urlscan.io logo urlscan.io
SecurityTrails logo

benefits10.gwb-benefits.com Open in urlscan Pro
2606:4700:3030::ac43:de1d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://buac.io/a6IEAJ66103N84
Effective URL: https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84...
Submission: On February 21 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3030::ac43:de1d, located in United States and belongs to CLOUDFLARENET, US. The main domain is benefits10.gwb-benefits.com.
TLS certificate: Issued by GTS CA 1P5 on February 3rd 2023. Valid for: 3 months.
This is the only time benefits10.gwb-benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:e4:... 13335 (CLOUDFLAR...)
3 45.55.126.207 14061 (DIGITALOC...)
8 205.185.216.10 20446 (STACKPATH...)
1 162.246.19.98 19318 (IS-AS-1)
33 12
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
buac.io
6    2606:4700:3030::ac43:de1d (United States)

ASN13335 (CLOUDFLARENET, US)
benefits10.gwb-benefits.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2606:4700:e4::ac40:a626 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-architecto.com
event.trk-architecto.com
3    45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
beacon.gwb-benefits.com
8    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
thanos-assets.nyc3.cdn.digitaloceanspaces.com
support-benefits.nyc3.cdn.digitaloceanspaces.com
1    162.246.19.98 (United States)

ASN19318 (IS-AS-1, US)
PTR: ssdopenvz8.is.cc
travelerguidebuddy.com
Apex Domain
Subdomains		 Transfer
9 gwb-benefits.com
benefits10.gwb-benefits.com
beacon.gwb-benefits.com
493 KB
8 digitaloceanspaces.com
thanos-assets.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 628966
support-benefits.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 697562
563 KB
5 trk-architecto.com
trk-architecto.com — Cisco Umbrella Rank: 55719
event.trk-architecto.com — Cisco Umbrella Rank: 153915
3 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1424
ka-f.fontawesome.com — Cisco Umbrella Rank: 2612
23 KB
1 travelerguidebuddy.com
travelerguidebuddy.com — Cisco Umbrella Rank: 529333
444 B
1 gstatic.com
fonts.gstatic.com
26 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 buac.io
buac.io
536 B
33 10
Domain Requested by
7 thanos-assets.nyc3.cdn.digitaloceanspaces.com
6 benefits10.gwb-benefits.com 2 redirects benefits10.gwb-benefits.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 event.trk-architecto.com trk-architecto.com
3 beacon.gwb-benefits.com benefits10.gwb-benefits.com
3 ka-f.fontawesome.com kit.fontawesome.com
1 travelerguidebuddy.com benefits10.gwb-benefits.com
1 support-benefits.nyc3.cdn.digitaloceanspaces.com
1 trk-architecto.com benefits10.gwb-benefits.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com benefits10.gwb-benefits.com
1 kit.fontawesome.com benefits10.gwb-benefits.com
1 fonts.googleapis.com benefits10.gwb-benefits.com
1 buac.io 1 redirects
33 14

This site contains no links.

Subject Issuer Validity Valid
*.gwb-benefits.com
GTS CA 1P5		 2023-02-03 -
2023-05-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-12 -
2023-08-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
beacon.gwb-benefits.com
R3		 2023-02-08 -
2023-05-09		 3 months crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-05-03		 a year crt.sh
travelerguidebuddy.com
R3		 2023-01-22 -
2023-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
Frame ID: BB9A414113FBE39606FEE137D4A259A4
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buchanan & Associates

Page URL History Show full URLs

  1. https://buac.io/a6IEAJ66103N84 HTTP 302
    https://benefits10.gwb-benefits.com/b/1?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=nul... HTTP 301
    http://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=nu... HTTP 301
    https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=nu... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

