urlscan.io logo urlscan.io
SecurityTrails logo

www.benefitsapplication.com Open in urlscan Pro
35.165.45.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.benefitsapplication.com/
Submission: On January 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 13 domains to perform 96 HTTP transactions. The main IP is 35.165.45.62, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.benefitsapplication.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 2nd 2023. Valid for: a year.
This is the only time www.benefitsapplication.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    35.165.45.62 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-45-62.us-west-2.compute.amazonaws.com
www.benefitsapplication.com
5    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:400c:c0d::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
10    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
influx.consumerco.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
19    2606:4700:3036::6815:190f (United States)

ASN13335 (CLOUDFLARENET, US)
mnstr2.benefitsapplication.com
mnstr1.benefitsapplication.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:e2::ac40:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
fonts.cdnfonts.com
13    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
36 benefitsapplication.com
www.benefitsapplication.com
mnstr2.benefitsapplication.com
mnstr1.benefitsapplication.com
991 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
375 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
98 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
ajax.googleapis.com — Cisco Umbrella Rank: 708
41 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
121 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
97 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 65
www.google.com — Cisco Umbrella Rank: 6
82 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
129 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 21991
c.statcounter.com — Cisco Umbrella Rank: 13829
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
165 KB
1 cdnfonts.com
fonts.cdnfonts.com — Cisco Umbrella Rank: 12245
666 B
1 consumerco.com
influx.consumerco.com — Cisco Umbrella Rank: 334847
2 KB
96 13
Domain Requested by
18 mnstr2.benefitsapplication.com www.benefitsapplication.com
mnstr2.benefitsapplication.com
17 www.benefitsapplication.com www.benefitsapplication.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 pagead2.googlesyndication.com www.benefitsapplication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 cdnjs.cloudflare.com www.benefitsapplication.com
cdnjs.cloudflare.com
5 fonts.googleapis.com www.benefitsapplication.com
mnstr2.benefitsapplication.com
googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 accounts.google.com www.benefitsapplication.com
accounts.google.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com www.benefitsapplication.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 fonts.cdnfonts.com client
1 mnstr1.benefitsapplication.com mnstr2.benefitsapplication.com
1 c.statcounter.com www.statcounter.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.statcounter.com www.googletagmanager.com
1 influx.consumerco.com www.benefitsapplication.com
1 ajax.googleapis.com www.benefitsapplication.com
96 21

This site contains links to these domains. Also see Links.

Domain
my.benefitsapplication.com
Subject Issuer Validity Valid
benefitsapplication.com
Amazon RSA 2048 M03		 2023-11-02 -
2024-12-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
consumerco.com
GTS CA 1P5		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
cdnfonts.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.benefitsapplication.com/
Frame ID: 5D582DB571015EDF772816F3CDEE7156
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html
Frame ID: 417F4C8BA5E795855A4B9E7FDC6B2C2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6053161399965587&output=html&adk=1812271804&adf=3025194257&lmt=1704372577&plaf=7%3A2&plat=1%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.benefitsapplication.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704372577354&bpp=2&bdt=1361&idt=234&shv=r20240102&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6189194708137&frm=20&pv=2&ga_vid=528437311.1704372577&ga_sid=1704372578&ga_hid=725147423&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532523%2C44809531%2C31080217&oid=2&pvsid=2626435110204115&tmod=915765696&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=250
Frame ID: ABE42930D9A7D11F83266ACD503BF24A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 455B2F9CEFC5E0151B9AE670B7973702
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D601BF9D9C619EA7300E77E6660DD2E3
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4C8818E51CE6A2B06190EEEE3DB06378
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 822020BB2C284F55A102EAED4B77433A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 3BCC089E40AF9701D4ACD2DF8A113E5F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 41C4FAD08274BD2270A3DDAA30B1F4C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DFFCD7C8A7116AF7C3EA4075BA9DAB1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Benefits Application

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

100 %
HTTPS

89 %
IPv6

13
Domains

21
Subdomains

18
IPs

4
Countries

2139 kB
Transfer

4414 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.benefitsapplication.com/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
42a52245f40f55b1974447abf8c35a40a75a9dc8b20a9dc9234ce2ff26d7c995

