participant.myameriflex.com Open in urlscan Pro
146.88.104.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://participant.myameriflex.com/#/login
Effective URL:
https://participant.myameriflex.com/
Submission: On December 15 via manual (December 15th 2021, 9:54:53 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 41 HTTP transactions. The main IP is 146.88.104.115, located in United States and belongs to RMH-14, US. The main domain is participant.myameriflex.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 1st 2020. Valid for: 2 years.

This is the only time participant.myameriflex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	146.88.104.115 146.88.104.115	33070 (RMH-14) (RMH-14)
9	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
4	45.77.88.11 45.77.88.11	20473 (AS-CHOOPA) (AS-CHOOPA)
1	52.222.186.14 52.222.186.14	16509 (AMAZON-02) (AMAZON-02)
1	54.230.205.75 54.230.205.75	16509 (AMAZON-02) (AMAZON-02)
2	151.139.245.16 151.139.245.16	33438 (HIGHWINDS2) (HIGHWINDS2)
4 5	108.128.4.166 108.128.4.166	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	52.222.186.78 52.222.186.78	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	63.32.233.146 63.32.233.146	16509 (AMAZON-02) (AMAZON-02)
3	18.206.130.246 18.206.130.246	14618 (AMAZON-AES) (AMAZON-AES)
1	34.240.23.145 34.240.23.145	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:201... 2600:9000:2016:4400:1b:1126:8840:21	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
41	15

12 146.88.104.115 (United States)

ASN33070 (RMH-14, US)

participant.myameriflex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
producer-api.ameriflexbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.77.88.11 (London, United Kingdom)

ASN20473 (AS-CHOOPA, US)
PTR: d13.adspeed.us

host.fsastore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.186.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-14.ham50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.205.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-205-75.ham50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.245.16 (United States)

ASN33438 (HIGHWINDS2, US)

cdn.fsastore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.128.4.166 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-4-166.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.186.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-78.ham50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.233.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-233-146.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.206.130.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-130-246.compute-1.amazonaws.com

api.raygun.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.23.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-23-145.eu-west-1.compute.amazonaws.com

ws2.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2016:4400:1b:1126:8840:21 (United States)

ASN16509 (AMAZON-02, US)

dg9yx063wiiht.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	typekit.net use.typekit.net p.typekit.net	333 KB
10	myameriflex.com participant.myameriflex.com	15 MB
6	fsastore.com host.fsastore.com cdn.fsastore.com	18 KB
5	adroll.com 4 redirects d.adroll.com	3 KB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com ws2.hotjar.com	65 KB
3	raygun.io api.raygun.io	513 B
2	ameriflexbenefits.com producer-api.ameriflexbenefits.com	377 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	946 B
2	polyfill.io cdn.polyfill.io	787 B
1	pubmatic.com simage2.pubmatic.com	549 B
1	cloudfront.net dg9yx063wiiht.cloudfront.net	30 KB
41	11

	Domain	Requested by
10	participant.myameriflex.com	participant.myameriflex.com
9	use.typekit.net	participant.myameriflex.com
5	d.adroll.com	4 redirects participant.myameriflex.com
4	host.fsastore.com	participant.myameriflex.com host.fsastore.com
3	api.raygun.io	participant.myameriflex.com
2	producer-api.ameriflexbenefits.com	participant.myameriflex.com
2	cm.g.doubleclick.net	2 redirects
2	cdn.fsastore.com	participant.myameriflex.com
2	cdn.polyfill.io	participant.myameriflex.com
1	simage2.pubmatic.com
1	dg9yx063wiiht.cloudfront.net	participant.myameriflex.com
1	ws2.hotjar.com	participant.myameriflex.com
1	in.hotjar.com	participant.myameriflex.com
1	p.typekit.net	participant.myameriflex.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	participant.myameriflex.com
41	17

This site contains links to these domains. Also see Links.