33
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

1173 kB
Transfer

2099 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://buac.io/a6IEAJ66103N84 HTTP 302
    https://benefits10.gwb-benefits.com/b/1?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba HTTP 301
    http://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba HTTP 301
    https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
benefits10.gwb-benefits.com/b/1/
Redirect Chain
  • https://buac.io/a6IEAJ66103N84
  • https://benefits10.gwb-benefits.com/b/1?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
  • http://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
  • https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be5b4c282f10a83aa6ebac4664999f6c104af92f04771b9d0dc04d2848d2f47f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d2bae79f479188-FRA
content-encoding
br
content-type
text/html
date
Tue, 21 Feb 2023 21:56:07 GMT
last-modified
Wed, 08 Feb 2023 01:36:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgtxkX9gfxSSIRkHIMGQUNhefsE0%2B0ff7FkH70hA6GnjOpUKd9TKL6h6L667%2FiIxE2jv88tanH1R1rSS7xEPXFixJbe6WBxQ%2BBfMahwe7DLfWnGNWKa2BBelJzCdGyEgfURdZVi7K7pg8wxG2DIcWA%2FwtOy0woaB%2B9I%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
79d2bae76f27bb67-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 21 Feb 2023 21:56:06 GMT
Expires
Tue, 21 Feb 2023 22:56:06 GMT
Location
https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5ur1hLtMFyA72Ukto71J7O99w6UdCL0tM7RXziQnF%2F7ouKHOZH6lt3qLJEhkKSglWcBMKsFYucdLyqutNnGjhCIUL8fCUunooAnbFb5Nfi2TVPEIEhCTKbEdKWW0enBP4ymy40ajx68pv7XZpajlykG3AwRN5PVhhM%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin:400,700,900|Poppins:300,400,700&display=swap
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82d52b38925e36bc5518dd482c88242c8864ef03330254a6a6a6eed4cbd0c32e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Feb 2023 21:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:56:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Feb 2023 21:56:07 GMT
268a7048dd.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/268a7048dd.js
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
79d2bae8bd1935fc-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
Fz-dXXEL9cD8k_D7DqIC
js
www.googletagmanager.com/gtag/ 		110 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92483201-45
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbab55e5cb7789e800d3b639d443696c22d0e3cdc60b40ec691759779695844f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44185
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Feb 2023 21:56:07 GMT
bundle.7224a6e2fca4c9fdfd67.css
benefits10.gwb-benefits.com/b/1/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefits10.gwb-benefits.com/b/1/bundle.7224a6e2fca4c9fdfd67.css?t=1675820173656
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
771f82019af854899a476baf771d03be9779d54003e92bb262cefde41105a7ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 01:36:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63e2fca1-274f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQ3auX9mNqpNOa0Vmgv3qMvLmI%2F%2FgT5bDh%2F0qxlZGRZ1ArOmsgwg1hGW%2FfxqmTZTw24LiXASpkVYfe5aBJO%2BaYUcxBWkiCp1pQ8af8VqojEzBcBQbdS7erJPguuVeQLT1UEjXWUVmibim3RkOpgbzMq9VyffPTWTzQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
79d2bae858669bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 18 Feb 2024 22:13:18 GMT
1.c8d37247.chunk.js
benefits10.gwb-benefits.com/b/1/js/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits10.gwb-benefits.com/b/1/js/1.c8d37247.chunk.js
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d53b5d89ef670cf8cd0f3052f90d785b3dd5c2eba514b71e02bc115ddebcd5f2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 01:36:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63e2fca1-2f50a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FFE%2BPvDHoaYAsBxjiuPkHy5tqVbG1vxdTM57Hx0Ktbv5K2kyvHm5F84i1zRQAT3pKZ8cwR8FXIZJNTWB4HbDzLh8yFMwTVamtjXNuDhDRz%2B1XiZxjRbnHirExPI80%2BI8avJCrMX22Kx6d1jDARvPcuArvs%2BCe691%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
79d2bae858679bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 18 Feb 2024 22:13:18 GMT
app.20694a81.js
benefits10.gwb-benefits.com/b/1/js/ 		140 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits10.gwb-benefits.com/b/1/js/app.20694a81.js
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7312b5654f4fc4cc255d11c4d0859f336962f8117ca74485da4bc8b610231c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/b/1/?filter=frstba&wid=a372a926-911a-49b9-8aa9-53294d086936&affid=7A6Q&s1=null&s2=a6ieaj66103n84&s3=frstba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 01:36:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63e2fca1-22f44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy7IvewxGxB9cXOjorquaAc5CEiVfyz1M23XX7J0frLFjJYOVhK7aPODUINT9S%2FqBHo3vaLDtC7SNMHN0Ie4qUMoJRVfKh8HXJzFrgY2Vkagim1teAgLZJD0RyYKVSeHi8NPxgJOtO9fGAWTnULlu48MRQ8bfPszRLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
79d2bae858689bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 18 Feb 2024 22:13:18 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
via
