash
731050fae6c8937eb82227a1c71a02768f60b6727da84a564153d2a0f50b1eb4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.olympiabenefits.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.olympiabenefits.com/mylogin
Cookie
PHPSESSID=m8m95p9vepk82cntf3nrfdan66
Connection
keep-alive
Referer
https://secure.olympiabenefits.com/mylogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 15:10:18 GMT
Last-Modified
Mon, 22 Mar 2021 15:16:07 GMT
Server
Apache
ETag
"101a6e-1c56-5be218b8bef72"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
7254
unb3knl.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/unb3knl.css
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/css/style_2020.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4caa7de8aad13df444773f2b1912cf01b190869d012cf0620b57fdf63b4acc25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Tue, 15 Jun 2021 15:10:18 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1000
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=unb3knl&ht=tk&f=10881.10882.10884.10885.15357.15358.15361.15362.32874.32875&a=779745&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/unb3knl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:18 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
hotjar-2294998.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2294998.js?sv=6
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-66.fra2.r.cloudfront.net
Software
/
Resource Hash
ff413fb7a190f5554aa6057967604f7a69c9c47b300d01389970556e0a25ab0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:18 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/fc20357839827987d2360ec30531205a
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
rpGXaWWdplHp_bIl4eNB6FHPYTtZ14jtdCUXp1lXG9cVf5wVvgjevw==
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
bg_login_spring_2021.png
secure.olympiabenefits.com/data/images/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.olympiabenefits.com/data/images/bg_login_spring_2021.png
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/css/myolympia_new.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.98.226.203 Calgary, Canada, ASN25983 (SHAW-ENVISION, CA),
Reverse DNS
a208-98-226-203.sb.shawcable.net
Software
Apache /
Resource Hash
ae04a610c730fd3801e60697c93e3e731b205e412ad3f6c5a63098930921a61d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.olympiabenefits.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.olympiabenefits.com/css/myolympia_new.css
Cookie
PHPSESSID=m8m95p9vepk82cntf3nrfdan66
Connection
keep-alive
Referer
https://secure.olympiabenefits.com/css/myolympia_new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 15:10:18 GMT
Last-Modified
Mon, 22 Mar 2021 15:16:07 GMT
Server
Apache
ETag
"101a6b-1012d-5be218b8ba152"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
65837
l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/unb3knl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868

Request headers

Origin
https://secure.olympiabenefits.com
Referer
https://use.typekit.net/unb3knl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:18 GMT
server
nginx
etag
"22520917f01d8d34c0dcc1417c749962b8a47011"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
51500
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3566
date