Domain
fsastore.com
host.fsastore.com

Subject Issuer	Validity	Valid
*.myameriflex.com DigiCert SHA2 Secure Server CA	`2020-04-01` - `2022-04-22`	2 years	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
host.fsastore.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-04` - `2022-08-06`	2 years	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.fsastore.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-01` - `2022-03-01`	2 years	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.ameriflexbenefits.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-10` - `2023-01-10`	a year	crt.sh
*.raygun.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-11` - `2022-11-11`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://participant.myameriflex.com/
Frame ID: 1277EE1952A7CC13B0EFC87564132621
Requests: 40 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 03C9AB67E4D8C1A5F103F2CBD20FE804
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ameriflex Participant PortalOpen Chat

Page Statistics

41
Requests

95 %
HTTPS

25 %
IPv6

11
Domains

17
Subdomains

15
IPs

4
Countries

15775 kB
Transfer

16010 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://fsastore.com/?utm_source=AmeriFlex&utm_medium=TPA+Portal+Proprietary+Link+Nav&a_aid=500f149fbdcc7&utm_campaign=TPA+Partner
Title: Shop FSA Store

Search URL Search Domain Scan URL

URL: https://host.fsastore.com/qc.php?do=clk&aid=581385&zid=103957&t=1639605286&auth=541fa260589beb8332243596f34fc837

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://d.adroll.com/ipixel/S6N6R5JXAJC35DUNEZUZ2E/LCNO3PT6OJCT7NAYJVQ443?name=32060c90 HTTP 302
https://d.adroll.com/cm/g/out?advertisable=S6N6R5JXAJC35DUNEZUZ2E HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=V4vTgRLNEUD-Cjqqq4PGrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=V4vTgRLNEUD-Cjqqq4PGrQ&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 31

https://d.adroll.com/ipixel/S6N6R5JXAJC35DUNEZUZ2E/LCNO3PT6OJCT7NAYJVQ443?name=32060c90 HTTP 302
https://d.adroll.com/cm/pubmatic/out?advertisable=S6N6R5JXAJC35DUNEZUZ2E HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTc4YmQzODExMmNkMTE0MGZlMGEzYWFhYWI4M2M2YWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
participant.myameriflex.com/ 3 KB
3 KB 430ms
126ms Document
text/html 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cafd7efa7ed59c732810e406f1cf32730148f18a5268794cddedae252bd1f358

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Wed, 15 Dec 2021 15:09:41 GMT
accept-ranges: bytes
etag: "be3fffc8c5f1d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Wed, 15 Dec 2021 21:54:44 GMT
content-length: 2882

GET
H2 200 eex8ezx.js Show response
use.typekit.net/ 19 KB
7 KB 222ms
140ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/eex8ezx.js

Requested by

Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b1070994a5ce59988e75c06e05cabaf0d68ab6125cdc979164c9eb4d99efb648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 15 Dec 2021 21:54:45 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7003

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
618 B 73ms
22ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 4216045
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Thu, 28 Oct 2021 01:49:49 GMT
date: Wed, 15 Dec 2021 21:54:45 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fonts.css
participant.myameriflex.com/ 15 KB
15 KB 127ms
126ms Stylesheet
text/css 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://participant.myameriflex.com/fonts.css
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a2de23d0a1ae5711886f9fd002e56c02ca094280f33821ccec07c91e6a480cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:44 GMT
last-modified: Tue, 14 Dec 2021 18:50:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0f41b821bf1d71:0"
content-type: text/css
accept-ranges: bytes
content-length: 14917