1.1 4db6285f05eea501ed4657d6127ec5f8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LAX50-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmo%2FPrP1htayJY3TYQIqsf6wnicYKsu72PE98nPx6wSHd8U83%2FWjV%2FfvuCOkjYl%2B8iD%2BdftBgzuJAHVUyZTdHjy%2BdOYEHImgD8E3tAt%2FBJQ1z0gqgtB6p29F%2FiUdpjwWaLnTuriuRVcYxrVCGxKk83DU2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
79d2bae98ea630f3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
t3WcwtHQrVfi4zCXs644xvymeDsvMkhidhLdRWDvwbiaAwoveKW0bw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4rs84tUzysVAu%2F%2FcFbuQ4gKAxLqE2V9ObkgOGI5kpxCye%2FDQ9Hu%2B6mtmqT6%2Fu81lncSZKxexwhdjcxm6wRty7loaYynuFlkM3aleufGKltE1GjBE8jtvn6fj4GIoA%2Be%2BRLqF4QKkHg5SuDI8Qb1kbTGLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
79d2bae98ea930f3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
zFJdNuytYYHbqfbQospF-3JTV9fai55jWtTCFPyHqPfDb8tPnxq_Rg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
via
1.1 6f9c977a59db9a95a2e65aaab6409f3c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LAX50-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOEd4HKEIAHL6R2Np6RCb2BFvW9ezTVLO020Ir0zt%2FmbmYgi%2BtNJ8D7rOa%2BKa5NVTw1otQc3hR4gJvAvx3XWAMdI9SYTU6IXDuw4QVeAj0nMqo5JS%2Bb3jaK%2BuHKCUdQv2BtmexGWK6qNc8F%2F96Q6CBxZ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
79d2bae98eaa30f3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Mtw928OqTK8hiUt3t_uK9604kv-yr4qGjg1SINi9CdGfne2nvU8TsA==
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,700,900|Poppins:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://benefits10.gwb-benefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:34:59 GMT
x-content-type-options
nosniff
age
454868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26100
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:41:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 15:34:59 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92483201-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 21 Feb 2023 20:14:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6077
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 21 Feb 2023 22:14:50 GMT
collect
www.google-analytics.com/j/ 		1 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=171419478&t=pageview&_s=1&dl=https%3A%2F%2Fbenefits10.gwb-benefits.com%2Fb%2F1%2F%3Ffilter%3Dfrstba%26wid%3Da372a926-911a-49b9-8aa9-53294d086936%26affid%3D7A6Q%26s1%3Dnull%26s2%3Da6ieaj66103n84%26s3%3Dfrstba&ul=en-us&de=UTF-8&dt=Buchanan%20%26%20Associates&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1860797219&gjid=1975489314&cid=1425165106.1677016568&tid=UA-92483201-45&_gid=1976426684.1677016568&_r=1&gtm=457e32f0&z=1587910513
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits10.gwb-benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Feb 2023 21:56:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://benefits10.gwb-benefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
l8emw37gkr
trk-architecto.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-architecto.com/scripts/push/script/l8emw37gkr?url=benefits10.gwb-benefits.com
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/js/app.20694a81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e13d58fdacd42561db1e1f7f4a46409f6da86c629e8ae87805692891f8de01
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:08 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 21 Feb 2023 21:56:08 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtBTmWu5cV%2FIrCyCRWtYbRChFVBbmjbX1NDiZ1olJA7s4Q8gg7K4OyRO7ZofGI1XZWvtTS8qLzzavcqaJeBOGFz7dn1aDRY%2BAQPdwMWHLD68tZH%2BA4mjfoSnCnsxxYtJL9bnRxA1XE2m9NrfzS5OLJ4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
79d2baec0b3d8fec-FRA
expires
0
summary
beacon.gwb-benefits.com/geo/ 		118 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.gwb-benefits.com/geo/summary
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/js/1.c8d37247.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2b578472cebc3bcae340c9d96dbb233bcafb3f6680eef62b524a7bfe651a4eae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://benefits10.gwb-benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
45e476a4-64b6-40b9-8dca-63ac55bd2d08
beacon.gwb-benefits.com/c/ 		510 KB
380 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.gwb-benefits.com/c/45e476a4-64b6-40b9-8dca-63ac55bd2d08?filter=frstba
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/js/1.c8d37247.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
969a016a54b29701e409a826089c48d5c647b01254b6cb690e299e77619ff242
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://benefits10.gwb-benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:07 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=171419478&t=event&_s=2&dl=https%3A%2F%2Fbenefits10.gwb-benefits.com%2Fb%2F1%2F%3Ffilter%3Dfrstba%26wid%3Da372a926-911a-49b9-8aa9-53294d086936%26affid%3D7A6Q%26s1%3Dnull%26s2%3Da6ieaj66103n84%26s3%3Dfrstba&ul=en-us&de=UTF-8&dt=Buchanan%20%26%20Associates&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user&ea=push-optin-ignored&el=%2Fb%2F1&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1425165106.1677016568&tid=UA-92483201-45&_gid=1976426684.1677016568&gtm=457e32f0&z=1623129088
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Feb 2023 16:06:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20949
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		380 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59cac1a37612eb643f9cbf618e604e946b9c66c27bad01a31ade8c93e896f303