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 12:49:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
css
fonts.googleapis.com/ 		35 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800|Alegreya|Alegreya+SC|Oswald:400,300
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9d9f9a36bbc68b76f2e23f45ac94aa53a8f0b8e2bd79ab6c240e23e1cda0d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 12:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 12:49:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 12:49:36 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 		118 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3129264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16149
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-1d970"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUiE1IALizrekSBS3aBoQ5vEWRe237wbR8cDZmoKQY%2BDLoh09arjZCxRF04auDnGqni9NpHCMOeqz4rA%2FUz2JmXSG37NZXLBF4b6ZIt8uHGlo50Qo1lElrCUNPludlWXS2xD6CixHwMFsbEG8%2BkIrQO%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84039a384a055c80-FRA
expires
Tue, 24 Dec 2024 12:49:36 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5473822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5324
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7187"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdCjBUEpLvbFoeicDyKAlCPvgnW6RFVf1lZI%2Bl9K1Y1XKzKjd4%2B1gxGRynyznIeLml9VnSzDt2ULwnp0kEMfkQGO%2Frku%2BczDpBRhc02Lw74RGnRvxbzvkBI4YPewJzyzwTBvJXdyM6PVyEgFBGg47aT5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84039a384a045c80-FRA
expires
Tue, 24 Dec 2024 12:49:36 GMT
theme.css
www.benefitsapplication.com/css/benefits-application/new/ 		37 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/css/benefits-application/new/theme.css
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
607a588e3361eedf5b16d4d1c8d6e229c7ff8856dc9a2bdfc95c0d68b382ab8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Thu, 14 Dec 2023 17:57:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"657b41ff-9449"
content-length
37961
content-type
text/css
theme-elements.css
www.benefitsapplication.com/css/benefits-application/new/ 		48 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/css/benefits-application/new/theme-elements.css
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
038e7a4457b074067737e013c674811b17c0f8a8761ec1dafcea423e591f9524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Fri, 04 Nov 2022 23:43:01 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a385-c1e7"
content-length
49639
content-type
text/css
default.css
www.benefitsapplication.com/css/benefits-application/new/skins/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/css/benefits-application/new/skins/default.css
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
760166921158c77eaa586af8a466635f6701c430e088515e237bbece5f548303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Fri, 04 Nov 2022 23:43:01 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a385-2351"
content-length
9041
content-type
text/css
custom.css
www.benefitsapplication.com/css/benefits-application/new/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/css/benefits-application/new/custom.css
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4884b43e7f85dadc592c6e1da9d1af0cdae02d7997e75e9dd0e087d6cb1c1348