GET
H2 200 qc.php Show response
host.fsastore.com/ 269 B
483 B 748ms
232ms Script
application/x-javascript 45.77.88.11
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.88.11 London, United Kingdom, ASN20473 (AS-CHOOPA, US),
Reverse DNS: d13.adspeed.us
Software: nginx /
Resource Hash: e352678cf6d79046a1fb15152a37bc39890e8f72ded43cfb94562f4776f872be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:54:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 app.3b40c149c193716ce5cf.js Show response
participant.myameriflex.com/ 3 MB
3 MB 243ms
243ms Script
application/javascript 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cb39ecf529057e48380aadb4e9aea9228a0a92dc02189874e5942ff9425b1f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:44 GMT
last-modified: Wed, 15 Dec 2021 15:09:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "fceefc9c5f1d71:0"
content-type: application/javascript
accept-ranges: bytes
content-length: 3291365

GET
H2 200 hotjar-1256861.js Show response
static.hotjar.com/c/ 6 KB
3 KB 121ms
87ms Script
application/javascript 52.222.186.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1256861.js?sv=6

Requested by

Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-14.ham50.r.cloudfront.net

Software

Resource Hash

85de3416fff19aff55dc409f6b0117f55f1724036a17d5ed4935bd5ea288538e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: HAM50-C2
etag: W/c40980593a228b8d96c3f60e61e093ba
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: II82eRI19mVuFy_9ortUvtN9v6UXj286F5DI_Ap7oOQMhU4zFoUGLQ==
via: 1.1 4f5d7e3a87b60a05ec95a5a0e7f4b9d6.cloudfront.net (CloudFront)

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 222 B
169 B 22ms
22ms Other
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 4216045
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Thu, 28 Oct 2021 01:49:49 GMT
date: Wed, 15 Dec 2021 21:54:45 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 modules.cbd9b920d05cd9e47f57.js Show response
script.hotjar.com/ 227 KB
60 KB 56ms
19ms Script
application/javascript 54.230.205.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1256861.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.205.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-205-75.ham50.r.cloudfront.net

Software

Resource Hash

2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 627519
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60953
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 15:35:08 GMT
etag: "7a85a2a595def8796a50e919e49cda7a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b0897b3c9ccbfb930a1fb81cc0ac17d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 32nSKwDyWhXZ1JCLFs_VjANotQ_IB8UGvmvkz-N8jJE2nFPZMhJu0w==

GET
H2 200 qc.php Show response
host.fsastore.com/ 1 KB
920 B 229ms
229ms Script
application/x-javascript 45.77.88.11
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank&cb=0.5484722232104078&ref=&uri=https%3A//participant.myameriflex.com/%23/login
Requested by: Host: host.fsastore.com
URL: https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.88.11 London, United Kingdom, ASN20473 (AS-CHOOPA, US),
Reverse DNS: d13.adspeed.us
Software: nginx /
Resource Hash: 498fbaaa1dec46ea8e25fdd8ef0ea0f8541c9bfcc9f6e6a7c41d7090202b685f

Request headers

Referer: https://participant.myameriflex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:54:46 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1180x125.jpg
cdn.fsastore.com/tpa/fsa/PartnerAssets/Ban/OTC/ 8 KB
8 KB 92ms
13ms Image
image/jpeg 151.139.245.16
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fsastore.com/tpa/fsa/PartnerAssets/Ban/OTC/1180x125.jpg
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.245.16 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: beb6f491167c8b47575c89aad57323ab8717e0da5d094cabc62f8a689c9abc57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 21:54:46 GMT
content-md5: 1CcF2TyX8uFPGnLhKXrsTw==
x-cache: HIT
content-length: 7750
x-ms-lease-status: unlocked
last-modified: Thu, 23 Sep 2021 08:04:02 GMT
server: nginx
etag: 0x8D97E68B501CFF9
content-type: image/jpeg
access-control-allow-origin: *, *
x-ms-request-id: a6a591eb-701e-0071-51a4-f13944000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 16 Dec 2021 21:54:46 GMT

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/ipixel/S6N6R5JXAJC35DUNEZUZ2E/LCNO3PT6OJCT7NAYJVQ443?name=32060c90
https://d.adroll.com/cm/g/out?advertisable=S6N6R5JXAJC35DUNEZUZ2E
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=V4vTgRLNEUD-Cjqqq4PGrQ
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=V4vTgRLNEUD-Cjqqq4PGrQ&google_tc=
https://d.adroll.com/cm/g/in

42 B
536 B

37ms
37ms

Image
image/gif

108.128.4.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Server: 108.128.4.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-4-166.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:54:46 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:54:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 qc.php
host.fsastore.com/ 43 B
253 B 229ms
228ms Image
image/gif 45.77.88.11
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://host.fsastore.com/qc.php?do=imp&aid=581385&zid=103957&t=1639605286&auth=541fa260589beb8332243596f34fc837&oid=22625&wd=-1&ht=-1&ref=&uri=https%3A%2F%2Fparticipant.myameriflex.com%2F%23%2Flogin
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.88.11 London, United Kingdom, ASN20473 (AS-CHOOPA, US),
Reverse DNS: d13.adspeed.us
Software: nginx /
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
cache-control: max-age=315360000
server: nginx
content-type: image/gif
content-length: 43
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app-config.json Show response
participant.myameriflex.com/ 36 B
125 B 126ms
126ms XHR
application/json 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://participant.myameriflex.com/app-config.json?t=1639605286654
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f97a3cab0f4e0eef38180b5b68f9ff006018efa6e3515fbb9f1c0b8c7110c0ab

Request headers

Accept: application/json, text/plain, */*
Referer: https://participant.myameriflex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
last-modified: Wed, 15 Dec 2021 15:09:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a8a01c9c5f1d71:0"
content-type: application/json
accept-ranges: bytes
content-length: 36

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 75ms
38ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

Referer: https://participant.myameriflex.com/
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33656

GET
H2 200 l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ 34 KB
35 KB 81ms
44ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9191236609651784e259092183314fe28193d10e100e8a736cab8b84fbda8665

Request headers

Referer: https://participant.myameriflex.com/
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
server: nginx
etag: "7419d3e31dff61919238b7104d975fb9f66eb724"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35128

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 75ms
38ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

Referer: https://participant.myameriflex.com/
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/ 34 KB
34 KB 77ms
40ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9911551bfac483efeaad5d4f502eaf6796e61f1776eaeac37e937104e47ec84f

Request headers

Referer: https://participant.myameriflex.com/
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
server: nginx
etag: "98ea2e3888e90196090ca6bc7ddc5345e1871a7a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34376

GET
H2 200 l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 42 KB
42 KB 64ms
28ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d

Request headers

Referer: https://participant.myameriflex.com/
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
server: nginx
etag: "e7811049bfa1845589c42f0b31c9740a16cee93a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43068

GET
H2 200 l
use.typekit.net/af/eb729a/000000000000000000010092/27/ 42 KB
42 KB 65ms
28ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eb729a/000000000000000000010092/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 953823347d8f87e8978c4ae174f49f45e9d1c67c1199bb2d4571b7e0d38ae514

Request headers

Referer: https://participant.myameriflex.com/
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
server: nginx
etag: "457eff33d9f4e8245ff5b71b234463ccb76ddf1e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43064

GET
H2 200 l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ 50 KB
51 KB 64ms
27ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868

Request headers

Referer: https://participant.myameriflex.com/
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
server: nginx
etag: "22520917f01d8d34c0dcc1417c749962b8a47011"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51500

GET
H2 200 l
use.typekit.net/af/cf3e4e/000000000000000000010095/27/ 56 KB
56 KB 52ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cf3e4e/000000000000000000010095/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d5dad4403d4ae0560704f4fb671398490d4066db76b8a757f838308e06cf15ec

Request headers

Referer: https://participant.myameriflex.com/
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
server: nginx
etag: "8c71903d09dd901d68e476eaeb1bb223941b9348"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 57500