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
a372a926-911a-49b9-8aa9-53294d086936
beacon.gwb-benefits.com/t/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.gwb-benefits.com/t/a372a926-911a-49b9-8aa9-53294d086936?affid=7A6Q
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/js/1.c8d37247.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2ebf258993516d6add6ad6eaab8d285fe52462b486398752e13ff533a8054c90
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://benefits10.gwb-benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:08 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=171419478&t=event&_s=3&dl=https%3A%2F%2Fbenefits10.gwb-benefits.com%2Fb%2F1%2F%3Ffilter%3Dfrstba%26wid%3Da372a926-911a-49b9-8aa9-53294d086936%26affid%3D7A6Q%26s1%3Dnull%26s2%3Da6ieaj66103n84%26s3%3Dfrstba&dp=%3Faffid%3D7A6Q%26filter%3Dfrstba%26s1%3Dnull%26s2%3Da6ieaj66103n84%26s3%3Dfrstba%26session_id%3D276a0a5c-3b08-44d4-8306-af5c4bd2e10a%26wid%3Da372a926-911a-49b9-8aa9-53294d086936&ul=en-us&de=UTF-8&dt=Buchanan%20%26%20Associates&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blog&ea=blog%20loaded&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1425165106.1677016568&tid=UA-92483201-45&_gid=1976426684.1677016568&gtm=457e32f0&z=1144793498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Feb 2023 16:06:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20949
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
87c82f112d7417237c5f3a018fd13a94Resources4Relief_300x225.jpg
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/3/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/3/87c82f112d7417237c5f3a018fd13a94Resources4Relief_300x225.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a9cdc052efaf128fbc9e4ab55175efeaabe6761507a6d815edaebb60f9175cc2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Fri, 21 Jan 2022 17:17:12 GMT
x-amz-request-id
tx0000000000000401b9d00-0063f53df9-58c8a03d-nyc3c
etag
"153bded1914fd4d8345fcad0bb85bd8d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1677016568.dop135.am5.t,1677016568.cds318.am5.hn,1677016569.cds222.am5.pr
content-type
image/jpeg
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
74323
05bfd898e54c35fcc70c3a0161a9a878Section8Assistance.jpg
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/05bfd898e54c35fcc70c3a0161a9a878Section8Assistance.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
362d6124079b14fd7aaf237e8cc09153e1ff8ff7565c1e4abf428ccaeb96866c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 12 Jan 2022 18:11:26 GMT
x-amz-request-id
tx0000000000000401ba2c3-0063f53df9-58c53c94-nyc3c
etag
"bf61fe2404beab85e452ffa2197998eb"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1677016568.dop135.am5.t,1677016568.cds318.am5.hn,1677016569.cds155.am5.pr
content-type
image/jpeg
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
59078
c6f59e784365f30db6043a035ed1d992InsureMyCarSIGV.jpg
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/c6f59e784365f30db6043a035ed1d992InsureMyCarSIGV.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
73d40a540c6aa1761db1520bb755fe1a124d17fcb01980d6519544cf13452b99
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 21 Apr 2022 15:02:03 GMT
x-amz-request-id
tx0000000000000401ba2cc-0063f53df9-58c53c94-nyc3c
etag
"c579699fc9bbd178170e0c22eb41efca"
x-hw
1677016568.dop135.am5.t,1677016568.cds318.am5.hn,1677016569.cds283.am5.p
content-type
image/jpeg
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
22344
bdefce2809ad28dd07d83a028c224e3cgreach.png
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/bdefce2809ad28dd07d83a028c224e3cgreach.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
6f1d04a789ff68254bd4e762c50fe0ccfe771b26e9aa827cff9b88ba0aeef3ec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Fri, 11 Mar 2022 17:10:04 GMT
x-amz-request-id
tx0000000000000401b63b5-0063f53df9-58c8a088-nyc3c
etag
"fcc9b54ac713faec9ac3393ff12ebbe4"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1677016568.dop135.am5.t,1677016568.cds318.am5.hn,1677016569.cds299.am5.pr
content-type
image/png
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
106157
5cb26fd2e33ce3192cab3a01fb93237ehousingbenefits.jpg