Tue, 15 Jun 2021 14:10:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 15 Jun 2021 16:10:52 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1852707341&utmhn=secure.olympiabenefits.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Health%20Spending%20Account%20-%20Client%20Login&utmhid=1954049026&utmr=-&utmp=%2Fmylogin&utmht=1623769818484&utmac=UA-16420506-1&utmcc=__utma%3D71330833.153881136.1623769818.1623769818.1623769818.1%3B%2B__utmz%3D71330833.1623769818.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=489974470&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/mylogin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 15:10:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.2eec52a83858fa832941.js
script.hotjar.com/ 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.2eec52a83858fa832941.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2294998.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-37.vie50.r.cloudfront.net
Software
/
Resource Hash
f8060823674bd0720a5965c4eb9c5e81e984c9c226d3af654f648cc067b277a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 12:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
97573
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59028
access-control-allow-origin
*
last-modified
Mon, 14 Jun 2021 12:03:47 GMT
etag
"c210e03edb655b1909cb7a5766c26d54"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
af3xPyiaV8p9UXzdmUPRockbQiMhpRZOmANVYK7nPNBaiunekY2Xhw==
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 8D54 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2294998.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-77.vie50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.olympiabenefits.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://secure.olympiabenefits.com/

Response headers

content-type
text/html
content-length
1044
date
Fri, 11 Jun 2021 14:03:01 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 10 Jun 2021 08:19:21 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d3e698ff6aa93657f45eda478b9496e1.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
a7mR0Jm65x2TWdez5UB8vfv-FUvW2A7ckCwy1K7KqDgVePRtBKyORw==
age
349637
snippet.js
static.zdassets.com/ekr/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=799ae992-fe84-46b2-9e12-c98b5c8f2e2b
Requested by
Host: secure.olympiabenefits.com
URL: https://secure.olympiabenefits.com/js/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
15
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-request-id
7PGZ8N71RATZAJDM
x-amz-id-2
iVpt4lHehvz+G8uF8MDDTRGswQuItCKY2JPwTbOEVMrMfPWXReE3btdp7rMakaGxKVLrxFGZKTg=
last-modified
Wed, 09 Jun 2021 00:08:59 GMT
server
cloudflare
etag
W/"cc904f41324148b571599b3b02fdec0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u%2Btz7NXQqOdp2M7nBE3Rzbs%2BJt5enN%2BV2W5ZN%2B%2BvwRJRfBHbuD%2BS0HFluQqWF7yUfv%2FQnpl3Cg3g5Ce%2BQlskuw%2BmVwJxDDCPdtxl8oKTmYzFgVL3zGxlbgbmADt6wOu8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-request-id
0ab1d251020000ee6db91e9000000001
cf-ray
65fcb994cd12ee6d-CDG
799ae992-fe84-46b2-9e12-c98b5c8f2e2b
ekr.zdassets.com/compose/ 		803 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/799ae992-fe84-46b2-9e12-c98b5c8f2e2b
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=799ae992-fe84-46b2-9e12-c98b5c8f2e2b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9159f9bbefcd17a1130e70ad0b127682d436dc282feec8bbe06dd70d5df66496
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
cf-request-id
0ab1d2516600000824ec1f6000000001
x-request-id
6f780939-48ea-4426-bf64-319a1b386ecd
x-runtime
0.003404
server
cloudflare
etag
W/"9159f9bbefcd17a1130e70ad0b127682"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ydySoNKzL%2FRPkEpHNvRfce2CgeNFSCTMeApLGopCn02UM5ZOYbJywnMSFTVycHJ6wILHo8t2W0Dqc42bdHqeVWrVSkuktyFVFH8HyRejXr2G1GErNUZVqDE9z0CY"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
