link.benefitspro.com Open in urlscan Pro
3.226.166.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Submission: On January 12 via api (January 12th 2022, 5:33:06 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 8 domains to perform 30 HTTP transactions. The main IP is 3.226.166.212, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is link.benefitspro.com. The Cisco Umbrella rank of the primary domain is 635781.
TLS certificate: Issued by R3 on January 1st 2022. Valid for: 3 months.

This is the only time link.benefitspro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	3.226.166.212 3.226.166.212	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.128.77 52.216.128.77	16509 (AMAZON-02) (AMAZON-02)
10	2600:9000:218... 2600:9000:2182:ae00:d:df45:5680:93a1	16509 (AMAZON-02) (AMAZON-02)
8 8	13.84.54.237 13.84.54.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	13.226.159.29 13.226.159.29	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6812:174b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:4132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.98.22 143.204.98.22	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.75 13.226.159.75	16509 (AMAZON-02) (AMAZON-02)
1	65.9.61.105 65.9.61.105	16509 (AMAZON-02) (AMAZON-02)
30	9

2 3.226.166.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com

link.benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.128.77 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2182:ae00:d:df45:5680:93a1 (United States)

ASN16509 (AMAZON-02, US)

imageserver.amlaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.84.54.237 (San Antonio, United States) 8 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rs-stripe.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.226.159.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-29.dus51.r.cloudfront.net

images-prod.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:174b (United States)

ASN13335 (CLOUDFLARENET, US)

images.benefitspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4132 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-terrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-22.fra50.r.cloudfront.net

proxy.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-75.dus51.r.cloudfront.net

media.sailthru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-105.fra56.r.cloudfront.net

branding.revenuestripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	amlaw.com imageserver.amlaw.com — Cisco Umbrella Rank: 54343	37 KB
10	benefitspro.com 1 redirects link.benefitspro.com — Cisco Umbrella Rank: 635781 images.benefitspro.com — Cisco Umbrella Rank: 320291	209 KB
8	alm.com 8 redirects rs-stripe.alm.com — Cisco Umbrella Rank: 79772	1 KB
7	powerinboxedge.com images-prod.powerinboxedge.com — Cisco Umbrella Rank: 18101 proxy.powerinboxedge.com — Cisco Umbrella Rank: 34699	92 KB
1	revenuestripe.com branding.revenuestripe.com — Cisco Umbrella Rank: 32898	2 KB
1	sailthru.com media.sailthru.com — Cisco Umbrella Rank: 9818	108 KB
1	polarcdn-terrax.com polarcdn-terrax.com — Cisco Umbrella Rank: 7783	30 KB
1	amazonaws.com s3.amazonaws.com	433 B
30	8

	Domain	Requested by
10	imageserver.amlaw.com	link.benefitspro.com
8	images.benefitspro.com	link.benefitspro.com
8	rs-stripe.alm.com	8 redirects
5	images-prod.powerinboxedge.com	link.benefitspro.com
2	proxy.powerinboxedge.com	link.benefitspro.com
2	link.benefitspro.com	1 redirects
1	branding.revenuestripe.com	link.benefitspro.com
1	media.sailthru.com	link.benefitspro.com
1	polarcdn-terrax.com	link.benefitspro.com
1	s3.amazonaws.com	link.benefitspro.com
30	10

This site contains links to these domains. Also see Links.

Domain
link.alm.com
link.event.benefitspro.com
link.law.com

Subject Issuer	Validity	Valid
link.benefitspro.com R3	`2022-01-01` - `2022-04-01`	3 months	crt.sh
*.amlaw.com Amazon	`2021-09-07` - `2022-10-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-22` - `2022-06-21`	a year	crt.sh
media.sailthru.com Amazon	`2021-06-04` - `2022-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Frame ID: B4981B4E8449C25C9321B7FC14FF26F8
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Daily

Page Statistics

30
Requests

70 %
HTTPS

30 %
IPv6

8
Domains

10
Subdomains

9
IPs

1
Countries

477 kB
Transfer

528 kB
Size

3
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://link.alm.com/click/26335818.21588/aHR0cHM6Ly9ycy1zdHJpcGUuYWxtLmNvbS9zdHJpcGUvcmVkaXJlY3Q_Y3Nfc3RyaXBlaWQ9MjU1NzgmY3NfZW1haWw9YmQ4MzI1N2RiMDcwNDAxNGM4YWY4MGY4ODlkMTFiMjkmY3Nfc2VuZGlkPTAxMTIyMiZjc19lc3A9c2FpbHRocnUmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249YnByb2RhaWx5JnV0bV9jb250ZW50PTIwMjIwMTEyJnV0bV90ZXJtPWJwcm8/5a9db663fc2383470c8b530aBe4459ef9

Search URL Search Domain Scan URL

URL: https://link.alm.com/click/26335818.21588/aHR0cHM6Ly9ycy1zdHJpcGUuYWxtLmNvbS9zdHJpcGUvcmVkaXJlY3Q_Y3Nfc3RyaXBlaWQ9MjU1NzkmY3NfZW1haWw9YmQ4MzI1N2RiMDcwNDAxNGM4YWY4MGY4ODlkMTFiMjkmY3Nfc2VuZGlkPTAxMTIyMiZjc19lc3A9c2FpbHRocnUmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249YnByb2RhaWx5JnV0bV9jb250ZW50PTIwMjIwMTEyJnV0bV90ZXJtPWJwcm8/5a9db663fc2383470c8b530aC0d24e3b7

Search URL Search Domain Scan URL

URL: https://link.alm.com/click/26335818.21588/aHR0cHM6Ly9ycy1zdHJpcGUuYWxtLmNvbS9zdHJpcGUvcmVkaXJlY3Q_Y3Nfc3RyaXBlaWQ9MjU1ODAmY3NfZW1haWw9YmQ4MzI1N2RiMDcwNDAxNGM4YWY4MGY4ODlkMTFiMjkmY3Nfc2VuZGlkPTAxMTIyMiZjc19lc3A9c2FpbHRocnUmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249YnByb2RhaWx5JnV0bV9jb250ZW50PTIwMjIwMTEyJnV0bV90ZXJtPWJwcm8/5a9db663fc2383470c8b530aD70119b43

Search URL Search Domain Scan URL

URL: https://link.alm.com/click/26335818.21588/aHR0cHM6Ly9ycy1zdHJpcGUuYWxtLmNvbS9zdHJpcGUvcmVkaXJlY3Q_Y3Nfc3RyaXBlaWQ9MjU1ODEmY3NfZW1haWw9YmQ4MzI1N2RiMDcwNDAxNGM4YWY4MGY4ODlkMTFiMjkmY3Nfc2VuZGlkPTAxMTIyMiZjc19lc3A9c2FpbHRocnUmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249YnByb2RhaWx5JnV0bV9jb250ZW50PTIwMjIwMTEyJnV0bV90ZXJtPWJwcm8/5a9db663fc2383470c8b530aE554e65cb

Search URL Search Domain Scan URL

URL: https://link.alm.com/click/26335818.21588/aHR0cHM6Ly9ycy1zdHJpcGUuYWxtLmNvbS9zdHJpcGUvcmVkaXJlY3Q_Y3Nfc3RyaXBlaWQ9MjU1NzUmY3NfZW1haWw9YmQ4MzI1N2RiMDcwNDAxNGM4YWY4MGY4ODlkMTFiMjkmY3Nfc2VuZGlkPTAxMTIyMiZjc19lc3A9c2FpbHRocnUmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249YnByb2RhaWx5JnV0bV9jb250ZW50PTIwMjIwMTEyJnV0bV90ZXJtPWJwcm8/5a9db663fc2383470c8b530aF98db3a01

Search URL Search Domain Scan URL

URL: https://link.alm.com/click/26335818.21588/aHR0cHM6Ly9ycy1zdHJpcGUuYWxtLmNvbS9zdHJpcGUvcmVkaXJlY3Q_Y3Nfc3RyaXBlaWQ9MjU1NzYmY3NfZW1haWw9YmQ4MzI1N2RiMDcwNDAxNGM4YWY4MGY4ODlkMTFiMjkmY3Nfc2VuZGlkPTAxMTIyMiZjc19lc3A9c2FpbHRocnUmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249YnByb2RhaWx5JnV0bV9jb250ZW50PTIwMjIwMTEyJnV0bV90ZXJtPWJwcm8/5a9db663fc2383470c8b530aG30684e74

Search URL Search Domain Scan URL

URL: https://link.event.benefitspro.com/click/26335818.21588/aHR0cHM6Ly93d3cuZXZlbnQuYmVuZWZpdHNwcm8uY29tL2Jwcm9icm9rZXJleHBvLzE0Nzg3NTU_dXRtX3NvdXJjZT1NS1QmdXRtX21lZGl1bT1TYXZlVGhlRGF0ZSZ1dG1fY2FtcGFpZ249QlBSTyZ1dG1fY29udGVudD1CUFJPU2F2ZVRoZURhdGVFTmV3cyZrdz1TYXZlJTIwVGhlJTIwRGF0ZSUyMCU3QyUyMEJlbmVmaXRzUFJPJTIwQnJva2VyJTIwRXhwbyUyMDIwMjImdXRtX3Rlcm09YnBybw/5a9db663fc2383470c8b530aBe9e53344

Search URL Search Domain Scan URL

URL: https://link.alm.com/click/26335818.21588/aHR0cHM6Ly9ycy1zdHJpcGUuYWxtLmNvbS9zdHJpcGUvcmVkaXJlY3Q_Y3Nfc3RyaXBlaWQ9MjU1NzcmY3NfZW1haWw9YmQ4MzI1N2RiMDcwNDAxNGM4YWY4MGY4ODlkMTFiMjkmY3Nfc2VuZGlkPTAxMTIyMiZjc19lc3A9c2FpbHRocnUmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249YnByb2RhaWx5JnV0bV9jb250ZW50PTIwMjIwMTEyJnV0bV90ZXJtPWJwcm8/5a9db663fc2383470c8b530aHe150e2d7