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/3/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/3/5cb26fd2e33ce3192cab3a01fb93237ehousingbenefits.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
74dca00a3a632eb61a99e31c51a253069f010333c0fbef527312592caf8e01cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Fri, 11 Feb 2022 15:28:22 GMT
x-amz-request-id
tx000000000000023217a38-0063f53df9-597d79f8-nyc3c
etag
"e8fc877573bf383218c652b53b8732d8"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1677016568.dop135.am5.t,1677016568.cds318.am5.hn,1677016569.cds155.am5.pr
content-type
image/jpeg
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
64018
6e8a7adcf964c844ab423a0547d207ebxcz5j69rp_1583945846034_charminbanner.jpg
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/6e8a7adcf964c844ab423a0547d207ebxcz5j69rp_1583945846034_charminbanner.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f3e2588ed49634a56a2476e73f1acab7e0d86f2d02398e9e6615fc8e3d88c053
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Mon, 25 Jul 2022 13:56:34 GMT
x-amz-request-id
tx0000000000000401ba2ce-0063f53df9-58c53c94-nyc3c
etag
"3732a664d167a7e296a59d54891197f0"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1677016568.dop135.am5.t,1677016568.cds318.am5.hn,1677016569.cds310.am5.pr
content-type
image/jpeg
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
89682
0e7270f138e9924468f03a0547d21b4aimage_2022_07_25T13_53_16_826Z.png
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/0e7270f138e9924468f03a0547d21b4aimage_2022_07_25T13_53_16_826Z.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
221b3654e6af54b3361fe3abf36ab32e7edd2004d8203423aaebdf8020dc6560
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Mon, 25 Jul 2022 13:56:39 GMT
x-amz-request-id
tx000000000000023217c42-0063f53df9-593a2ef9-nyc3c
etag
"a4ab1b0747c4408925077714dac62bca"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1677016569.dop135.am5.t,1677016569.cds318.am5.hn,1677016569.cds112.am5.pr
content-type
image/png
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
134727
0aftlwwda_1622812017102_%24250GasCard_300x225.jpg
support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/0aftlwwda_1622812017102_%24250GasCard_300x225.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1da9e361c2a90694e44ffd79a98fa25665a25dde7a7aaeb6678c2ce26aa16b96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:56:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Fri, 04 Jun 2021 13:06:57 GMT
x-amz-request-id
tx0000000000000401ba2cd-0063f53df9-58c53c94-nyc3c
etag
"0de364f51727af5709a808f54be57366"
x-hw
1677016568.dop214.am5.t,1677016568.cds142.am5.hn,1677016569.cds250.am5.p
content-type
image/jpeg
cache-control
max-age=604800
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
24566
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=171419478&t=event&_s=4&dl=https%3A%2F%2Fbenefits10.gwb-benefits.com%2Fb%2F1%2F%3Ffilter%3Dfrstba%26wid%3Da372a926-911a-49b9-8aa9-53294d086936%26affid%3D7A6Q%26s1%3Dnull%26s2%3Da6ieaj66103n84%26s3%3Dfrstba&dp=%3Faffid%3D7A6Q%26filter%3Dfrstba%26s1%3Dnull%26s2%3Da6ieaj66103n84%26s3%3Dfrstba%26session_id%3D276a0a5c-3b08-44d4-8306-af5c4bd2e10a%26wid%3Da372a926-911a-49b9-8aa9-53294d086936&ul=en-us&de=UTF-8&dt=Buchanan%20%26%20Associates&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BA%20-%20SMS%20-%20Resources4Relief&ea=view&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1425165106.1677016568&tid=UA-92483201-45&_gid=1976426684.1677016568&gtm=457e32f0&z=1364728476
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://benefits10.gwb-benefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Feb 2023 16:06:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20949
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
frstba
travelerguidebuddy.com/i/0bfc7b1b-12e0-4000-9643-625436c05643/null/a6ieaj66103n84/ 		82 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://travelerguidebuddy.com/i/0bfc7b1b-12e0-4000-9643-625436c05643/null/a6ieaj66103n84/frstba
Requested by
Host: benefits10.gwb-benefits.com
URL: https://benefits10.gwb-benefits.com/b/1/js/1.c8d37247.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.246.19.98 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
ssdopenvz8.is.cc
Software
nginx /
Resource Hash
cfad749fbcec2fadedc6f47289e9679defacfac386125bc88643ed1275518eaa