65fcb9957a460824-CDG
preload.2fe91da23888156687ed.js
static.zdassets.com/web_widget/latest/ Frame 8667 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/preload.2fe91da23888156687ed.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=799ae992-fe84-46b2-9e12-c98b5c8f2e2b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77c28b261cf6e6b9ff46a9dd87a2b0a7465d43fabe41154ca4b9825c602a9117
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
631601
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
BVVQZKHSHPT7C71S
x-amz-id-2
2qaL6ZnCrSnrs8dImSYPejKLwl05HbYEAqqoZXJp4mV6aRlYOMeWXmW23/WZfft2kbJDWZwoa4c=
last-modified
Mon, 07 Jun 2021 04:55:22 GMT
server
cloudflare
etag
W/"e96ded06655946c764aef5d8f6fdac9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oZ1ecy9iK34TIHW8q0JS02trZOqjhfbU44DgMp1MIu8%2BP8zszg8ZbK27Nw9rPM4zS4HtXXxENlUUKxbunDASPSvJanikcG75CC10aHdFJ9wpMbEBGHl09DRaqJ2GsY9p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
UIE6r6o4IHxAK_wnvdmMbA0D.afsAOH2
cf-request-id
0ab1d2542c0000ee6dd9960000000001
cf-ray
65fcb999d839ee6d-CDG
expires
Tue, 07 Jun 2022 04:55:21 GMT
framework.09c825d2d07b47be6faf.chunk.js
static.zdassets.com/web_widget/latest/ Frame 8667 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/framework.09c825d2d07b47be6faf.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=799ae992-fe84-46b2-9e12-c98b5c8f2e2b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431183dddfdd8e4b70c6205c2ff401d4881005b7e98f1b141a8c049fc1f608c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
631601
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
BVVM6QX82E2ZGGVG
x-amz-id-2
VuZQeribGvnOAx+kMV9D6O8ytYNHR3966F2Yk5apVQ+BHbYiOvs2V7f3m5oh+sED5zXLptLMKvM=
last-modified
Mon, 07 Jun 2021 04:54:29 GMT
server
cloudflare
etag
W/"a29b71a12a5b067d37adecd1b3c33cf2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EsjDsDpF7UzcDOqkhk9EtSQJxSIzaFnKeNdbKU2uc4stAoNx0BoabbYieygorjWIGBiu9wRGjtvhDYabaTkFe5pT4y6K07DiYlY5Lm6S7p7v3x250sw8TAp1PGiVSDbT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
h1.ytIYgcYfA5ypq1ls9GIs_0JlknE7F
cf-request-id
0ab1d2542d0000ee6defac9000000001
cf-ray
65fcb999d83bee6d-CDG
expires
Tue, 07 Jun 2022 04:54:28 GMT
vendors~framework.36eee7cccf163fbefea5.chunk.js
static.zdassets.com/web_widget/latest/ Frame 8667 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~framework.36eee7cccf163fbefea5.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=799ae992-fe84-46b2-9e12-c98b5c8f2e2b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef47fe10a3c5cf314651f1bbb849c2e1307016b3f8f2af48aef63c0264d31cb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
731105
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
ZKR1CHMC0SVYJTF4
x-amz-id-2
ZKHSs1lZ3yIqVqlatrWTqluxKdD3FSfmUx2mve9vbHsE758n+x2wpvMoUTevvLpqRfwQGMjCJIw=
last-modified
Sun, 06 Jun 2021 02:29:56 GMT
server
cloudflare
etag
W/"ee8c5e5573957abc0d4d6ce6c7b16363"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=g48liT1QBO7RBsP2BS721f0XPnyYz3Vp%2Fy8vz1%2F%2B3Kpr81yQKzq%2FWfjtzYGmgW5aZRy2fo611iBLQY%2BliujitYPwj7lqXIfUnWEE5GdJom3z8y6z8S4tvNoQbLWcGhoo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
0xIV2Vr.XOnJ.O425D6JpXZVec6pAsUl
cf-request-id
0ab1d2542d0000ee6d93b4d000000001
cf-ray
65fcb999d83eee6d-CDG
expires
Mon, 06 Jun 2022 02:29:55 GMT
chat-sdk.34475bc42f3df2dfabe9.chunk.js