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Fri, 04 Nov 2022 23:43:01 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a385-bbc"
content-length
3004
content-type
text/css
g_auth.js
www.benefitsapplication.com/js/benefits-application/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/js/benefits-application/g_auth.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a694ebde945fc7f31e7a071f223ab27f6b34029470562ef7f542903128d8b3f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Tue, 12 Sep 2023 20:21:37 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6500c851-855"
content-length
2133
content-type
application/javascript
client
accounts.google.com/gsi/ 		207 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c931f1812e6d7938bd2642c4064c20c12fb60eb33ec1495eedd4027b15477161
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0sgi9iT5n7fjE9VVswbZsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-0sgi9iT5n7fjE9VVswbZsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 04 Jan 2024 12:49:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6053161399965587
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b78ba2c63cd266f16ecf432e1287d91864ec0bb000368ef2bc547df7fb88e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsapplication.com/
Origin
https://www.benefitsapplication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51459
x-xss-protection
0
server
cafe
etag
9587869880616201286
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 12:49:37 GMT
modernizr.min.js
www.benefitsapplication.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/js/modernizr.min.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
42ac0ebd5ae95afa11fac40a7e17362fe3c58520610be0040a68b93deb174000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Fri, 04 Nov 2022 23:43:02 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a386-5f6"
content-length
1526
content-type
application/javascript
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsapplication.com/
Origin
https://www.benefitsapplication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 13:03:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Dec 2024 13:03:33 GMT
cssmap-usa.css
www.benefitsapplication.com/css/cssmap-usa-new/ 		190 KB
191 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/css/cssmap-usa-new/cssmap-usa.css
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0bafa7062b95827be9f20fe9dc3d2abfbae82992f4e6ec3425f22d28815456be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Fri, 04 Nov 2022 23:43:01 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a385-2f964"
content-length
194916
content-type
text/css
jquery.cssmap.min.js
www.benefitsapplication.com/js/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/js/jquery.cssmap.min.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
39273e2e4cf831cc2c2eaf3717564c5a67c5fd6a04bde2c57820d7281b4e6a0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Fri, 04 Nov 2022 23:43:02 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a386-618a"
content-length
24970
content-type
application/javascript
bap-logo.svg
www.benefitsapplication.com/images/benefits-application/new/logos/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitsapplication.com/images/benefits-application/new/logos/bap-logo.svg
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8aaf1b59c4b84fbde03218907ea49d2ff12d9f3c22ff6f0f579f9f2fdd7575d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Fri, 22 Dec 2023 22:08:39 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"658608e7-b3e2"
content-length
46050
content-type
image/svg+xml
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefitsapplication.com/
Origin
https://www.benefitsapplication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1278965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8722
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-90b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FQoiFYWFML5wr8aL5JGRCJ%2BPoCoz9yMrN%2Bjaz%2BXVn8K9Ouz%2BtkWfCCLuJQwwy2gFpDDyCGzYcvifhCBTVL21pIqMesi3%2BRAu2rYyZod6K0xjDVmqEhVl3ZmeyYCALtFkI7ilTrDF19fX8ehMSRnLjo6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84039a384cfe71d1-FRA
expires
Tue, 24 Dec 2024 12:49:36 GMT
jquery.inputmask.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.3/ 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.3/jquery.inputmask.bundle.min.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bf874314db1cec62060d4c7ecbee6dbb17f0494b7c2fdf66ebd8947481541c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefitsapplication.com/
Origin
https://www.benefitsapplication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4522970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19007
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-1192f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jd%2BOU%2BcDfBLZVI9sIjgursp71Fv2xbXgIDqMmgG3QWx3NeLogFlMkxBjqOXEVNZfN8J2jXDwYI%2FIxw9xfq6ObNIRU9Xm1YIX41q%2BDs1q02fogD0Uqsasp4B7VJrT%2BAdOIlddHUsifpKYIsdFZ5MtNJp%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84039a388d3671d1-FRA
expires
Tue, 24 Dec 2024 12:49:36 GMT
common.js
www.benefitsapplication.com/css/benefits-application/new/vendor/common/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/css/benefits-application/new/vendor/common/common.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f0cfed0ee5400bc6a4069a1955457c81135372595d037b51f546fa57a527cb1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:36 GMT
last-modified
Fri, 04 Nov 2022 23:43:01 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a385-2c58"
content-length
11352
content-type
application/javascript
jquery.validation.js
www.benefitsapplication.com/css/benefits-application/new/vendor/jquery.validation/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/css/benefits-application/new/vendor/jquery.validation/jquery.validation.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2379363060b818df38089983c12a4508ad8c35944ae59f9519cccdc4f3e80b6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
last-modified
Fri, 04 Nov 2022 23:43:01 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a385-a6c8"
content-length
42696
content-type
application/javascript
theme.js
www.benefitsapplication.com/js/benefits-application/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/js/benefits-application/theme.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
28dba4dba3d85963175f8fb1bfc3de65149524ebd16f8abcecd982713d770684