Request headers

Accept
application/json, text/plain, */*
Referer
https://benefits10.gwb-benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 21 Feb 2023 21:56:09 GMT
Server
nginx
access-control-max-age
1800
access-control-allow-methods
GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
access-control-allow-origin
https://benefits10.gwb-benefits.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
82
Expires
Tue, 21 Feb 2023 21:56:09 GMT
4og3pqw6d3
event.trk-architecto.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-architecto.com/register/event_log/4og3pqw6d3
Requested by
Host: trk-architecto.com
URL: https://trk-architecto.com/scripts/push/script/l8emw37gkr?url=benefits10.gwb-benefits.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://benefits10.gwb-benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Tue, 21 Feb 2023 21:56:09 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcBjizl9wHUXgXaBkvSbGAtFOdjp5M4UdAIDEJL4l5jCuOExhy102zL%2F%2BdYCUbB1uu%2BHYhJiPYIzieUOq9mbCUAiE6%2FDuDlLgOyV7Yz6J0se586fi7PrTNex80PcoVgISHlttPaDTgL4irbbWHEqE3VhavLHHDk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://benefits10.gwb-benefits.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
79d2baf7db515c62-FRA
x-pushplatformapp-params
4og3pqw6d3
event.trk-architecto.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-architecto.com/register/event_log/4og3pqw6d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://benefits10.gwb-benefits.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://benefits10.gwb-benefits.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d2baf54f455c62-FRA
content-length
0
date
Tue, 21 Feb 2023 21:56:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wD6RlVlThzmVaiq32lp4t2ksam2YbvliCpqn4fJBbLHt%2F3Zriq6NMYm%2FLnyqMPAsx5Wb4nIszv5XjORVBXGgMYOsvgoXa7LKBMLXqlhBVWHpxys8yhOpRJKqAgNv%2BYQwmbIT0WxNqQCbGPk3%2BhQKNiLeaDP1iJY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
4og3pqw6d3
event.trk-architecto.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-architecto.com/register/event_log/4og3pqw6d3
Requested by
Host: trk-architecto.com
URL: https://trk-architecto.com/scripts/push/script/l8emw37gkr?url=benefits10.gwb-benefits.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://benefits10.gwb-benefits.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Tue, 21 Feb 2023 21:56:09 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2Bt%2B8AqU9oyqok4t4stexuVqdhJiZvQ%2B3qq6yIpXyjYG1zDIzqcYOChWur7qTaomGVPPXnnyoNSKUGe3pcu8pkccFQs8Bm0LseaA1AInH62SPQ8Ko0UNJIGqeOsBn%2BYgQ0BEQKQ%2FPAo0iNpFbtoI6Se3EuKUf%2FY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://benefits10.gwb-benefits.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
79d2baf7db4f5c62-FRA
x-pushplatformapp-params
4og3pqw6d3
event.trk-architecto.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-architecto.com/register/event_log/4og3pqw6d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://benefits10.gwb-benefits.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://benefits10.gwb-benefits.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d2baf54f485c62-FRA
content-length
0
date
Tue, 21 Feb 2023 21:56:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL7FPbeLvIBSsg4T2hPqylISqZuHQPohEIsWuuOio01MaVi66Foa7y%2BBriRJ4llcJrWh6XZWNA1jEIHkprgT4aOSKAj8TB3D%2FUWpWoxF6uVpxANXWyPBiYZeif%2BEIhi8WmlCeKlncd6IvTjhnt7hntzjdBKxaQ8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| FontAwesomeKitConfig object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| regeneratorRuntime function| _ function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