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 03C9 2 KB
1 KB 49ms
16ms Document
text/html 52.222.186.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1256861.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-78.ham50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8640a37b586353bc916562c577770223.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: J7bOTEQshgqnc1DwOe9l34-uHv1XQAV0xGltm7ywEELBnlOXm8C2fw==
age: 1144900

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 61ms
8ms Image
image/gif 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=eex8ezx&ht=tk&h=participant.myameriflex.com&f=139.140.175.176.10881.10882.10884.10885&a=6853977&js=1.20.0&app=typekit&e=js&_=1639605286760
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 feature Show response
producer-api.ameriflexbenefits.com/papi/ 166 B
338 B 990ms
129ms XHR
application/json 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://producer-api.ameriflexbenefits.com/papi/feature
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cfadaf3f9466f990d8f188c1f9f97fa83fc95c345aa8ddb00aaf47990708f9e6

Request headers

Accept: application/json, text/plain, */*
Referer: https://participant.myameriflex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://participant.myameriflex.com
date: Wed, 15 Dec 2021 21:54:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 166
content-type: application/json; charset=utf-8

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1256861/ 146 B
323 B 99ms
35ms XHR
application/json 63.32.233.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1256861/visit-data?sv=6
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.233.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-233-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de

Request headers

Referer: https://participant.myameriflex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 15 Dec 2021 21:54:46 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H/1.1 202
Accepted events Show response
api.raygun.io/ 2 B
171 B 466ms
102ms XHR
application/json 18.206.130.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.raygun.io/events?apikey=800p6l9010LivuCBjG5R6g%3D%3D
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.206.130.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-206-130-246.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://participant.myameriflex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Dec 2021 21:54:46 GMT
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 202
Accepted events Show response
api.raygun.io/ 2 B
171 B 487ms
115ms XHR
application/json 18.206.130.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.raygun.io/events?apikey=800p6l9010LivuCBjG5R6g%3D%3D
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.206.130.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-206-130-246.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://participant.myameriflex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Dec 2021 21:54:46 GMT
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK content Show response
ws2.hotjar.com/api/v2/sites/1256861/recordings/ 66 B
398 B 434ms
209ms XHR
application/json 34.240.23.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws2.hotjar.com/api/v2/sites/1256861/recordings/content
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.23.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-23-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ce86d72dbc9cb4c204fed9801c2d10400a59983a4c1d557d8ab8e9aadb6c7f49

Request headers

Referer: https://participant.myameriflex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Wed, 15 Dec 2021 21:54:47 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 amazon-connect-chat-interface-client.js Show response
dg9yx063wiiht.cloudfront.net/ 98 KB
30 KB 98ms
20ms Script
application/javascript 2600:9000:2016:4400:1b:1126:8840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dg9yx063wiiht.cloudfront.net/amazon-connect-chat-interface-client.js
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:4400:1b:1126:8840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93a3c605abb6468f589004e823898e5c6c5b5bdbdb9406e7baf1834360ce5c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: Z6SYi.mGNtxOeQbXICaw_jOe1qLZiE88
content-encoding: gzip
etag: W/"cbcc6a98a54949946229b35f27a107f5"
last-modified: Sat, 11 Dec 2021 02:26:22 GMT
server: AmazonS3
age: 59324
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 89cb17d5508c310becf7cc7817d0599d.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 15 Dec 2021 05:26:04 GMT
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: YQkpbrrrF7pcGvUP2wCLoM7dnw8WlMrTL0Ottv3e8qh1MF3S8WhbvQ==

POST
H/1.1 202
Accepted events Show response
api.raygun.io/ 2 B
171 B 105ms
105ms XHR
application/json 18.206.130.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.raygun.io/events?apikey=800p6l9010LivuCBjG5R6g%3D%3D
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.206.130.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-206-130-246.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://participant.myameriflex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Dec 2021 21:54:46 GMT
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H2 200 1180x125.jpg
cdn.fsastore.com/tpa/fsa/PartnerAssets/Ban/OTC/ 8 KB
8 KB 14ms
13ms Image
image/jpeg 151.139.245.16
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fsastore.com/tpa/fsa/PartnerAssets/Ban/OTC/1180x125.jpg
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.245.16 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: beb6f491167c8b47575c89aad57323ab8717e0da5d094cabc62f8a689c9abc57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 21:54:47 GMT
content-md5: 1CcF2TyX8uFPGnLhKXrsTw==
x-cache: HIT
content-length: 7750
x-ms-lease-status: unlocked
last-modified: Thu, 23 Sep 2021 08:04:02 GMT
server: nginx
etag: 0x8D97E68B501CFF9
content-type: image/jpeg
access-control-allow-origin: *, *
x-ms-request-id: a6a591eb-701e-0071-51a4-f13944000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 16 Dec 2021 21:54:46 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/ipixel/S6N6R5JXAJC35DUNEZUZ2E/LCNO3PT6OJCT7NAYJVQ443?name=32060c90
https://d.adroll.com/cm/pubmatic/out?advertisable=S6N6R5JXAJC35DUNEZUZ2E
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTc4YmQzODExMmNkMTE0MGZlMGEzYWFhYWI4M2M2YWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
549 B

55ms
17ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTc4YmQzODExMmNkMTE0MGZlMGEzYWFhYWI4M2M2YWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 19:44:01 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:477
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTc4YmQzODExMmNkMTE0MGZlMGEzYWFhYWI4M2M2YWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Wed, 15 Dec 2021 21:54:47 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 qc.php
host.fsastore.com/ 43 B
173 B 230ms
230ms Image
image/gif 45.77.88.11
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://host.fsastore.com/qc.php?do=imp&aid=581385&zid=103957&t=1639605286&auth=541fa260589beb8332243596f34fc837&oid=22625&wd=-1&ht=-1&ref=&uri=https%3A%2F%2Fparticipant.myameriflex.com%2F%23%2Flogin
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.88.11 London, United Kingdom, ASN20473 (AS-CHOOPA, US),
Reverse DNS: d13.adspeed.us
Software: nginx /
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:47 GMT
cache-control: max-age=315360000
server: nginx
content-type: image/gif
content-length: 43
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 infinite-logo-white.svg
participant.myameriflex.com/images/ 6 MB
6 MB 130ms
129ms Image
image/svg+xml 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://participant.myameriflex.com/images/infinite-logo-white.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 90190604592ae0b7e70d5cf050ef73784a8e94ee5cebf5ca241289cc1fc849e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:47 GMT
last-modified: Tue, 14 Dec 2021 18:50:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0214d831bf1d71:0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5780938

GET
H2 200 infinite-logo-blue.svg
participant.myameriflex.com/images/ 6 MB
6 MB 294ms
293ms Image
image/svg+xml 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://participant.myameriflex.com/images/infinite-logo-blue.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 85c53e187a3762188e52037f4132042e3e8facafda6c8df8b28e03167bf94710

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:47 GMT
last-modified: Tue, 14 Dec 2021 18:50:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0214d831bf1d71:0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5780938

GET
H2 200 announcement Show response
producer-api.ameriflexbenefits.com/ 2 B
39 B 152ms
151ms XHR
application/json 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://producer-api.ameriflexbenefits.com/announcement?clientName=pportal
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/app.3b40c149c193716ce5cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer: https://participant.myameriflex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://participant.myameriflex.com
date: Wed, 15 Dec 2021 21:54:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 2
content-type: application/json; charset=utf-8

GET
H2 200 Background4.jpg
participant.myameriflex.com/images/ 753 KB
753 KB 294ms
294ms Image
image/jpeg 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://participant.myameriflex.com/images/Background4.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 78f91cfc7d9442353eea1fd73f25d3b0a575ddf5072127a1fabc4278fc57878a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://participant.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:47 GMT
last-modified: Tue, 14 Dec 2021 18:50:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0214d831bf1d71:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 770737

GET
H2 200 OpenSans-Regular.woff2
participant.myameriflex.com/font/ 14 KB
14 KB 294ms
294ms Font
application/font-woff2 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://participant.myameriflex.com/font/OpenSans-Regular.woff2
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Request headers

Referer: https://participant.myameriflex.com/fonts.css
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:47 GMT
last-modified: Tue, 14 Dec 2021 18:50:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0214d831bf1d71:0"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 14048

GET
H2 200 OpenSans-Light.woff2
participant.myameriflex.com/font/ 14 KB
14 KB 294ms
294ms Font
application/font-woff2 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://participant.myameriflex.com/font/OpenSans-Light.woff2
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d

Request headers

Referer: https://participant.myameriflex.com/fonts.css
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:47 GMT
last-modified: Tue, 14 Dec 2021 18:50:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0214d831bf1d71:0"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 14564

GET
H2 200 OpenSans-ExtraBold.woff2
participant.myameriflex.com/font/ 14 KB
14 KB 294ms
293ms Font
application/font-woff2 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://participant.myameriflex.com/font/OpenSans-ExtraBold.woff2
Requested by: Host: participant.myameriflex.com
URL: https://participant.myameriflex.com/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.88.104.115 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1851477cb41c27ff7b3955e1257044041a2de0890b025368782263252033dff

Request headers

Referer: https://participant.myameriflex.com/fonts.css
Origin: https://participant.myameriflex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:54:47 GMT
last-modified: Tue, 14 Dec 2021 18:50:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0214d831bf1d71:0"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 14740