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
last-modified
Fri, 04 Nov 2022 23:43:02 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a386-b707"
content-length
46855
content-type
application/javascript
custom.js
www.benefitsapplication.com/js/benefits-application/ 		0
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/js/benefits-application/custom.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
last-modified
Fri, 04 Nov 2022 23:43:02 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a386-0"
content-length
0
content-type
application/javascript
theme.init.js
www.benefitsapplication.com/js/benefits-application/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/js/benefits-application/theme.init.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
09ccf30d24a06cf01d23e30df3265bdaad87f18705eee05d5595e6debe5a7ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
last-modified
Fri, 04 Nov 2022 23:43:02 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a386-1d72"
content-length
7538
content-type
application/javascript
nxt-68asppa3ok50
influx.consumerco.com/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://influx.consumerco.com/tag/nxt-68asppa3ok50
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3a0dacaf00e9ee1d2d872159ea0633b012f9c4df1a324b8f413bd2031960b57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnaaqqDSg%2FhdwASiDvoB1iv46st6Z1RAwa%2BukIaD2DAmWUTanwLiE8o6ba6VXIHFdN0OspuD5GU%2BjzHewq2LOYfnyPdcSfWgOWJ%2B%2B8iPG%2BjWNhHyEB%2BPH%2BDpjEnhWUi6lkKSvrNV9dppp4hCs2p0YqR3GAo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, private
cf-ray
84039a3fdc9771cd-FRA
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQGK66H
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81a4bfeb8c59f96ffddeb7a407712c4244f38c7ed6d9445ffcac685777018b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72235
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jan 2024 12:49:37 GMT
cssmap-themes.css
www.benefitsapplication.com/css/cssmap-usa-new/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benefitsapplication.com/css/cssmap-usa-new/cssmap-themes.css
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/css/cssmap-usa-new/cssmap-usa.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
aaf58b4994c3565ee67c204b37bb4079b10e94d3fbbdadd2c38d75b65852ee18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
last-modified
Fri, 04 Nov 2022 23:43:01 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a385-23b1"
content-length
9137
content-type
text/css
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
Origin
https://www.benefitsapplication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3231064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
71896
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-118d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DdnKXUAhlqvL0wou5WK49dDsf3eI81dqXJwGkx%2FTL47ERaI3LecnsTyIzNdq5e%2Ff8aimFDghkbA45Bg6Nt4SxOIdKB%2BNomKbvSCTNMW0oxXk0ZSHATdsIOxXutLa0kdWGGcONxO0k05i7Rez4ipKPNu"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84039a3f7c70903c-FRA
expires
Tue, 24 Dec 2024 12:49:37 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800|Alegreya|Alegreya+SC|Oswald:400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsapplication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:07:43 GMT
x-content-type-options
nosniff
age
24114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 06:07:43 GMT
js
www.googletagmanager.com/gtag/ 		290 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XW69MMEQH2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQGK66H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
177bf6acfc0b1376b21043cc76ccb2eb3a4f971d02b7a01f6ce9056ec5979554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96590
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 12:49:37 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQGK66H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 11:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3680
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 13:48:17 GMT
counter.js
www.statcounter.com/counter/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQGK66H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Jan 2024 16:23:53 GMT
server
cloudflare
age
26943
etag
W/"65958a19-a313"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
84039a40bd44692b-FRA
expires
Thu, 04 Jan 2024 17:20:34 GMT
api.min.js
mnstr2.benefitsapplication.com/app/js/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/api.min.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1082
perma-cache
HIT
age
402974
cdn-storageserver
DE-383
cdn-cachedat
12/30/2023 00:18:40
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 19:57:30 GMT
cdn-proxyver
1.04
cdn-fileserver
728
cdn-requestpullcode
200
server
cloudflare
etag
W/"6578bb2a-cb9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iqju0SUXz1OJGve7kCLGZYMQVAyCwEQhWt%2FYfw6cKwQGO4%2FfcK%2Bpydn%2BKivynTFrkfLM3RRxWE32kmSmih2Ir6ikAIA6tokuXnLsc8TkLlzigSd%2FVl%2BwxNuuGU6PEUifiYU%2BG%2FBk91y6%2BUFzzJQm9jMSTAPdyk1r8rEri%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