static.zdassets.com/web_widget/latest/ Frame 8667 		257 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/chat-sdk.34475bc42f3df2dfabe9.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=799ae992-fe84-46b2-9e12-c98b5c8f2e2b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6143820fcef6fd6b2f1106b89182d01e582a43c8f739faf9972c17f82192efc8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4616128
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
YWK3FJ1CRM20C2ZE
x-amz-id-2
h5gYXscs4bWrhC/elwdc80sov2Y8H5hd24NTxA+vOykmoMd5kmuIESv+fVML7ZA6HDDPOsimsKY=
last-modified
Fri, 23 Apr 2021 04:50:11 GMT
server
cloudflare
etag
W/"c40bc1f5ccc9a7542723391ad6b5db23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rmD3yRzJbdBek07376bgMYM8VTlmRzV%2FT2HNayYJJSFgumf46rZntO5h5Zk%2BCa9Ht06JSAQNM6KkjcF6po6V33n7HssRv8JRAF0d15P5K8Et1hvbpC95lpja%2F1wCppwh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
BbnA0zXTxxSV2yCc9vefEBqrQPORHy2d
cf-request-id
0ab1d2542e0000ee6d8d252000000001
cf-ray
65fcb999e842ee6d-CDG
expires
Sat, 23 Apr 2022 04:50:10 GMT
talk-sdk.21884ba5c099ec19e19b.chunk.js
static.zdassets.com/web_widget/latest/ Frame 8667 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/talk-sdk.21884ba5c099ec19e19b.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=799ae992-fe84-46b2-9e12-c98b5c8f2e2b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6863387f54312b2f885034b6c56158d5a182215daeaa250e13076e588f5d09b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
622838
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
V9V2KVW8ZWRQ7M12
x-amz-id-2
ItNzjgSCENl60d7HWRPOpVwJmiGLJW/rF4yUL2Q89JbeTWrM+HOc/ddnr7F/OtEdrO3N4Zjy1PU=
last-modified
Tue, 08 Jun 2021 06:45:52 GMT
server
cloudflare
etag
W/"11b1e37c95312a5d639f9e311bd8dbf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qm9qbxN%2F%2F2ZgryQJjgNDbUBdXis3Iny7e%2BkqX4bI782isYsxmgAo20sNfCsd1C84woA%2Bl7cIcurpHibnY4kx12XMehyQkrpGQLlgJZSvv0I4wwyHUu%2BsrqikbEg%2B50jz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
PrvFrJESDY4ugf9Ka3g5kgARC_wnxeh_
cf-request-id
0ab1d2542f0000ee6d79977000000001
cf-ray
65fcb999e847ee6d-CDG
expires
Wed, 08 Jun 2022 06:45:51 GMT
config
olympiabenefits.zendesk.com/embeddable/ 		744 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://olympiabenefits.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=799ae992-fe84-46b2-9e12-c98b5c8f2e2b
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a614590b9cac409bdde30ad750e6a73e031f0d71ca153786ee35feb1ece617c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.olympiabenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-749766fb99-dtpsb
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
cf-request-id
0ab1d254ae000033130b276000000001
x-request-id
65fcb99aaa653313-SEA
x-runtime
0.001911
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wy%2Bv7Lueu7up8oRBXmGERzbiYsdjtDKavdIzZ%2BatWNuLlhZNUuLhblfn0pMQwkg5jOR0djBm0ah4yGp8N81F3DWZ%2Fjpovq%2FivavIjDX7EbQ9R04X2De6E1LiA7pXs7YViH2hWhxzS7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
65fcb99aaa653313-CDG
en-us-json.8a35c1a7479e66f87c5c.chunk.js
static.zdassets.com/web_widget/latest/locales/ Frame 8667 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us-json.8a35c1a7479e66f87c5c.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.2fe91da23888156687ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f72d1c7d8c9b8a712a620d3af92a2b27beb87c70497d63b136945afe0709035a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1159823
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
4Q31RWQWQF9E0MSY
x-amz-id-2
z/XhUAU4n1kkkoqBFDrKwsefqt1dYFgmPYrmOj5Haji+pDYn5LZRPHGGmlOqbZMe+gYGncp/qIo=
last-modified
Tue, 01 Jun 2021 06:54:45 GMT
server
cloudflare
etag
W/"3cb4c3f2e0cc06a3495ae86b07b8efde"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SLgVUtDF%2BuQza1MTnSDvOvA6e5E%2Fh%2B8XCFIetpLuqWtycvj%2FmcFiSAauNEeztOYgSPmkUzoLGo7bbZp3Qh6DMrQff0MdnjddUywlljcOnJpy7PQGI4%2BQYHIeXxywjrN8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
t1WqzR5a2z6d_3nwpJOJTqn5N3Msamnz
cf-request-id
0ab1d2558a0000ee6dbd043000000001
cf-ray
65fcb99c0d1cee6d-CDG
expires
Wed, 01 Jun 2022 06:54:44 GMT
web_widget~messenger.0312ce48dc4b805875db.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 8667 		283 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.0312ce48dc4b805875db.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.2fe91da23888156687ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30892b600bc709977b33838e7e66ba37f019e4f12dab29cf69f28c57aa91050
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3750039
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
CGKHKEK7NGB4T2PW
x-amz-id-2
a8HchwrNV6RzKcprC2viy/UfBGO/jvxPOvYwT4GgjoC5kcP1sGm4FnLN2xu2csyFQDPX5WRZmfw=
last-modified
Mon, 03 May 2021 05:04:50 GMT
server
cloudflare
etag
W/"0b5af12395443e6f33ba197fd1e0c0ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hCLDUcKrMZWYuR6YitMnetaV4aUZ%2FTe26zgMSHr9bx3D6J5%2B3RluVNxkJzhL8yJlKds7PYMcIhufZJuxkurGQ06pnCDiaiADJQL8ziH%2FG0T2bDzB%2BI1KG1Wyg2agMD2Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7DXan2WJ1Nrs_UodTgTQN_dMWAkXMx_Q
cf-request-id
0ab1d2558c0000ee6daeb00000000001
cf-ray
65fcb99c1d24ee6d-CDG
expires
Tue, 03 May 2022 05:04:49 GMT
web_widget.b354a725d0903b46a02c.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 8667 		175 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.b354a725d0903b46a02c.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.2fe91da23888156687ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3073cad483f6ed9c484cd090b0a3c7041c7a869e778f99cb4d8fbc038b1761cf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
622838
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
V9V6BE1CEMEFBTEF
x-amz-id-2
PoFeIKHcz5UAfWGs9qeI5JYKI/cG5J/Xk3DcMyHRt+os1RJd8ccsi+ATzGWpVC4ruQAub47Ym2E=
last-modified
Tue, 08 Jun 2021 06:45:53 GMT
server
cloudflare
etag
W/"dbb679c0c448869b30c425845c23c8e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QgTLTkECcieoHHeg6mjqnk3vo0LbXur7RtXNGBc3KlrudD9Dslr385Uor%2FmW0hNkSpoR6KcnPe%2BkyNwPW7alQbQq7KkG1TGeikfakbszNrmzYtnfbQE4AJt5Ef76Gulp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
DJgjDP9ZywFcTWxc3Xn0HTOFa_pPp9OR
cf-request-id
0ab1d2558e0000ee6d75305000000001
cf-ray
65fcb99c1d27ee6d-CDG
expires
Wed, 08 Jun 2022 06:45:52 GMT
web_widget.543c69b9172c4e26407d.chunk.js
static.zdassets.com/web_widget/latest/lazy/ Frame 8667 		472 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/lazy/web_widget.543c69b9172c4e26407d.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.2fe91da23888156687ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70fa685aa4ea2e94c52fb1cf409fe04581a7e1713593ac5e0e5d3bb64b95a3db
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8782
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
BB1Z6GH8Q3PA7WZ1
x-amz-id-2
r6s1iy2cHNfOwQne/VNUhMGX6pGy5p9rt/XaHKmy95f1ZYeckNhLS++hf6AvexmSZo//X8pRfyg=
last-modified
Mon, 07 Jun 2021 04:54:31 GMT
server
cloudflare
etag
W/"a4383be389317d3a2175249e0f12bb5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7vPYt2YVZ1XybJIyZHULCENYpt%2FRwZ%2FBX6tYbds%2F6CzrFHq17CuGxlsTvXmgMVis544hvqx9O0SuqYRfYjyE0Lc9lCxQneyZF%2BzHipcBsR5oI0rPz794fDghzNpeoNt0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
2i2VSaU0DwjD6yalAglTeTlsBnvT6rys
cf-request-id
0ab1d2558e0000ee6d93b6d000000001
cf-ray
65fcb99c1d2cee6d-CDG
expires
Tue, 07 Jun 2022 04:54:30 GMT
embeddable_blip
olympiabenefits.zendesk.com/ Frame 8667 		0
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olympiabenefits.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9zZWN1cmUub2x5bXBpYWJlbmVmaXRzLmNvbS9teWxvZ2luIiwidGltZSI6MjQsImxvYWRUaW1lIjo2Mi4xMDAwMDAzODE0Njk3MywibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IkhlYWx0aCBTcGVuZGluZyBBY2NvdW50IC0gQ2xpZW50IExvZ2luIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAsIG1heGltdW0tc2NhbGU9MS4wIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiJlNTc2NThjOGIzZTNiNDBhZDE5MTY1ZmJlZDc5YmM3NCIsInN1aWQiOiIwMzhmYzNmNTc2YjhmZmI2YjgxYTU1NTNmYWYxYTc0MCIsInZlcnNpb24iOiI1MjRlZDAzODMiLCJ0aW1lc3RhbXAiOiIyMDIxLTA2LTE1VDE1OjEwOjI0Ljc4NVoiLCJ1cmwiOiJodHRwczovL3NlY3VyZS5vbHltcGlhYmVuZWZpdHMuY29tL215bG9naW4ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~framework.36eee7cccf163fbefea5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B3CKGxyG3MvE7aLwIU0H%2FATM1JYuvjjPUA0lTYO0oRYdu9Y5of%2BaQVYnZDwXLAzVLOMMJxbdWIt0UnawF%2FwbdL%2FWgkSpJlLipKSAr7dZg%2BNQUldohgRrJDZsUQcPDMoTyqV9RFiqBzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://secure.olympiabenefits.com
cache-control
no-store, no-cache, must-revalidate
cf-ray
65fcb99cf8453313-CDG
cf-request-id
0ab1d2561a000033130c26b000000001
chat-incoming-message-notification.44d19091ffe892f61d18.chunk.js
static.zdassets.com/web_widget/latest/ Frame 8667 		372 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/chat-incoming-message-notification.44d19091ffe892f61d18.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.2fe91da23888156687ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1c36de5a32fdb830d2398db1cc0681afc87b19aa99cd442659fc503dfda0a9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:10:25 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1333197
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
9AQNH8VRTQ8Z2W2V
x-amz-id-2
kbItyBs92vt3BJrDUfoyYxhu7Y0bOpLBThDRboahyYqStLguyy9jIcSOLRQNME/9FKfn1gs+his=
last-modified
Fri, 28 May 2021 04:50:43 GMT
server
cloudflare
etag
W/"6ab0475c0f60b59b26826985b6ba190e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KeC9ojdZ554EI7tsgkzj17340Z4keknZsmBGmi%2BRbvgTiVNgVm%2F1Bkz%2FwH%2B5UsjjDNWnmmmEZlBTUrVClNOOsvs9bd0%2BbdiNE8CRUrQ6PVFS3%2BFmfrXq6iljueZueybn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
GgG.X77wJ25F2pJ9_iKT4sdKWgJQ7Gn_
cf-request-id
0ab1d257370000ee6d93b97000000001
cf-ray
65fcb99ebb8eee6d-CDG
expires
Sat, 28 May 2022 04:50:42 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame 8667 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 15 Jun 2021 15:10:25 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PRQPSFB1WC4N2XTE
x-amz-server-side-encryption
AES256
cf-ray
65fcb99efc23ee6d-CDG
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
P9PEdGdSlTd3YnrB4Em705tdaBw8jNx+EZro0Cm6sTnn6RdEnSAghbszkWkBunoaKkm2MRHVBT8=
last-modified
Tue, 15 Jun 2021 05:44:25 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f9fFMn1EfzquagEBwTX%2BYb1DuyBQeRhI8%2B%2BraHGS4hPrGhgcQFmnGRuukLD31lMPS7be8o8YLmokc5NYdoAki4Tp0mRLpf4fTLqAsS1UZthk%2B%2BCxxwoupCewYyD0BdPv"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
7UG56FnotYjsDRGBkoFZJDVbJVH71r41
cache-control
public, max-age=31536000
cf-request-id
0ab1d2575e0000ee6d8735d000000001
accept-ranges