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
host.fsastore.com/	1970-01-20 00:09:57	Name: impuniraw Value: 581385-1639691686
.doubleclick.net/	1970-01-20 08:48:21	Name: IDE Value: AHWqTUkjda_iSV9-pSCjIGPHAaWMq_zDle8UeIS1VMBbJxJstXXQ6p-aaWY-C3Mgq9A
d.adroll.com/	1970-01-20 08:55:33	Name: __adroll Value: 578bd38112cd1140fe0a3aaaab83c6ad-g_1639605286-a_1639605286
.adroll.com/	1970-01-20 08:55:33	Name: __adroll_shared Value: 578bd38112cd1140fe0a3aaaab83c6ad-g_1639605286-a_1639605286
.myameriflex.com/	1970-01-20 08:12:21	Name: _hjSessionUser_1256861 Value: eyJpZCI6IjBkN2UyY2JjLThmYzgtNTBiNi05MjcwLTFmYWY1ZTZhMzA2ZCIsImNyZWF0ZWQiOjE2Mzk2MDUyODU3MTEsImV4aXN0aW5nIjpmYWxzZX0=
.myameriflex.com/	1970-01-19 23:26:47	Name: _hjFirstSeen Value: 1
.myameriflex.com/	1970-01-19 23:26:47	Name: _hjSession_1256861 Value: eyJpZCI6IjAzYWQyNzAwLTA4MzctNDJlNC1hMDE2LTQ0ZGE5YzIxZDM0NSIsImNyZWF0ZWQiOjE2Mzk2MDUyODY3OTh9
participant.myameriflex.com/	1970-01-19 23:26:45	Name: _hjIncludedInSessionSample Value: 1
.myameriflex.com/	1970-01-19 23:26:47	Name: _hjAbsoluteSessionInProgress Value: 0
.pubmatic.com/	1970-01-20 09:02:45	Name: KRTBCOOKIE_10 Value: 22808-NTc4YmQzODExMmNkMTE0MGZlMGEzYWFhYWI4M2M2YWQ&KRTB&22883-NTc4YmQzODExMmNkMTE0MGZlMGEzYWFhYWI4M2M2YWQ
.pubmatic.com/	1970-01-20 00:09:57	Name: PugT Value: 1639597441
.pubmatic.com/	1970-01-20 01:36:21	Name: PUBMDCID Value: 3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank&cb=0.5484722232104078&ref=&uri=https%3A//participant.myameriflex.com/%23/login, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://host.fsastore.com/qc.php?do=js&zid=103957&oid=22625&wd=-1&ht=-1&target=_blank&cb=0.5484722232104078&ref=&uri=https%3A//participant.myameriflex.com/%23/login, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.raygun.io
cdn.fsastore.com
cdn.polyfill.io
cm.g.doubleclick.net
d.adroll.com
dg9yx063wiiht.cloudfront.net
host.fsastore.com
in.hotjar.com
p.typekit.net
participant.myameriflex.com
producer-api.ameriflexbenefits.com
script.hotjar.com
simage2.pubmatic.com
static.hotjar.com
use.typekit.net
vars.hotjar.com
ws2.hotjar.com
108.128.4.166
142.250.184.226
146.88.104.115
151.139.245.16
18.206.130.246
185.64.189.110
2600:9000:2016:4400:1b:1126:8840:21
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba0a
2a04:4e42:600::282
34.240.23.145
45.77.88.11
52.222.186.14
52.222.186.78
54.230.205.75
63.32.233.146
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
498fbaaa1dec46ea8e25fdd8ef0ea0f8541c9bfcc9f6e6a7c41d7090202b685f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d
78f91cfc7d9442353eea1fd73f25d3b0a575ddf5072127a1fabc4278fc57878a
81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868
85c53e187a3762188e52037f4132042e3e8facafda6c8df8b28e03167bf94710
85de3416fff19aff55dc409f6b0117f55f1724036a17d5ed4935bd5ea288538e
8a2de23d0a1ae5711886f9fd002e56c02ca094280f33821ccec07c91e6a480cd
90190604592ae0b7e70d5cf050ef73784a8e94ee5cebf5ca241289cc1fc849e6
9191236609651784e259092183314fe28193d10e100e8a736cab8b84fbda8665
93a3c605abb6468f589004e823898e5c6c5b5bdbdb9406e7baf1834360ce5c88
953823347d8f87e8978c4ae174f49f45e9d1c67c1199bb2d4571b7e0d38ae514
9911551bfac483efeaad5d4f502eaf6796e61f1776eaeac37e937104e47ec84f
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
b1070994a5ce59988e75c06e05cabaf0d68ab6125cdc979164c9eb4d99efb648
b1851477cb41c27ff7b3955e1257044041a2de0890b025368782263252033dff
beb6f491167c8b47575c89aad57323ab8717e0da5d094cabc62f8a689c9abc57
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cafd7efa7ed59c732810e406f1cf32730148f18a5268794cddedae252bd1f358
cb39ecf529057e48380aadb4e9aea9228a0a92dc02189874e5942ff9425b1f9c
ce86d72dbc9cb4c204fed9801c2d10400a59983a4c1d557d8ab8e9aadb6c7f49
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
cfadaf3f9466f990d8f188c1f9f97fa83fc95c345aa8ddb00aaf47990708f9e6
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d5dad4403d4ae0560704f4fb671398490d4066db76b8a757f838308e06cf15ec
e352678cf6d79046a1fb15152a37bc39890e8f72ded43cfb94562f4776f872be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f97a3cab0f4e0eef38180b5b68f9ff006018efa6e3515fbb9f1c0b8c7110c0ab

participant.myameriflex.com Open in urlscan Pro 146.88.104.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

41 Requests

95 %HTTPS

25 %IPv6

11 Domains

17 Subdomains

15 IPs

4 Countries

15775 kBTransfer

16010 kBSize

12 Cookies

2 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

participant.myameriflex.com Open in urlscan Pro
146.88.104.115 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

95 %
HTTPS

25 %
IPv6

11
Domains

17
Subdomains

15
IPs

4
Countries

15775 kB
Transfer

16010 kB
Size

12
Cookies

41 HTTP transactions
0 data transactions