3 Cookies

Domain/Path Name / Value
.gwb-benefits.com/ Name: _ga
Value: GA1.2.1425165106.1677016568
.gwb-benefits.com/ Name: _gid
Value: GA1.2.1976426684.1677016568
.gwb-benefits.com/ Name: _gat_gtag_UA_92483201_45
Value: 1

1 Console Messages

Source Level URL
Text
other error URL: https://benefits10.gwb-benefits.com/b/1/?affid=7A6Q&filter=frstba&s1=null&s2=a6ieaj66103n84&s3=frstba&session_id=276a0a5c-3b08-44d4-8306-af5c4bd2e10a&wid=a372a926-911a-49b9-8aa9-53294d086936
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.gwb-benefits.com
benefits10.gwb-benefits.com
buac.io
event.trk-architecto.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
support-benefits.nyc3.cdn.digitaloceanspaces.com
thanos-assets.nyc3.cdn.digitaloceanspaces.com
travelerguidebuddy.com
trk-architecto.com
www.google-analytics.com
www.googletagmanager.com
162.246.19.98
205.185.216.10
2606:4700:3030::ac43:de1d
2606:4700::6812:1734
2606:4700:e4::ac40:a626
2606:4700:e4::ac40:a916
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:82f::200e
2a00:1450:400d:803::2008
2a06:98c1:3121::3
45.55.126.207
1da9e361c2a90694e44ffd79a98fa25665a25dde7a7aaeb6678c2ce26aa16b96
221b3654e6af54b3361fe3abf36ab32e7edd2004d8203423aaebdf8020dc6560
2b578472cebc3bcae340c9d96dbb233bcafb3f6680eef62b524a7bfe651a4eae
2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366
2ebf258993516d6add6ad6eaab8d285fe52462b486398752e13ff533a8054c90
362d6124079b14fd7aaf237e8cc09153e1ff8ff7565c1e4abf428ccaeb96866c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59cac1a37612eb643f9cbf618e604e946b9c66c27bad01a31ade8c93e896f303
64e13d58fdacd42561db1e1f7f4a46409f6da86c629e8ae87805692891f8de01
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6f1d04a789ff68254bd4e762c50fe0ccfe771b26e9aa827cff9b88ba0aeef3ec
73d40a540c6aa1761db1520bb755fe1a124d17fcb01980d6519544cf13452b99
74dca00a3a632eb61a99e31c51a253069f010333c0fbef527312592caf8e01cf
771f82019af854899a476baf771d03be9779d54003e92bb262cefde41105a7ce
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
82d52b38925e36bc5518dd482c88242c8864ef03330254a6a6a6eed4cbd0c32e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
969a016a54b29701e409a826089c48d5c647b01254b6cb690e299e77619ff242
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
a9cdc052efaf128fbc9e4ab55175efeaabe6761507a6d815edaebb60f9175cc2
be5b4c282f10a83aa6ebac4664999f6c104af92f04771b9d0dc04d2848d2f47f
cfad749fbcec2fadedc6f47289e9679defacfac386125bc88643ed1275518eaa
d53b5d89ef670cf8cd0f3052f90d785b3dd5c2eba514b71e02bc115ddebcd5f2
dbab55e5cb7789e800d3b639d443696c22d0e3cdc60b40ec691759779695844f
e7312b5654f4fc4cc255d11c4d0859f336962f8117ca74485da4bc8b610231c3
f3e2588ed49634a56a2476e73f1acab7e0d86f2d02398e9e6615fc8e3d88c053
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda