cgi.benefitsatwork.eu Open in urlscan Pro
81.17.209.133  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response cgi.benefitsatwork.eu/	38 KB 12 KB	1406ms 378ms	Document text/html	81.17.209.133 MPEXNET
General Check archive.org Show headers Download Go to Full URL https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.17.209.133 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software / Resource Hash 13996ba14835d4d9a334354f2c356785299d986251c656c69d78af8f971d8c3d Security Headers Name Value Content-Security-Policy default-src * data: blob:; style-src 'self' 'unsafe-inline' *.here.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/8.1.0/lazyload.min.js *.here.com *.wt-safetag.com *.wbtrk.net *.newrelic.com *.nr-data.net text.mitarbeiterangebote.de *.benefitsatwork.eu data: blob:; img-src * 'self' data: http: https: blob:; frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 11842 content-security-policy default-src * data: blob:; style-src 'self' 'unsafe-inline' *.here.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/8.1.0/lazyload.min.js *.here.com *.wt-safetag.com *.wbtrk.net *.newrelic.com *.nr-data.net text.mitarbeiterangebote.de *.benefitsatwork.eu data: blob:; img-src * 'self' data: http: https: blob:; frame-ancestors 'self'; content-type text/html; charset=UTF-8 date Wed, 07 Jun 2023 11:40:17 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1
GET H2	200	16743.css cgi.benefitsatwork.eu/css/	543 KB 98 KB	221ms 219ms	Stylesheet text/css	81.17.209.133 MPEXNET
General Check archive.org Show headers Download Go to Full URL https://cgi.benefitsatwork.eu/css/16743.css?v=93fa260991abbe6c6c6fdb19684319b4ab19721c Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.17.209.133 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software / Resource Hash f5a1217c2d6744f3526f7897ebbf295e8d5df7c6d188ff002b74d72f48065e5c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 11:40:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 05 Jun 2023 13:55:24 GMT vary Accept-Encoding content-type text/css cache-control max-age=1209600 accept-ranges bytes x-xss-protection 1 expires Wed, 21 Jun 2023 11:40:18 GMT
GET H2	200	mapsjs-ui.css js.api.here.com/v3/3.1/	16 KB 4 KB	110ms 19ms	Stylesheet text/css	2600:9000:21ec:4a00:18:c421:2880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.api.here.com/v3/3.1/mapsjs-ui.css Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4a00:18:c421:2880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8afc0ad067657bc40d22e341d1cad841dab43c0902fb7257c6a1ca91bbd02180 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 05:09:42 GMT content-encoding gzip via 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront) last-modified Tue, 30 May 2023 08:57:32 GMT server AmazonS3 x-amz-cf-pop JFK51-C1 age 23437 x-amz-server-side-encryption AES256 etag W/"af163f1140ee06b05bcc6ef2255420da" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control no-cache x-amz-cf-id C-yOyour7QXL_7UAe2abPCnpmX5hUEsEstr3wCmnv-oaO34LyVdB4g==
GET H2	200	wt.ti-production.js Show response cgi.benefitsatwork.eu/js/webtrekk/	24 KB 7 KB	111ms 110ms	Script application/javascript	81.17.209.133 MPEXNET
General Check archive.org Show headers Download Go to Full URL https://cgi.benefitsatwork.eu/js/webtrekk/wt.ti-production.js?v=93fa260991abbe6c6c6fdb19684319b4ab19721c Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.17.209.133 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software / Resource Hash 06c46b1cb2a50ebe1804211ca329f1f868b272748f593bb42a94b5bda05148d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 11:40:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 05 Jun 2023 13:51:46 GMT vary Accept-Encoding content-type application/javascript cache-control max-age=1209600 accept-ranges bytes content-length 7248 x-xss-protection 1 expires Wed, 21 Jun 2023 11:40:18 GMT
GET H2	200	smart-pixel.min.js Show response cgi.benefitsatwork.eu/js/	96 KB 33 KB	113ms 112ms	Script application/javascript	81.17.209.133 MPEXNET
General Check archive.org Show headers Download Go to Full URL https://cgi.benefitsatwork.eu/js/smart-pixel.min.js?v=93fa260991abbe6c6c6fdb19684319b4ab19721c Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.17.209.133 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software / Resource Hash ee81b66ec565b040bf481df8fa784e81b6c50882c05d442a467ddbe9dd094506 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 11:40:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 05 Jun 2023 13:51:46 GMT vary Accept-Encoding content-type application/javascript cache-control max-age=1209600 accept-ranges bytes content-length 33537 x-xss-protection 1 expires Wed, 21 Jun 2023 11:40:18 GMT
GET H2	200	mapsjs-core.js Show response js.api.here.com/v3/3.1/	897 KB 277 KB	112ms 22ms	Script application/javascript	2600:9000:21ec:4a00:18:c421:2880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.api.here.com/v3/3.1/mapsjs-core.js Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4a00:18:c421:2880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e855dad498ae902d4cf23e0a5c3a7aa29156b823eec4480cfe0f16d8b6704d47 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 05:10:21 GMT content-encoding gzip via 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront) last-modified Tue, 30 May 2023 08:57:31 GMT server AmazonS3 x-amz-cf-pop JFK51-C1 age 23398 x-amz-server-side-encryption AES256 etag W/"09adb174019966b81a3ddd58cd768cbb" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control no-cache x-amz-cf-id w8t4FZ2tu91rJjSvWa_RzbzrSJbPjIv5lAeEXDBl2XpAcKjlXj_3iQ==
GET H2	200	mapsjs-service.js Show response js.api.here.com/v3/3.1/	90 KB 29 KB	168ms 77ms	Script application/javascript	2600:9000:21ec:4a00:18:c421:2880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.api.here.com/v3/3.1/mapsjs-service.js Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4a00:18:c421:2880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e091eff32469860482f048a3367390ba2a2d02419abbf936a63972287888ac5d Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 05:08:11 GMT content-encoding gzip via 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront) last-modified Tue, 30 May 2023 08:57:31 GMT server AmazonS3 x-amz-cf-pop JFK51-C1 age 23528 x-amz-server-side-encryption AES256 etag W/"17ffa4c5445e4d531384b2367b78ac92" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control no-cache x-amz-cf-id VB-dRJAOp7VT7kRiLBmjZCckKkXgQtQiAuKp0YaU_dWxhNf2_AdhJA==
GET H2	200	mapsjs-mapevents.js Show response js.api.here.com/v3/3.1/	17 KB 6 KB	170ms 79ms	Script application/javascript	2600:9000:21ec:4a00:18:c421:2880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.api.here.com/v3/3.1/mapsjs-mapevents.js Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4a00:18:c421:2880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 43a90adf0a8f510372a09f4ab8d81d10075ef7a9d4f859509728077a35a5f28e Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 05:06:20 GMT content-encoding gzip via 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront) last-modified Tue, 30 May 2023 08:57:31 GMT server AmazonS3 x-amz-cf-pop JFK51-C1 age 23639 x-amz-server-side-encryption AES256 etag W/"f58d94f7480c603a41baf0a184cab3ff" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control no-cache x-amz-cf-id f3Fsn6NpYHhmzqlBjvHUuLaM2K749qwh6bRD3Nd18DqnMdu8bMX2rw==
GET H2	200	mapsjs-ui.js Show response js.api.here.com/v3/3.1/	74 KB 22 KB	171ms 81ms	Script application/javascript	2600:9000:21ec:4a00:18:c421:2880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.api.here.com/v3/3.1/mapsjs-ui.js Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4a00:18:c421:2880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9f34017c982747a144a916f1bd4f3fc4bacfe28dd516da491982bc2aad80bca4 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 05:09:56 GMT content-encoding gzip via 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront) last-modified Tue, 30 May 2023 08:57:32 GMT server AmazonS3 x-amz-cf-pop JFK51-C1 age 23423 x-amz-server-side-encryption AES256 etag W/"a9363fcdbbe66f750aea50faace30ba7" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control no-cache x-amz-cf-id omzPCN1AliQrKU_tzc4c5x0U5zl4Ppme6zZqRakOgBWbID3BmkjVsQ==
GET H2	200	mapsjs-clustering.js Show response js.api.here.com/v3/3.1/	13 KB 5 KB	172ms 81ms	Script application/javascript	2600:9000:21ec:4a00:18:c421:2880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.api.here.com/v3/3.1/mapsjs-clustering.js Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4a00:18:c421:2880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 41984905b367f129d8c177c47c7bc7412275f3fbf025e1da166e2f8c74e1286e Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 06 Jun 2023 21:46:20 GMT content-encoding gzip via 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront) last-modified Tue, 30 May 2023 08:57:31 GMT server AmazonS3 x-amz-cf-pop JFK51-C1 age 50039 etag W/"99d0cf6fa1d2ae08ffd3742983ef901c" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control no-cache x-amz-cf-id 70Lv-PLBBObapzDx2ddv6XE1YaBRe1RDrYwndxe-5P8dwaONGFjhDQ==
GET H/1.1	200 OK	600x100_l.jpg img1.mitarbeiterangebote.de/271199/d/	7 KB 7 KB	557ms 131ms	Image image/jpeg	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/271199/d/600x100_l.jpg Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 0b2c2284be552e59ac16d5e4c5926f144a182e5ca23bffa08a355c4998539f7a Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "1c31-5ed7d3e27a9ee" X-forwarded-for cbv-f02 Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 7217 Expires Wed, 14 Jun 2023 11:36:25 GMT
GET H/1.1	200 OK	1000x84.jpg img1.mitarbeiterangebote.de/271197/d/	7 KB 7 KB	554ms 128ms	Image image/jpeg	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/271197/d/1000x84.jpg Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash cc611c6547df87b8ee7fe6796feff91d0b9abe42b46550237e7558db4d7788e1 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "1b7b-5e413a6c09963" X-forwarded-for cbv-f01 Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 7035 Expires Wed, 14 Jun 2023 11:36:25 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/201649/d/	6 KB 6 KB	555ms 129ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/201649/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 1c05b4867f8755c9cb9747dfe052d3e071675b9bcac2d41179b2e453d9bd3a8d Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "177c-5c6f9b9a9b001" X-forwarded-for cbv-f02 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 6012 Expires Wed, 14 Jun 2023 11:08:20 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/373477/d/	7 KB 7 KB	558ms 132ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/373477/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 9c0a8fc125464035bf04b7fa0c232254e22767d03e26e54f9487775a7c507c95 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "1c4e-5ee35a717d5de" X-forwarded-for cbv-f02 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7246 Expires Wed, 14 Jun 2023 11:05:09 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/224064/d/	5 KB 5 KB	554ms 127ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/224064/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 74f1a09d3fa97894fd1882dec0e11a2e0021e096d51b9bbbc0f89ab75c9c2596 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "12ec-5c6f9e3d767e7" X-forwarded-for cbv-f02 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4844 Expires Wed, 14 Jun 2023 09:59:19 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/242610/d/	3 KB 3 KB	554ms 124ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/242610/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 5694eb1d384994e796258b852b670da38d2722296a05d93bffac6048bbe99041 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "c0f-5c6f9ca4ea8ce" X-forwarded-for cbv-f02 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3087 Expires Wed, 14 Jun 2023 11:16:40 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/224078/d/	4 KB 4 KB	383ms 113ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/224078/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 3a8ff720d7e723d38d309ee5e3e05db6186f6791472ee1d3eb0b781156a0d21e Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "f49-5c6f9eb211836" X-forwarded-for cbv-f02 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3913 Expires Wed, 14 Jun 2023 11:25:26 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/381250/d/	6 KB 6 KB	384ms 117ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/381250/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 49e738da5bd7ba4970865bd4e8b2605d4c82f3431d33cfda53f4f7425fd6c033 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "1803-5f1fe1bd8e2fc" X-forwarded-for cbv-f02 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 6147 Expires Wed, 14 Jun 2023 11:11:48 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/201643/d/	2 KB 2 KB	387ms 115ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/201643/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 937de2fe1c109659acb2bd1b7477968a7d1e5dad06dc17b5e7205261460edbcf Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "60a-5c6f9c3efa396" X-forwarded-for cbv-f02 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1546 Expires Wed, 14 Jun 2023 11:19:44 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/201591/d/	7 KB 7 KB	390ms 120ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/201591/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 21190d2cfb71d4f290d16a6f750798c1000a1fb8704884bfbf381306767f898d Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "1c12-5c6f9ca4cf34c" X-forwarded-for cbv-f01 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7186 Expires Wed, 14 Jun 2023 10:52:17 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/201600/d/	3 KB 3 KB	386ms 114ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/201600/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash 8948390b2239fd2c64063fd0df1af236baa2429437f21319838910f0ca994f5b Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "ce2-5c6fcee2eb213" X-forwarded-for cbv-f01 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3298 Expires Wed, 14 Jun 2023 11:06:40 GMT
GET H/1.1	200 OK	150.png img1.mitarbeiterangebote.de/201592/d/	5 KB 6 KB	385ms 118ms	Image image/png	81.17.209.52 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://img1.mitarbeiterangebote.de/201592/d/150.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.209.52 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software nginx / Resource Hash b975853c9a8ed237b723ed441f58c32670009853691af0c6569b9b11fbbe1ae3 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Wed, 07 Jun 2023 11:40:18 GMT Server nginx ETag "14ff-5c6fa03f44a12" X-forwarded-for cbv-f01 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 5375 Expires Wed, 14 Jun 2023 10:47:39 GMT
GET H2	200	app.js Show response cgi.benefitsatwork.eu/js/	615 KB 173 KB	118ms 118ms	Script application/javascript	81.17.209.133 MPEXNET
General Check archive.org Show headers Download Go to Full URL https://cgi.benefitsatwork.eu/js/app.js?v=93fa260991abbe6c6c6fdb19684319b4ab19721c Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.17.209.133 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software / Resource Hash 70ada713a0fdca222ad28ae0e48259753cbbe0dc475a9efcdd0c883e4989cb26 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 11:40:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 05 Jun 2023 13:51:46 GMT vary Accept-Encoding content-type application/javascript cache-control max-age=1209600 accept-ranges bytes x-xss-protection 1 expires Wed, 21 Jun 2023 11:40:18 GMT
GET H2	200	wt.js Show response cgi.benefitsatwork.eu/js/webtrekk/	71 KB 22 KB	119ms 119ms	Script application/javascript	81.17.209.133 MPEXNET
General Check archive.org Show headers Download Go to Full URL https://cgi.benefitsatwork.eu/js/webtrekk/wt.js?v=93fa260991abbe6c6c6fdb19684319b4ab19721c Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.17.209.133 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software / Resource Hash 79cdabaf14a3beb2cccc0348b258eeaa2f244463ff40344686edfce4732ebafc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 11:40:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 05 Jun 2023 13:51:46 GMT vary Accept-Encoding content-type application/javascript cache-control max-age=1209600 accept-ranges bytes content-length 21743 x-xss-protection 1 expires Wed, 21 Jun 2023 11:40:18 GMT
GET DATA	200 OK	truncated /	469 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 677c35890918f7aad214981aa34f5410a9c887d8de23f79f5dc22b7967e75d08 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	login-shadow-8e0f47.png cgi.benefitsatwork.eu/css/img/	3 KB 4 KB	108ms 108ms	Image image/png	81.17.209.133 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://cgi.benefitsatwork.eu/css/img/login-shadow-8e0f47.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/css/16743.css?v=93fa260991abbe6c6c6fdb19684319b4ab19721c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.17.209.133 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software / Resource Hash d1e5210ae1bfaca4990fcc501669e4081376531825704b5c079c21423a60386a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/css/16743.css?v=93fa260991abbe6c6c6fdb19684319b4ab19721c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 11:40:18 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Mon, 05 Jun 2023 13:51:46 GMT etag "d72-5fd6234158080" content-type image/png cache-control max-age=30 accept-ranges bytes content-length 3442 x-xss-protection 1 expires Wed, 07 Jun 2023 11:40:48 GMT
GET H2	200	login-shadow-headline-6b3e31.png cgi.benefitsatwork.eu/css/img/	283 B 549 B	108ms 108ms	Image image/png	81.17.209.133 MPEXNET
General Check archive.org Show headers Download Go to Show image Full URL https://cgi.benefitsatwork.eu/css/img/login-shadow-headline-6b3e31.png Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/css/16743.css?v=93fa260991abbe6c6c6fdb19684319b4ab19721c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.17.209.133 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS Software / Resource Hash 6d7f67cde19f115b5f9396ef3b823d8f021fb8dba31065bc3526fcf53e0e68fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/css/16743.css?v=93fa260991abbe6c6c6fdb19684319b4ab19721c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 11:40:18 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Mon, 05 Jun 2023 13:51:46 GMT etag "11b-5fd6234158080" content-type image/png cache-control max-age=30 accept-ranges bytes content-length 283 x-xss-protection 1 expires Wed, 07 Jun 2023 11:40:48 GMT
GET H2	200	wt text.mitarbeiterangebote.de/784374637906192/	43 B 149 B	695ms 118ms	Image image/gif	185.54.150.152 WEBTREKK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://text.mitarbeiterangebote.de/784374637906192/wt?p=455,Login,1,1600x1200,24,1,1686138018508,0,1600x1200,0&nc=1&la=en&cg1=Login&cs7=nein&cs9=Unternehmen&cs10=cgi&np=&pu=https%3A%2F%2Fcgi.benefitsatwork.eu%2Flogin%3Fwt_mc%3Dnews.2023.6.Menue.None Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.54.150.152 , Germany, ASN60164 (WEBTREKK-AS, DE), Reverse DNS Software e4da3b7f / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Wed, 07 Jun 2023 11:40:18 GMT last-modified Wed, 07 Jun 2023 11:40:19 GMT server e4da3b7f p3p policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT" content-type image/gif;charset=UTF-8 cache-control no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0 x-robots-tag noindex, nofollow, noarchive content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	wt text.mitarbeiterangebote.de/265166193307149/	43 B 366 B	622ms 117ms	Image image/gif	185.54.150.152 WEBTREKK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://text.mitarbeiterangebote.de/265166193307149/wt?p=633,web.usersites.login,1,1600x1200,24,1,1686138018580,0,1600x1200,0&nc=1&cp2=nl&cp3=cgi&cp7=be&cp8=eu&cp9=benefitsatwork&cp10=16743&cp11=%2Flogin%3Fwt_mc%3Dnews.2023.6.Menue.None&cp14=web.usersites.login%7C%7Chttps%3A%2F%2Fcgi.benefitsatwork.eu%2Flogin%3Fwt_mc%3Dnews.2023.6.Menue.None%7C2023-6-7_11%3A40%3A18&cg1=web&cg2=usersites&cg5=login&uc713=1&uc3=cgi&cs4=no&cs6=no&cs7=no&cs9=company&cs10=cgi&pu=https%3A%2F%2Fcgi.benefitsatwork.eu%2Flogin%3Fwt_mc%3Dnews.2023.6.Menue.None&la=en Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.54.150.152 , Germany, ASN60164 (WEBTREKK-AS, DE), Reverse DNS Software e4da3b7f / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Wed, 07 Jun 2023 11:40:18 GMT last-modified Wed, 07 Jun 2023 11:40:19 GMT server e4da3b7f p3p policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT" content-type image/gif;charset=UTF-8 cache-control no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0 x-robots-tag noindex, nofollow, noarchive content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	nr-1169.min.js Show response js-agent.newrelic.com/	27 KB 10 KB	199ms 22ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1169.min.js Requested by Host: cgi.benefitsatwork.eu URL: https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 varnish date Wed, 07 Jun 2023 11:40:19 GMT strict-transport-security max-age=300 x-amz-request-id 32GW0B0WVERPV4AG x-cache HIT cross-origin-resource-policy cross-origin content-length 10276 x-amz-id-2 Mf42SxUEBaf29QWLdPm8DMszjRU7jcmRbEiq03uJ5QvwfM7QnYlKxltXhBY4oCAbY412wzhs/d4= x-served-by cache-yul12831-YUL last-modified Wed, 20 May 2020 21:16:15 GMT server AmazonS3 x-timer S1686138019.400804,VS0,VE1 etag "7e312620a90879b595db1bff9c42ed57" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1
GET H/1.1	200 OK	NRJS-c3bb8e1c19f29c2bbab Show response bam.eu01.nr-data.net/1/	56 B 545 B	302ms 222ms	Script text/javascript	185.221.87.23 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.eu01.nr-data.net/1/NRJS-c3bb8e1c19f29c2bbab?a=43541192&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=2965&ck=1&ref=https://cgi.benefitsatwork.eu/login&be=1532&fe=2758&dc=2064&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1686138016449,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:812,%22c%22:812,%22s%22:919,%22ce%22:1029,%22rq%22:1029,%22rp%22:1407,%22rpe%22:1513,%22dl%22:1411,%22di%22:2064,%22ds%22:2064,%22de%22:2065,%22dc%22:2758,%22l%22:2758,%22le%22:2761%7D,%22navigation%22:%7B%7D%7D&fp=1924&fcp=1968&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1169.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.87.23 , Ireland, ASN54113 (FASTLY, US), Reverse DNS Software istio-envoy / Resource Hash f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d Request headers accept-language en-CA,en;q=0.9 Referer https://cgi.benefitsatwork.eu/login?wt_mc=news.2023.6.Menue.None User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 11:40:19 GMT server istio-envoy access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/javascript access-control-allow-origin * access-control-allow-credentials true x-envoy-upstream-service-time 3 cross-origin-resource-policy cross-origin Connection keep-alive Content-Length 56 x-served-by cache-yul12825-YUL

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| NREUM object| newrelic function| __nr_require object| webtrekkDataLayer object| wts object| wt_safetag object| wtSmart object| H string| cbg3ServiceUrl number| cbg3CategoryId string| cbg3PlatformName number| cbg3PlatformId string| cbg3BasePath object| cbg3Storage boolean| cbg3IsMapActive string| cbg3PlatformLanguage string| cbg3CimsUrl boolean| disclaimerConfirmed boolean| cbg3UserPositionStoringDisabled boolean| cbg4Enabled number| cbg3NoUserLocation boolean| cbg3isApp boolean| cbg3isAppIOS boolean| cbg3isAppAndroid object| appDeviceId string| cbg3AppIOSVersion string| cbg3AppAndroidVersion boolean| pushNotificationEnter string| loginNowLabel object| cookieStorage function| Swiper function| _getWebtrekkEIDs object| cbg3 object| app object| _wtConfig function| wt_teaserTracking undefined| wt_safetagConfig object| _wtUnloadObjects object| _wtLinktrackObjects function| _WtV3 function| _wtV3 object| pageConfig object| _wt object| wtstp_ttv2

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cgi.benefitsatwork.eu/	1970-01-20 12:22:46	Name: CBG3FE Value: 1oh7ah2uq89rofek00ureh3b5p
			.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6dc34217dc29a6cc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob:; style-src 'self' 'unsafe-inline' *.here.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/8.1.0/lazyload.min.js *.here.com *.wt-safetag.com *.wbtrk.net *.newrelic.com *.nr-data.net text.mitarbeiterangebote.de *.benefitsatwork.eu data: blob:; img-src * 'self' data: http: https: blob:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.eu01.nr-data.net
cgi.benefitsatwork.eu
img1.mitarbeiterangebote.de
js-agent.newrelic.com
js.api.here.com
text.mitarbeiterangebote.de
151.101.2.137
185.221.87.23
185.54.150.152
2600:9000:21ec:4a00:18:c421:2880:93a1
81.17.209.133
81.17.209.52
06c46b1cb2a50ebe1804211ca329f1f868b272748f593bb42a94b5bda05148d2
0b2c2284be552e59ac16d5e4c5926f144a182e5ca23bffa08a355c4998539f7a
13996ba14835d4d9a334354f2c356785299d986251c656c69d78af8f971d8c3d
1c05b4867f8755c9cb9747dfe052d3e071675b9bcac2d41179b2e453d9bd3a8d
21190d2cfb71d4f290d16a6f750798c1000a1fb8704884bfbf381306767f898d
3a8ff720d7e723d38d309ee5e3e05db6186f6791472ee1d3eb0b781156a0d21e
41984905b367f129d8c177c47c7bc7412275f3fbf025e1da166e2f8c74e1286e
43a90adf0a8f510372a09f4ab8d81d10075ef7a9d4f859509728077a35a5f28e
49e738da5bd7ba4970865bd4e8b2605d4c82f3431d33cfda53f4f7425fd6c033
5694eb1d384994e796258b852b670da38d2722296a05d93bffac6048bbe99041
677c35890918f7aad214981aa34f5410a9c887d8de23f79f5dc22b7967e75d08
6d7f67cde19f115b5f9396ef3b823d8f021fb8dba31065bc3526fcf53e0e68fa
70ada713a0fdca222ad28ae0e48259753cbbe0dc475a9efcdd0c883e4989cb26
74f1a09d3fa97894fd1882dec0e11a2e0021e096d51b9bbbc0f89ab75c9c2596
79cdabaf14a3beb2cccc0348b258eeaa2f244463ff40344686edfce4732ebafc
8948390b2239fd2c64063fd0df1af236baa2429437f21319838910f0ca994f5b
8afc0ad067657bc40d22e341d1cad841dab43c0902fb7257c6a1ca91bbd02180
937de2fe1c109659acb2bd1b7477968a7d1e5dad06dc17b5e7205261460edbcf
9c0a8fc125464035bf04b7fa0c232254e22767d03e26e54f9487775a7c507c95
9f34017c982747a144a916f1bd4f3fc4bacfe28dd516da491982bc2aad80bca4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b975853c9a8ed237b723ed441f58c32670009853691af0c6569b9b11fbbe1ae3
cc611c6547df87b8ee7fe6796feff91d0b9abe42b46550237e7558db4d7788e1
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8
d1e5210ae1bfaca4990fcc501669e4081376531825704b5c079c21423a60386a
e091eff32469860482f048a3367390ba2a2d02419abbf936a63972287888ac5d
e855dad498ae902d4cf23e0a5c3a7aa29156b823eec4480cfe0f16d8b6704d47
ee81b66ec565b040bf481df8fa784e81b6c50882c05d442a467ddbe9dd094506
f5a1217c2d6744f3526f7897ebbf295e8d5df7c6d188ff002b74d72f48065e5c
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d