Search URL Search Domain Scan URL

URL: https://link.law.com/click/26335818.21588/aHR0cHM6Ly9zdG9yZS5sYXcuY29tL1JlZ2lzdHJhdGlvbi9NeUFjY291bnQuYXNweD9wcm9tb0NvZGU9QlBSTyZwcm9kdWN0Q29kZT1CUFJPREFJTFkmcGVybWlzc2lvbnNVbml0PUFMTVBVQiZlbWFpbD1icml0dGFueS5yLm1hcnRpbiU0MHZpdmVyYWUuY29tJnV0bV9zb3VyY2U9ZW1haWwmdXRtX21lZGl1bT1lbmwmdXRtX2NhbXBhaWduPWJwcm9kYWlseSZ1dG1fY29udGVudD0yMDIyMDExMiZ1dG1fdGVybT1icHJvIy9FbWFpbFByZWY/5a9db663fc2383470c8b530aB0f46e18b
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://link.law.com/click/26335818.21588/aHR0cHM6Ly9zdG9yZS5sYXcuY29tL1JlZ2lzdHJhdGlvbi9NeUFjY291bnQuYXNweD90YXJnZXQ9RW1haWxQcmVmJnByb21vQ29kZT1CUFJPJnBlcm1pc3Npb25zVW5pdD1BTE1QVUImZW1haWw9YnJpdHRhbnkuci5tYXJ0aW4lNDB2aXZlcmFlLmNvbSZ1dG1fc291cmNlPWVtYWlsJnV0bV9tZWRpdW09ZW5sJnV0bV9jYW1wYWlnbj1icHJvZGFpbHkmdXRtX2NvbnRlbnQ9MjAyMjAxMTImdXRtX3Rlcm09YnBybyMvRW1haWxQcmVm/5a9db663fc2383470c8b530aBad088b3c
Title: Email Preferences

Search URL Search Domain Scan URL

URL: https://link.alm.com/click/26335818.21588/aHR0cHM6Ly93d3cuYWxtLmNvbS9wcml2YWN5LXN1bW1pdC8_dXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249YnByb2RhaWx5JnV0bV9jb250ZW50PTIwMjIwMTEyJnV0bV90ZXJtPWJwcm8/5a9db663fc2383470c8b530aB6c6e34e8
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://link.alm.com/click/26335818.21588/aHR0cHM6Ly9ycy1zdHJpcGUuYWxtLmNvbS9icmFuZGluZy8_dXRtX3NvdXJjZT1jb250ZW50c3RyaXBlJnV0bV9jYW1wYWlnbj1yc19hbG0mdXRtX21lZGl1bT1lbWFpbCZ1dG1fY29udGVudD1sb2dvJnJzX3R5cD1kZnAmdXRtX3Rlcm09YnBybw/5a9db663fc2383470c8b530aB992a1d1e

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://link.benefitspro.com/img/5a9db663fc2383470c8b530afogui.gno/cb5fe50d.gif HTTP 302
https://s3.amazonaws.com/sailthru-media/33a/1k4/1/p/5e2cd763df6c3.gif

Request Chain 5

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25578&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru HTTP 303
https://images-prod.powerinboxedge.com/v3/images/0/599537

Request Chain 6

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25579&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru HTTP 303
https://images-prod.powerinboxedge.com/v3/images/0/599537

Request Chain 7

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25580&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru HTTP 303
https://images-prod.powerinboxedge.com/v3/images/0/599537

Request Chain 8

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25581&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru HTTP 303
https://images-prod.powerinboxedge.com/v3/images/0/599537

Request Chain 10

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25575&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru HTTP 303
https://images-prod.powerinboxedge.com/v3/images/0/632266

Request Chain 15

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25576&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru HTTP 303
https://proxy.powerinboxedge.com/6225181183507011690

Request Chain 21

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25577&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru HTTP 303
https://proxy.powerinboxedge.com/18084745969048022874

Request Chain 28

https://rs-stripe.alm.com/branding/recommend/powered.png HTTP 301
https://branding.revenuestripe.com/recommend/powered.png

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 8cf01c33 Show response
link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/ 73 KB
11 KB 752ms
339ms Document
text/html 3.226.166.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.166.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-166-212.compute-1.amazonaws.com
Software: Sailthru /
Resource Hash: 7b031bfe8982e0683ae6857d22ff7d8d3419445970280923d3d3f2a2af2eef29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 12 Jan 2022 17:33:00 GMT
server: Sailthru
x-robots-tag: noindex
vary: Accept-Encoding
content-encoding: gzip
content-length: 10787
content-type: text/html; charset=utf-8
connection: close

GET
H/1.1

200
OK

5e2cd763df6c3.gif
s3.amazonaws.com/sailthru-media/33a/1k4/1/p/
Redirect Chain

https://link.benefitspro.com/img/5a9db663fc2383470c8b530afogui.gno/cb5fe50d.gif
https://s3.amazonaws.com/sailthru-media/33a/1k4/1/p/5e2cd763df6c3.gif

43 B
433 B

422ms
112ms

Image
image/gif

52.216.128.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sailthru-media/33a/1k4/1/p/5e2cd763df6c3.gif
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: HTTP/1.1
Server: 52.216.128.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 17:33:02 GMT
Last-Modified: Sun, 26 Jan 2020 00:03:48 GMT
Server: AmazonS3
x-amz-request-id: 0QG4AFHVGC32QM9Z
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
Content-Type: image/gif
Cache-Control: no-cache, no-store
Accept-Ranges: bytes
Content-Length: 43
x-amz-id-2: DNbtcvBm3K3RVUi1j6oE6HtxntDwF+63ij5VEJ4ZJt+WD0L0Q9dXy+biERQ/IGu/ywvz/Pxk3YU=

Redirect headers

date: Wed, 12 Jan 2022 17:33:01 GMT
server: Sailthru
content-type: text/html; charset=UTF-8
location: https://s3.amazonaws.com/sailthru-media/33a/1k4/1/p/5e2cd763df6c3.gif
cache-control: no-cache, no-store
connection: close
x-robots-tag: noindex
content-length: 0

GET
H2 200 enl-mini-white-fb.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 3 KB
3 KB 105ms
24ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/enl-mini-white-fb.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84a8749d9049def7a549a655c971e27385a95349015247c2e99c6d5993871d86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:23:50 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1524598144/atime:1524598161/ctime:1567309915
x-amz-cf-pop: DUS51-C1
etag: "d91a1991ce284f4f1af99d9922175c3b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=259200
content-length: 3042
x-amz-cf-id: cBOy6mcs-meVVk-wSzka7c2T2RogbryU1JtfG3Vk2mYC3mKje2t7hA==

GET
H2 200 enl-mini-white-tw.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 3 KB
4 KB 110ms
31ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/enl-mini-white-tw.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8cd5f93f50e1436ce78e71ac018191d05739d59c3ecf2817e84b1580422e247

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:23:51 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1524598145/atime:1524598161/ctime:1567309915
x-amz-cf-pop: DUS51-C1
etag: "27620d7d06490f488d0ec30124c4cab5"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=259200
content-length: 3387
x-amz-cf-id: 5ystXQ_aVq3Ww-9isfKLNmh7u5mBLaheUVSVyg3tke9gpqTlBSENEw==

GET
H2 200 enl-mini-white-li.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 3 KB
4 KB 108ms
29ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/enl-mini-white-li.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c046c977661ce4ebe08470901a5f47e708b3cb6060fbd904d74356fbe54fb4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:23:51 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1524598144/atime:1524598161/ctime:1567309915
x-amz-cf-pop: DUS51-C1
etag: "ef5346cbb1ff4e7dccb54ee80f5bc2a4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=259200
content-length: 3226
x-amz-cf-id: J8ATC1fEd4ayuLE8Sg0Rjp8JBz_yi-uNc7LSt4IUPIKPvh9mreHuaA==

GET
H2 200 bar-white.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 3 KB
3 KB 108ms
30ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/bar-white.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 944bba574be04f4598fce0b29a98adf0789eaf8f687faac947958cb556995ea9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:23:41 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1556889647/atime:1556889889/ctime:1567309915
x-amz-cf-pop: DUS51-C1
etag: "d370b320044729266499c6f1df0dcc91"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=259200
content-length: 2796
x-amz-cf-id: Aee5YOqu2nHXDbVPy_8rOQ5Xr692w4qdnTFJQVPksoCKvfvNe8wyng==

GET
H2

200

599537
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25578&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru
https://images-prod.powerinboxedge.com/v3/images/0/599537

82 B
432 B

80ms
20ms

Image
image/png

13.226.159.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/0/599537
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Server: 13.226.159.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2762883d73d39de3503657c03e5afa1dad3625e08ff0be7025f62d875cc04987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:53:34 GMT
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
last-modified: Thu, 06 Feb 2020 18:33:33 GMT
server: AmazonS3
age: 3180
etag: "aeb177a51bd88d7e49442d0a3cf02be1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 82
x-amz-cf-id: klmqSY0XXaJbWnCs231_x1DAWZ4iIi5PSb0yqa_r62ZPRn66vZXoEg==

Redirect headers

pragma: no-cache
date: Wed, 12 Jan 2022 17:33:01 GMT
location: https://images-prod.powerinboxedge.com/v3/images/0/599537
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
expires: -1

GET
H2

200

599537
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25579&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru
https://images-prod.powerinboxedge.com/v3/images/0/599537

82 B
432 B

80ms
21ms

Image
image/png

13.226.159.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/0/599537
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Server: 13.226.159.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2762883d73d39de3503657c03e5afa1dad3625e08ff0be7025f62d875cc04987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:53:34 GMT
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
last-modified: Thu, 06 Feb 2020 18:33:33 GMT
server: AmazonS3
age: 3180
etag: "aeb177a51bd88d7e49442d0a3cf02be1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 82
x-amz-cf-id: 6mc97R1DkBxP5hd_GQklSPtNxSufcooXbQpHmiSlmLqA52oZW-ZUpw==

Redirect headers

pragma: no-cache
date: Wed, 12 Jan 2022 17:33:01 GMT
location: https://images-prod.powerinboxedge.com/v3/images/0/599537
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
expires: -1

GET
H2

200

599537
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25580&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru
https://images-prod.powerinboxedge.com/v3/images/0/599537

82 B
432 B

81ms
22ms

Image
image/png

13.226.159.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/0/599537
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Server: 13.226.159.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2762883d73d39de3503657c03e5afa1dad3625e08ff0be7025f62d875cc04987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:53:34 GMT
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
last-modified: Thu, 06 Feb 2020 18:33:33 GMT
server: AmazonS3
age: 3180
etag: "aeb177a51bd88d7e49442d0a3cf02be1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 82
x-amz-cf-id: CJOfTTvYrQKZBbw6hEQlWHuflCAVJ4Yvo82-sb660Yzp4JDbZsAQoQ==

Redirect headers

pragma: no-cache
date: Wed, 12 Jan 2022 17:33:01 GMT
location: https://images-prod.powerinboxedge.com/v3/images/0/599537
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
expires: -1

GET
H2

200

599537
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25581&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru
https://images-prod.powerinboxedge.com/v3/images/0/599537

82 B
431 B

82ms
21ms

Image
image/png

13.226.159.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/0/599537
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Server: 13.226.159.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2762883d73d39de3503657c03e5afa1dad3625e08ff0be7025f62d875cc04987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:53:34 GMT
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
last-modified: Thu, 06 Feb 2020 18:33:33 GMT
server: AmazonS3
age: 3180
etag: "aeb177a51bd88d7e49442d0a3cf02be1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 82
x-amz-cf-id: iGj31f6foaN60Db9kJbd-XPo_vnxBJ8x7Y01IFvhG9iTrpOTB96SBg==

Redirect headers

pragma: no-cache
date: Wed, 12 Jan 2022 17:33:01 GMT
location: https://images-prod.powerinboxedge.com/v3/images/0/599537
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
expires: -1

GET
H2 200 Path-to-Business-Success-employer-road.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/01/ 8 KB
8 KB 76ms
36ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/01/Path-to-Business-Success-employer-road.jpg

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a9f9fc7df4f35020f34c1de4c6f7827545309f0fdd7ef980d03a57c223daa6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
cf-cache-status: HIT
age: 3068
cf-polished: qual=85, origFmt=jpeg, origSize=12491
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="Path-to-Business-Success-employer-road.webp"
content-length: 8122
last-modified: Tue, 11 Jan 2022 17:43:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8827e3-30cb-5d551ff70befb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 12 Jan 2022 21:33:01 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6cc820a229ae42cf-FRA
x-vnode: 21
cf-bgj: imgq:85,h2pri

GET
H2

200

632266
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25575&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru
https://images-prod.powerinboxedge.com/v3/images/0/632266

24 KB
24 KB

91ms
32ms

Image
image/png

13.226.159.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/0/632266
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Server: 13.226.159.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b40b58e482fa5d5f32d170406e54fc9de401b8d27593a91d1a17a5d38616a67a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
last-modified: Wed, 20 May 2020 18:48:49 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "6a41c7e6fb7c325f9b85fd2479fb5290"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 24586
x-amz-cf-id: ldLI2fApan3Sg2MwhMxtSYch9Qb3YWxvE0Ve62qVP0VBIq3pb1DTYg==

Redirect headers

pragma: no-cache
date: Wed, 12 Jan 2022 17:33:01 GMT
location: https://images-prod.powerinboxedge.com/v3/images/0/632266
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
expires: -1

GET
H2 200 COVID-testing-Article-202201110956.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/01/ 12 KB
12 KB 79ms
54ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/01/COVID-testing-Article-202201110956.jpg

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d903645bc7dfc58777e82cddfd7cc94e1ec4cbd2c4ff73096ea5d681f53f646

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
cf-cache-status: HIT
age: 843
cf-polished: qual=85, origFmt=jpeg, origSize=19929
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="COVID-testing-Article-202201110956.webp"
content-length: 12138
last-modified: Tue, 11 Jan 2022 15:03:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "88265c-4dd9-5d54fc2daef89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 12 Jan 2022 21:33:01 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6cc820a229a642cf-FRA
x-vnode: 28
cf-bgj: imgq:85,h2pri

GET
H2 200 61ba5c09ff7540b6769e741a
polarcdn-terrax.com/image/v1.0.0/bin/ 29 KB
30 KB 128ms
46ms Image
image/png 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polarcdn-terrax.com/image/v1.0.0/bin/61ba5c09ff7540b6769e741a
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040a09805becb5147319355e4cd3ff755a67b8787196e628c2b059592d432c0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 188729
content-type: image/png
content-length: 30206
timing-allow-origin: *
last-modified: Mon, 10 Jan 2022 13:00:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 432000
access-control-allow-methods: GET
x-varnish: 719970639
access-control-allow-origin: *
cache-control: public, max-age=432000
accept-ranges: bytes
cf-ray: 6cc820a28d605c98-FRA

GET
H2 200 1118-Insane-Health-Care-MI.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2018/10/ 60 KB
60 KB 65ms
39ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2018/10/1118-Insane-Health-Care-MI.jpg

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67c8685c1b8423e300a74c08f2a65a292d7959d8295ef44b3cc2975dfe96577

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
cf-cache-status: HIT
age: 3895
cf-polished: qual=85, origFmt=jpeg, origSize=70656
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="1118-Insane-Health-Care-MI.webp"
content-length: 61522
last-modified: Wed, 24 Oct 2018 16:01:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "55f822-11400-578fb97ea2449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 12 Jan 2022 21:33:01 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6cc820a229ab42cf-FRA
x-vnode: 28
cf-bgj: imgq:85,h2pri

GET
H2 200 erase-remove-decouple-retirement-change-direction.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/01/ 36 KB
37 KB 60ms
35ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/01/erase-remove-decouple-retirement-change-direction.jpg

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8311437edd0f442361310670b7413d8f6b66049b5f3c401ccc205eb8920e0c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
cf-cache-status: HIT
age: 594
cf-polished: qual=85, origFmt=jpeg, origSize=45277
x-cache: HIT 1
backend: contribsreimg_prod_director
content-disposition: inline; filename="erase-remove-decouple-retirement-change-direction.webp"
content-length: 37106
last-modified: Wed, 05 Jan 2022 22:43:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "881a10-b0dd-5d4dd7b36dde0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 12 Jan 2022 21:33:01 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6cc820a229ad42cf-FRA
x-vnode: 21
cf-bgj: imgq:85,h2pri

GET
H2

200

6225181183507011690
proxy.powerinboxedge.com/
Redirect Chain

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25576&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru
https://proxy.powerinboxedge.com/6225181183507011690

35 KB
36 KB

170ms
53ms

Image
image/png

143.204.98.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proxy.powerinboxedge.com/6225181183507011690

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Server

143.204.98.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-22.fra50.r.cloudfront.net

Software

sffe /

Resource Hash

3eae5a2d586a0e01016abddf0fb8fe9fab87de3d2c2ea85aff34b99a00156bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 36163
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:07:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: njY19VtyO-PJEHU53bUZBlebBPDtCChdb_vAZNXnuMQRZCd2iG1Nug==
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Jan 2023 17:33:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Jan 2022 17:33:01 GMT
google-lineitem-id: 5820522204
google-creative-id: 138378295924
location: https://proxy.powerinboxedge.com/6225181183507011690
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
x-pi-dfp-url: https://securepubads.g.doubleclick.net/gampad/adx?iu=/21665826759/powerinbox_benefitspro_daily_300x250_2&sz=300x250|300x1&c=721510464&tile=2&d_imp=1&d_imp_hdr=1&t=pi_proxy%3Dfalse%26pi_geo_country%3DDE%26pi_geo_regioncode%3DDE-
x-pi-image-url: https://proxy.powerinboxedge.com/6225181183507011690
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
expires: -1

GET
H2 200 01_Young-Person-Working-Remote-1.jpg-image620x372-1.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/09/ 24 KB
25 KB 79ms
53ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/09/01_Young-Person-Working-Remote-1.jpg-image620x372-1.jpg

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f23150a94c429a7ad333138280e4ef05477ebcd856c416270792d76168005a2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
cf-cache-status: HIT
age: 3068
cf-polished: qual=85, origFmt=jpeg, origSize=32795
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="01_Young-Person-Working-Remote-1.webp"
content-length: 24902
last-modified: Tue, 28 Sep 2021 20:23:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "10498f3-801b-5cd13fd44e742"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 12 Jan 2022 21:33:01 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6cc820a229b142cf-FRA
x-vnode: 27
cf-bgj: imgq:85,h2pri

GET
H2 200 crystal-ball-woman-hand.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2019/01/ 13 KB
13 KB 40ms
39ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2019/01/crystal-ball-woman-hand.jpg

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa0db6c11a4d8e8291f9389101f1c4e95e45f6df599c86643f35a6f29e55bb0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
cf-cache-status: HIT
age: 594
cf-polished: qual=85, origFmt=jpeg, origSize=23553
x-cache: HIT 4
backend: contribsreimg_prod_director
content-disposition: inline; filename="crystal-ball-woman-hand.webp"
content-length: 13146
last-modified: Sat, 05 Jan 2019 00:32:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "597321-5c01-57eab2115c7ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 12 Jan 2022 21:33:01 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6cc820a26a7642cf-FRA
x-vnode: 145
cf-bgj: imgq:85,h2pri

GET
H2 200 401k-money-sign-shtstck.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2022/01/ 18 KB
18 KB 41ms
39ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2022/01/401k-money-sign-shtstck.jpg

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6588f0bab62f657d1b63b95b43b95dfef687feb2e126e9fdd6f7dcff244e2f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
cf-cache-status: HIT
age: 3068
cf-polished: qual=85, origFmt=jpeg, origSize=29745
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="401k-money-sign-shtstck.webp"
content-length: 18200
last-modified: Mon, 10 Jan 2022 21:23:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "882554-7431-5d540f2e6c790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 12 Jan 2022 21:33:01 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6cc820a26a8042cf-FRA
x-vnode: 27
cf-bgj: imgq:85,h2pri

GET
H2 200 Tax-Fraud-Article-202101081652.jpg
images.benefitspro.com/contrib/content/uploads/sites/412/2021/01/ 24 KB
24 KB 45ms
43ms Image
image/webp 2606:4700::6812:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.benefitspro.com/contrib/content/uploads/sites/412/2021/01/Tax-Fraud-Article-202101081652.jpg

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6fae35bba6cd58a96b5c927a772a9ea4914d8759d030788bc7d911fbfad83e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
cf-cache-status: HIT
age: 3068
cf-polished: qual=85, origFmt=jpeg, origSize=35317
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="Tax-Fraud-Article-202101081652.webp"
content-length: 24338
last-modified: Mon, 11 Jan 2021 13:06:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "104183f-89f5-5b89f94294fbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 12 Jan 2022 21:33:01 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6cc820a26a8342cf-FRA
x-vnode: 145
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK 616d9639a7e65.png
media.sailthru.com/33a/1k5/a/i/ 108 KB
108 KB 84ms
25ms Image
image/png 13.226.159.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sailthru.com/33a/1k5/a/i/616d9639a7e65.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-75.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9611613b9a7955db92ef46517601bd7d4d27b8d4436dd994c52daa48c03edfbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 07:37:55 GMT
Via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Oct 2021 15:43:54 GMT
Server: AmazonS3
Age: 37049
ETag: "3651a58df5a88d6530e3daddd523f216"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 110193
X-Amz-Cf-Id: ILO9fH5IGwwCTBGgylQav3dcmAXEBg-lASUdqMzTMs2KD1lDk4aNgg==

GET
H2

200

18084745969048022874
proxy.powerinboxedge.com/
Redirect Chain

https://rs-stripe.alm.com/stripe/image?cs_stripeid=25577&cs_email=bd83257db0704014c8af80f889d11b29&cs_sendid=011222&cs_esp=sailthru
https://proxy.powerinboxedge.com/18084745969048022874

29 KB
30 KB

20ms
20ms

Image
image/png

143.204.98.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proxy.powerinboxedge.com/18084745969048022874

Requested by

Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33

Protocol

Server

143.204.98.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-22.fra50.r.cloudfront.net

Software

sffe /

Resource Hash

c99cfee75e7dcd7307f6cb3c26fa2c78c87d0e5fdea7fd0d37dfe73fd2f758a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 20:55:38 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1075
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 29981
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:12:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: aldGNAhouhsnO7Tr_zE5j3Gze4puFHZVmm3B-Nw-uTwHlSrh_LmpTA==
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Jan 2023 20:55:38 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Jan 2022 17:33:01 GMT
google-lineitem-id: 5819952393
google-creative-id: 138369000137
location: https://proxy.powerinboxedge.com/18084745969048022874
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
x-pi-dfp-url: https://securepubads.g.doubleclick.net/gampad/adx?iu=/21665826759/powerinbox_benefitspro_daily_300x250_3&sz=300x250|300x1&c=721510464&tile=3&d_imp=1&d_imp_hdr=1&t=pi_proxy%3Dfalse%26pi_geo_country%3DDE%26pi_geo_regioncode%3DDE-
x-pi-image-url: https://proxy.powerinboxedge.com/18084745969048022874
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
expires: -1

GET
H2 200 enl-mini-white-em.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 3 KB
4 KB 89ms
28ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/enl-mini-white-em.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 600cd8e43f9991e3568f62f86f2245cf24e1bfadad6e30976ce59e74e6f9900e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:23:50 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1524598144/atime:1524598161/ctime:1567309915
x-amz-cf-pop: DUS51-C1
etag: "f3b0cac982d5a9e92c6c11f733c46d79"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=259200
content-length: 3264
x-amz-cf-id: dJKagkDEeuPIL5I4FjR6ND9xUex9KS2YT5pmHME4NNpE_xE0uET1jQ==

GET
H2 200 twitter-active.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 3 KB
3 KB 91ms
31ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/twitter-active.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a35d356276c6b03a01d5f52ec5a11f022e665d03fa0d09874b787c6b0c2dfc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:24:26 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1524598260/atime:1524598526/ctime:1567309915
x-amz-cf-pop: DUS51-C1
etag: "afcdad278846e4c84332c64d28aecf81"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=259200
content-length: 2624
x-amz-cf-id: 8Uo_WobYvERoo2pbJPiCwe0oXTHLFRPWMti1rF25GViIVSmZXpvsAg==

GET
H2 200 facebook-active.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 2 KB
3 KB 158ms
156ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/facebook-active.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 716550490ee01e587ddfa4592fcff1665285422407bad00f5d29b1079804e83c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:02 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:23:51 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1524598145/atime:1524598161/ctime:1567309915
x-amz-cf-pop: DUS51-C1
etag: "8bc56c7eae56afef635843a9abb88d3c"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=259200
content-length: 2166
x-amz-cf-id: EFjKqb3pohdQX0eRKimyREJEIwrwiquaivpgXn0sYY6A3yR6lRplRQ==

GET
H2 200 linkedin-active.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 2 KB
3 KB 31ms
30ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/linkedin-active.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92aed821e66883e99ecbb4aca2da03f5a7db57f937124772014f2dd97799eac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:01 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:23:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1524598166/atime:1524598238/ctime:1567309915
x-amz-cf-pop: DUS51-C1
etag: "ee063ca62ce32d6c8d4b7c6f23362b55"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=259200
content-length: 2439
x-amz-cf-id: RhcO2K6y9MyJ12Dv9rPknZV7WKPo8yzrYUr2Aw46T0BmNHnuAY9-1w==

GET
H2 200 email-active.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 3 KB
3 KB 41ms
40ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/email-active.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bd2c4c45fe6e2d112b003cdeb1b6342ba65af01da3b024330aabbbd5b8ae969

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:30:44 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:23:50 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1524598144/atime:1524598161/ctime:1567309915
age: 138
etag: "7a67a26437c582d9afb8d828b19d0803"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=259200
x-amz-cf-pop: DUS51-C1
content-length: 2639
x-amz-cf-id: t4wFt0G8NytI0W6NKAjIOPhxK2PwttuV-MfIcDpfLlS42Uv3dubJqA==

GET
H2 200 alm-logo.png
imageserver.amlaw.com/sailthru/img/newsletters/sailThru/ 7 KB
8 KB 167ms
166ms Image
image/png 2600:9000:2182:ae00:d:df45:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/sailthru/img/newsletters/sailThru/alm-logo.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ae00:d:df45:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9896b8b5b9ffbc50a447c99140be2e6b03e51741bdeebb781d4cfcfd2ade4cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:33:02 GMT
via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 15:23:40 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1138/gname:www/uname:sfftp/gid:574/mode:33188/mtime:1524598119/atime:1524598161/ctime:1567309915
x-amz-cf-pop: DUS51-C1
etag: "5f3a75875d6d6d2bdd913e1ccc4c8bcd"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=259200
content-length: 7663
x-amz-cf-id: 5qqJfDN-cjpdLT9iRnhtIfLtcVulPiStXJOJeUeyqgn1dRNdelSnsw==

GET
H2

200

powered.png
branding.revenuestripe.com/recommend/
Redirect Chain

https://rs-stripe.alm.com/branding/recommend/powered.png
https://branding.revenuestripe.com/recommend/powered.png

2 KB
2 KB

91ms
17ms

Image
image/png

65.9.61.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://branding.revenuestripe.com/recommend/powered.png
Requested by: Host: link.benefitspro.com
URL: https://link.benefitspro.com/view/5a9db663fc2383470c8b530afogui.gno/8cf01c33
Protocol: H2
Server: 65.9.61.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a84ef1bebfa96cbfc237fe0647ca2995251d0064b5ba69d776071b289402d889

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.benefitspro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 06:47:27 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 21:16:31 GMT
server: AmazonS3
age: 729934
etag: "c443e852a2cc09a47bcb79bca1f3b9c5"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1586
x-amz-cf-id: A6SAlzddCcQSAiYenKfUTr-SPXoJABXjooeBxmxQ1ErHQ67voA9-kA==

Redirect headers

location: https://branding.revenuestripe.com/recommend/powered.png
date: Wed, 12 Jan 2022 17:33:01 GMT
content-length: 17
content-type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
link.benefitspro.com/img/5a9db663fc2383470c8b530afogui.gno	1970-01-20 00:06:48	Name: sail_fwd Value: 1642008781
.benefitspro.com/	1970-01-20 08:52:45	Name: sailthru_hid Value: 3cb0edbe67f82c3052d45c6ed06890595a9db663fc2383470c8b530aefd82c610b345f6d9be92ae8bf2bd775
.benefitspro.com/	1970-01-20 00:16:53	Name: sailthru_bid Value: 26335818.00021588

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

branding.revenuestripe.com
images-prod.powerinboxedge.com
images.benefitspro.com
imageserver.amlaw.com
link.benefitspro.com
media.sailthru.com
polarcdn-terrax.com
proxy.powerinboxedge.com
rs-stripe.alm.com
s3.amazonaws.com
13.226.159.29
13.226.159.75
13.84.54.237
143.204.98.22
2600:9000:2182:ae00:d:df45:5680:93a1
2606:4700::6811:4132
2606:4700::6812:174b
3.226.166.212
52.216.128.77
65.9.61.105
040a09805becb5147319355e4cd3ff755a67b8787196e628c2b059592d432c0e
0aa0db6c11a4d8e8291f9389101f1c4e95e45f6df599c86643f35a6f29e55bb0
16a9f9fc7df4f35020f34c1de4c6f7827545309f0fdd7ef980d03a57c223daa6
2762883d73d39de3503657c03e5afa1dad3625e08ff0be7025f62d875cc04987
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3eae5a2d586a0e01016abddf0fb8fe9fab87de3d2c2ea85aff34b99a00156bba
3f23150a94c429a7ad333138280e4ef05477ebcd856c416270792d76168005a2
4e6588f0bab62f657d1b63b95b43b95dfef687feb2e126e9fdd6f7dcff244e2f
5a35d356276c6b03a01d5f52ec5a11f022e665d03fa0d09874b787c6b0c2dfc7
600cd8e43f9991e3568f62f86f2245cf24e1bfadad6e30976ce59e74e6f9900e
6c046c977661ce4ebe08470901a5f47e708b3cb6060fbd904d74356fbe54fb4c
716550490ee01e587ddfa4592fcff1665285422407bad00f5d29b1079804e83c
7b031bfe8982e0683ae6857d22ff7d8d3419445970280923d3d3f2a2af2eef29
7bd2c4c45fe6e2d112b003cdeb1b6342ba65af01da3b024330aabbbd5b8ae969
7d903645bc7dfc58777e82cddfd7cc94e1ec4cbd2c4ff73096ea5d681f53f646
84a8749d9049def7a549a655c971e27385a95349015247c2e99c6d5993871d86
92aed821e66883e99ecbb4aca2da03f5a7db57f937124772014f2dd97799eac1
944bba574be04f4598fce0b29a98adf0789eaf8f687faac947958cb556995ea9
9611613b9a7955db92ef46517601bd7d4d27b8d4436dd994c52daa48c03edfbd
a84ef1bebfa96cbfc237fe0647ca2995251d0064b5ba69d776071b289402d889
a8cd5f93f50e1436ce78e71ac018191d05739d59c3ecf2817e84b1580422e247
b40b58e482fa5d5f32d170406e54fc9de401b8d27593a91d1a17a5d38616a67a
b67c8685c1b8423e300a74c08f2a65a292d7959d8295ef44b3cc2975dfe96577
c99cfee75e7dcd7307f6cb3c26fa2c78c87d0e5fdea7fd0d37dfe73fd2f758a1
cf6fae35bba6cd58a96b5c927a772a9ea4914d8759d030788bc7d911fbfad83e
d9896b8b5b9ffbc50a447c99140be2e6b03e51741bdeebb781d4cfcfd2ade4cd
f8311437edd0f442361310670b7413d8f6b66049b5f3c401ccc205eb8920e0c1

link.benefitspro.com Open in urlscan Pro 3.226.166.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

30 Requests

70 %HTTPS

30 %IPv6

8 Domains

10 Subdomains

9 IPs

1 Countries

477 kBTransfer

528 kBSize

3 Cookies

14 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

link.benefitspro.com Open in urlscan Pro
3.226.166.212 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

70 %
HTTPS

30 %
IPv6

8
Domains

10
Subdomains

9
IPs

1
Countries

477 kB
Transfer

528 kB
Size

3
Cookies

30 HTTP transactions
0 data transactions