e2878c7da6c76d3b8e5e993b2f58f011
cf-ray
84039a41ad6671c1-FRA
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 		403 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6053161399965587&plah=www.benefitsapplication.com&bust=31080217
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6053161399965587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
285132eb88e2328a0b59cb850c242f72059270652c2c902509ffc28dd81beece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139436
x-xss-protection
0
server
cafe
etag
2534350541541624337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 12:49:37 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/ Frame 417F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6053161399965587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsapplication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 21:59:35 GMT
etag
9219409622527106327
expires
Wed, 17 Jan 2024 21:59:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XW69MMEQH2&gtm=45je4130h2v896975293z8896926857&_p=1704372576786&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=528437311.1704372577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704372577&sct=1&seg=0&dl=https%3A%2F%2Fwww.benefitsapplication.com%2F&dt=Benefits%20Application&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2179
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW69MMEQH2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 12:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefitsapplication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=725147423&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefitsapplication.com%2F&ul=en-us&de=UTF-8&dt=Benefits%20Application&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1107013538&gjid=826377911&cid=528437311.1704372577&tid=UA-232355558-3&_gid=991164536.1704372577&_r=1&_slc=1&gtm=45He3bt0n81WQGK66Hv896926857&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=488706024
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.benefitsapplication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 12:49:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.benefitsapplication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
t.php
c.statcounter.com/ 		192 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12816753&u1=C2D50F96A3554F2FDC4B90EC073A23BA&java=1&security=c0da94d9&sc_snum=1&sess=75b702&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&sc_ev_src=null&sc_ev_utm_source=null&resolution=1600&h=1200&camefrom=&u=https%3A//www.benefitsapplication.com/&t=Benefits%20Application&invisible=1&sc_rum_e_s=2189&sc_rum_e_e=2197&sc_rum_f_s=0&sc_rum_f_e=2183&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.benefitsapplication.com
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
84039a411d92692b-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
api.min.css
mnstr2.benefitsapplication.com/app/js/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/api.min.css
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1081
perma-cache
HIT
age
402974
cdn-storageserver
DE-663
cdn-cachedat
12/30/2023 00:30:27
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 19:57:20 GMT
cdn-proxyver
1.04
cdn-fileserver
599
cdn-requestpullcode
200
server
cloudflare
etag
W/"6578bb20-2644"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbMwE1iTFfIRK%2FjzKpdbqMCgtVqIszbQMOZa%2FTLiEP065hOz3O2uA5x95PLLVU0PHLr2v7pwwR7Z0FyvewOm6nwhF8ffEnXSKeljQ%2FXsgx0lDe7%2F7%2Fvw5jtxlSVBTS2hHhVSmOAp5ENlcaHlNZEzNQEKP4Mo3yJoG6KZFTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
4ba73dfa03e02e6916c3990d7ff624e7
cf-ray
84039a41edb471c1-FRA
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
172542
mnstr1.benefitsapplication.com/api/v2/embed/ 		21 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnstr1.benefitsapplication.com/api/v2/embed/172542?d=benefitsapplication.com
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7e5e83c81662be23e8f37041fa062a0169bf39ed1e7f47e78e949f689a954a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
via
kong/3.4.2
content-encoding
br
cf-cache-status
DYNAMIC
x-cache-config
0 0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency
1
x-cache-status
HIT
x-kong-upstream-latency
7
alt-svc
h3=":443"; ma=86400
x-optinmonster-account
186974
x-user-agent
standard--
last-modified
Wed, 14 Jun 2023 20:35:08 GMT
server
cloudflare
etag
W/"f74e346c399f8cb5e80f974d98f21404"
vary
Accept-Encoding, User-Agent, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BVfPTF%2FinaC%2F5OmInagUwtC6yeNDnpIsXH%2FmoJeQILnfSI6QHhp4%2BuP2XH%2FHWkNmSaomT1yXFMzlkmES1yHsdDGBOq7iqFqAQSRW65QeLfhciFf5S1mMqwhwiJELTmhbpNj6n%2Bc9Zoz6CrkQ0F3IxhN9Uxl8ie5mne8aqs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.benefitsapplication.com
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-credentials
true
cf-ray