bytes
content-type
audio/mpeg; charset=utf-8
expires
Wed, 15 Jun 2022 05:44:24 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery111207597054737045317 function| cookieRead function| createCookie function| authorizeAPI function| loadChat function| FormValidator function| Spinner function| hj object| _hjSettings object| _gaq object| _gat object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded function| $zopim

9 Cookies

Domain/Path Name / Value
.olympiabenefits.com/ Name: _hjFirstSeen
Value: 1
.olympiabenefits.com/ Name: _hjid
Value: af064cfd-d28d-45bc-ac46-81edac5c53f3
.olympiabenefits.com/ Name: _hjTLDTest
Value: 1
.secure.olympiabenefits.com/ Name: __utmz
Value: 71330833.1623769818.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.secure.olympiabenefits.com/ Name: __utmb
Value: 71330833.1.10.1623769818
.secure.olympiabenefits.com/ Name: __utmt
Value: 1
.secure.olympiabenefits.com/ Name: __utmc
Value: 71330833
.secure.olympiabenefits.com/ Name: __utma
Value: 71330833.153881136.1623769818.1623769818.1623769818.1
secure.olympiabenefits.com/ Name: PHPSESSID
Value: m8m95p9vepk82cntf3nrfdan66

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ekr.zdassets.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
olympiabenefits.zendesk.com
p.typekit.net
script.hotjar.com
secure.olympiabenefits.com
secure.olympiahsa.com
ssl.google-analytics.com
static.hotjar.com
static.zdassets.com
use.typekit.net
vars.hotjar.com
104.16.53.111
104.18.72.113
13.225.74.66
208.98.226.203
2606:4700::6812:bcf
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200a
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
99.86.241.37
99.86.241.77
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ef47fe10a3c5cf314651f1bbb849c2e1307016b3f8f2af48aef63c0264d31cb
28331a828496a949a31bc5410197bd074e3f892d107c50b5c902402738e791eb
2a614590b9cac409bdde30ad750e6a73e031f0d71ca153786ee35feb1ece617c
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3073cad483f6ed9c484cd090b0a3c7041c7a869e778f99cb4d8fbc038b1761cf
431183dddfdd8e4b70c6205c2ff401d4881005b7e98f1b141a8c049fc1f608c2
4caa7de8aad13df444773f2b1912cf01b190869d012cf0620b57fdf63b4acc25
4f4535a2e5a34cc284d4cd5180c82420d7d58e71a5e048b9251382fe7da3a04c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6143820fcef6fd6b2f1106b89182d01e582a43c8f739faf9972c17f82192efc8
70fa685aa4ea2e94c52fb1cf409fe04581a7e1713593ac5e0e5d3bb64b95a3db
731050fae6c8937eb82227a1c71a02768f60b6727da84a564153d2a0f50b1eb4
77c28b261cf6e6b9ff46a9dd87a2b0a7465d43fabe41154ca4b9825c602a9117
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868
82a5e212431442c6c0880e16138e7af418c237ec380d5a5d81aab0fdc32be711
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9159f9bbefcd17a1130e70ad0b127682d436dc282feec8bbe06dd70d5df66496
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
a6863387f54312b2f885034b6c56158d5a182215daeaa250e13076e588f5d09b
a8359ca7860063515243330481ea50489ea5deef13a408aeffea58da9ccd0a4f
ae04a610c730fd3801e60697c93e3e731b205e412ad3f6c5a63098930921a61d
bc1c36de5a32fdb830d2398db1cc0681afc87b19aa99cd442659fc503dfda0a9
de0e043f0bc880908e913d8b825c87c4683e70365b41f5edc965fb1107f33c51
e30892b600bc709977b33838e7e66ba37f019e4f12dab29cf69f28c57aa91050
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f72d1c7d8c9b8a712a620d3af92a2b27beb87c70497d63b136945afe0709035a
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8060823674bd0720a5965c4eb9c5e81e984c9c226d3af654f648cc067b277a8
ff413fb7a190f5554aa6057967604f7a69c9c47b300d01389970556e0a25ab0c