84039a4299889993-CDG
access-control-allow-headers
X-CSRF-Token
expires
Thu, 04 Jan 2024 12:29:57 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame ABE4 		378 KB
84 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6053161399965587&output=html&adk=1812271804&adf=3025194257&lmt=1704372577&plaf=7%3A2&plat=1%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.benefitsapplication.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704372577354&bpp=2&bdt=1361&idt=234&shv=r20240102&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6189194708137&frm=20&pv=2&ga_vid=528437311.1704372577&ga_sid=1704372578&ga_hid=725147423&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532523%2C44809531%2C31080217&oid=2&pvsid=2626435110204115&tmod=915765696&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6053161399965587&plah=www.benefitsapplication.com&bust=31080217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f41aee2ea6d4ffd75a6e3fdf812d2fbb30c197380db3f56be6aff8c9d79be733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsapplication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
86243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 12:49:38 GMT
expires
Thu, 04 Jan 2024 12:49:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&cls=scroll-to-top%20hidden-mobile&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 12:49:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5.c3191d3c.min.js
mnstr2.benefitsapplication.com/app/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/5.c3191d3c.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1069
perma-cache
HIT
age
497585
cdn-storageserver
NY-430
cdn-cachedat
12/29/2023 10:09:26
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 Oct 2023 17:45:52 GMT
cdn-proxyver
1.04
cdn-fileserver
622
cdn-requestpullcode
200
server
cloudflare
etag
W/"65395450-4146"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo9gHbqHHiIxDcOIstSGQRvfpNAiXOD38Fjy0p7BJqiKAUy1zHC99zjDEACAh2hdGiaGroNmaHYZuxlMUtfEcDIOa9ggNcIBrYccuSVKK6AYV3Lt7EOm1h2WkT%2B2QkVJtKBctfWX4R2XD7BJvrCwuBkLBjx5FzddPa7ZKOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
945604ec63ffde813e3ba14fdf12bc97
cf-ray
84039a43a972700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
segoe-ui-4
fonts.cdnfonts.com/css/ 		164 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/css/segoe-ui-4?styles=18004
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2cdfe0f62d2cd472d9bca953623da9c440b259eb41859ecb92870abd8313f40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1255132
cf-polished
origSize=197
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 00:10:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rth%2B9OdEGcOmC5TC2VaC6Xlg%2ByQLVnWvsN2VB0gWLIFN21IF1Jn0rCmIisGe1K9EDcRkBsrXSzYtzWAp34RXpVvCkwnilTBwVyKSgB8ktHkRbfjv%2BQebYxPfqaAE5D9%2B1o0D2I8HHkbeAwSHHe29Ex4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
84039a44aa376ecf-CDG
usa-960.png
www.benefitsapplication.com/css/cssmap-usa-new/vintage/ 		385 KB
385 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitsapplication.com/css/cssmap-usa-new/vintage/usa-960.png
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/css/cssmap-usa-new/cssmap-usa.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.45.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-45-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b4fba6352ae26ab2f342588cff67b4e27380216d14911d12f872e6458c77ff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/css/cssmap-usa-new/cssmap-usa.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
last-modified
Fri, 04 Nov 2022 23:43:01 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"6365a385-60212"
content-length
393746
content-type
image/png
4.1dae6b4d.min.js
mnstr2.benefitsapplication.com/app/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/4.1dae6b4d.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding
br
age
1204364
cdn-storageserver
DE-51
cdn-pullzone
99152
cdn-proxyver
1.04
cdn-fileserver
587
etag
W/"654286e8-c029"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-storagebalancer
NY-430
date
Thu, 04 Jan 2024 12:49:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
940
perma-cache
HIT
cdn-cachedat
12/21/2023 07:11:29
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 17:12:08 GMT
server
cloudflare
cdn-requestpullcode
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wgk79Uy%2BETNlDzLA%2B7fNP7FM1bASDO0WBtWiRnv2kLJXGn7hVkHduOEUUc5lCxHbVLS2VWIStQmVfLykhlhLXPC26eWo9KwSJAZtowz8r9%2BSAUsfTRi7yUCXpsRIf50PYA6xGcnQ9fV4Lhc5XIyUHH3ji3M5zOk7wfvguM%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
0a152c5d68a6d5e87275a34377226c7d
cf-ray
84039a444a6c700b-CDG
cdn-status
200
cdn-requestpullsuccess
True
20.1d4b97e9.min.js
mnstr2.benefitsapplication.com/app/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/20.1d4b97e9.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1069
perma-cache
HIT
age
1204365
cdn-storageserver
NY-346
cdn-cachedat
12/21/2023 07:11:29
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:47:36 GMT
cdn-proxyver
1.04
cdn-fileserver
388
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f28-1062"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yon23KEeHzDhop280r2iX1aSfjf7hzwm%2B3Z0dGOg6sBhcyXP52Tx9RfTHuybedcKTp4VewWuHeqDEU84tWupqT5xFx743MoBcfUts5c0XRGXMPRQ%2FdeQIkYmE0U7BgbDbcGdL0lmoZGMzTOuFJbRrMMchiQY1WosgNzKNHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
9cc61f32d1553629ea61af1ed0096d1e
cf-ray
84039a44cb3e700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
19.b93023b7.min.js
mnstr2.benefitsapplication.com/app/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/19.b93023b7.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
941
perma-cache
HIT
age
345965
cdn-storageserver
NY-268
cdn-cachedat
12/30/2023 00:26:46
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:47:34 GMT
cdn-proxyver
1.04
cdn-fileserver
388
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f26-10b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p3gvlxVYdGOhrvxpV9C%2BC79Cr1uRVj8IJuZASX1r2mcHmdh5uIhYTex9I9WbOSMaV4J6WA8SEqglPHsBhOkkkOct%2B58D5Le9TzoqBrmodn9jpY9ZWSt4xBnRqEEVtE%2BJlPaMlynROzuOL6TtrzROzNC%2BsdSvoEYUBD4xjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
65100095d3b85beae63cefbd779fe141
cf-ray
84039a44cb47700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
27.78393e5b.min.js
mnstr2.benefitsapplication.com/app/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/27.78393e5b.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
718
perma-cache
HIT
age
1204365
cdn-storageserver
NY-268
cdn-cachedat
12/21/2023 07:11:39
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:47:35 GMT
cdn-proxyver
1.04
cdn-fileserver
388
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f27-1973"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ6zvOR8nwPjZqLY%2FBZzpRvWUapkKigCh0KbtM%2F90qQGBOobEPPivQjCE0e0IOGjyK%2FGb2inG5cUCDBbSiZl20r1H8ndc4d3LPH0jZA7xZhLvZx0TquC5VKKFBHTuv%2BQLmKrBT8gORq1LZZCQVVIiwgGknhgGxQmYc0MNOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
e1791122a6d72c3fd992373d162f5189
cf-ray
84039a44cb48700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
32.b9065693.min.js
mnstr2.benefitsapplication.com/app/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/32.b9065693.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1067
perma-cache
HIT
age
1204365
cdn-storageserver
NY-268
cdn-cachedat
12/21/2023 07:11:29
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:47:50 GMT
cdn-proxyver
1.04
cdn-fileserver
622
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f36-2c41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BQFH%2BvlyibQLRlnMsW1BEFz39MqKBJIF6DT4Ffd9NViUs2F4HTEH1qo2Nl%2FY%2Fng1W2luOcJx98f0SLxZFbCYBR%2BSquXdnWYCQsBdqZoQQoN0dXJk7Qk5hOhfYLh1RmeWYLwaV6tJCiuE6pMoTkHWzsTd2xUDXeQ8nV%2BKN0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
ec16ab5b0bd0ed0ec539d86540c885e1
cf-ray
84039a44db4c700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
10.acdc9ced.min.js
mnstr2.benefitsapplication.com/app/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/10.acdc9ced.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21111013521ce045115ade20ed1b0ac09b102688f010ecf84bb7f3f53574456c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1029
perma-cache
HIT
age
340131
cdn-storageserver
NY-268
cdn-cachedat
12/31/2023 14:16:24
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 19:57:22 GMT
cdn-proxyver
1.04
cdn-fileserver
388
cdn-requestpullcode
200
server
cloudflare
etag
W/"6578bb22-8515"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvdxngG6LINeM9N4aGwOt4kODQA7hoEj6IWgSoeTU8ZtSwFn2wmCLMKQ%2B65AhnlVNb4PeQMRN1iW9j%2FCrfUk1h3RdJfJUOYOF%2FOawWiz6XHI1J8yp3x%2F26jNjlcq71GOJF46%2B78PdMnTy%2FlA5O%2F40neNKZg3FtCEfT2XjFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
d37189bd18952162bb04bf216b746dd9
cf-ray
84039a44db4f700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
0.514c5def.min.js
mnstr2.benefitsapplication.com/app/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/0.514c5def.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1029
perma-cache
HIT
age
1204365
cdn-storageserver
NY-430
cdn-cachedat
12/21/2023 07:11:29
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:47:38 GMT
cdn-proxyver
1.04
cdn-fileserver
622
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f2a-1d49"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZot%2By9sEbnAML%2BM%2FjLLVE%2FiX4F5nvTEfIpavQJaWUSsJ78%2ForLStE81yWJ491A73p3xeYrOeS16lowIKGrgu5FWcSyrTIoTrEzNSCf3dN%2F7ASEyc3xh2Ud%2FWZejleOebamuGaLToZGFxLbF6FYemIz8NWvW1578wlYbRck%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
27964b59de9c7c67ac9963bed51e596c
cf-ray
84039a44db51700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
9.c66ab701.min.js
mnstr2.benefitsapplication.com/app/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/9.c66ab701.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1029
perma-cache
HIT
age
773807
cdn-storageserver
NY-268
cdn-cachedat
12/22/2023 16:02:29
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:48:40 GMT
cdn-proxyver
1.04
cdn-fileserver
622
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f68-879"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb6qSQRdTJAGTVyZTe4l3oAWmmVK2STmEAic2S6eugHKiUWcOezQm8XO5CeevZMik7qZpg6GBNERel%2Bee1SPHLdyRHK2fuynsnLqi4UQvUchGwbdGUCDmplUHTIxFzmgjmwshSFlNXw%2FpNa9Fxc6AcZ%2F%2BdMrh8waiL%2FsquM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
652668af12b94048471c832aa14e84eb
cf-ray
84039a44db53700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
11.38e902ad.min.js
mnstr2.benefitsapplication.com/app/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/11.38e902ad.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
894
perma-cache
HIT
age
345965
cdn-storageserver
NY-427
cdn-cachedat
12/30/2023 00:26:46
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:47:41 GMT
cdn-proxyver
1.04
cdn-fileserver
388
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f2d-a40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm80dcD0eVRmKYxs3hCBr%2FVVzW2X1PivHJxL9OBva7NHfohxB6u%2BhGbwG%2F4enDTm7V1KXQpvm4O8ueLvDXCFMFruQrUyDthGpX0q6MAKh3NStL5dw7f4SvOLgm7V9ily7O6GtQAlT8iehB3XJi0k3nmrOwit9MQtjZTIi3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
d3f22b479639790a3f993eeaa3186cd5
cf-ray
84039a44db56700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
28.377be946.min.js
mnstr2.benefitsapplication.com/app/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/28.377be946.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1070
perma-cache
HIT
age
1204365
cdn-storageserver
NY-346
cdn-cachedat
12/21/2023 07:11:29
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:48:29 GMT
cdn-proxyver
1.04
cdn-fileserver
388
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f5d-d7b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBXDo8GxLqn4ypGwYMgcJ8TWYutTbaqpYPyc1GdJNwaoJ%2BaIoLZR0ti%2B0WEPkpsCYOWjhs25c4efruylST882fPnYn63NmX5roB5o8ddRlLPR%2BP9xwPvajynZxAv%2BrGmt%2FpJ6EcI7Ijt1gaqAHJr%2FbX4O7VZle43hPPlb9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
01713a0ad325526844cbbb7714c09452
cf-ray
84039a44db57700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
26.1898e425.min.js
mnstr2.benefitsapplication.com/app/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/26.1898e425.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
718
perma-cache
HIT
age
1204365
cdn-storageserver
NY-267
cdn-cachedat
12/21/2023 07:05:59
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:47:39 GMT
cdn-proxyver
1.04
cdn-fileserver
622
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f2b-6b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYXLy9TFrmyJDG9mpfNUCMyPQZ2pxcR4Sm0eB%2BdD3anGXfdNj%2F1GHXU7H%2F4eioTXvvZv%2BIvLAYO4Iaz0xktOgeeZ2FOc58V%2BCyBoyIRO3MnLGHklTWTCKShs9vuPCgZ9yWcGhH%2FqavpNcfASoTMSaPOiTr2ZC4v1wA2ih6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
1926494e66bf136a6ef73999d976de9f
cf-ray
84039a44db58700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
16.0e435a6f.min.js
mnstr2.benefitsapplication.com/app/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/16.0e435a6f.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
871
perma-cache
HIT
age
345965
cdn-storageserver
NY-430
cdn-cachedat
12/30/2023 00:26:46
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:47:45 GMT
cdn-proxyver
1.04
cdn-fileserver
622
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f31-51f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvmKtoRAd2MeIEUBRbVNsnumX4RvHGWW5pEkPx1j6PIhW2L8g6rRGCkb%2BcQL4RuNtAjPs99amY5Ak4WqiqYY089IgCZ7afV%2BKuKEAyk3L1TqQ5mDcvg%2FHZTOZXxjTRkTXNvo%2BvX0%2BCqBksZLhA7H2M4UofKvan%2FuvpWqO%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
2d098beeae1a91e8e46334072b995b7a
cf-ray
84039a44db59700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
1.ea963399.min.js
mnstr2.benefitsapplication.com/app/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/1.ea963399.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
940
perma-cache
HIT
age
1204365
cdn-storageserver
NY-268
cdn-cachedat
12/21/2023 07:11:29
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:48:17 GMT
cdn-proxyver
1.04
cdn-fileserver
388
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f51-2abc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tb9TPrkliT6AuxuJ8wvGqlVA8ZUeylJWkGAOnWGF7qzwTVzhmJr5HHm55pQMLKTx5PNhuRJ0nBPPQG%2Fe4j3pWRe4dUiPpFHc3P4q6W7ksPyU4lL5K4AmbE1jILOsDSNByXArzDglP8mTLHonxFI5eL2f6KfqHgYCouA2Y3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
bbe30064ab0dd0d227f4bc5f2d398858
cf-ray
84039a44db5a700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
21.5aa698b1.min.js
mnstr2.benefitsapplication.com/app/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mnstr2.benefitsapplication.com/app/js/21.5aa698b1.min.js
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/api.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1029
perma-cache
HIT
age
294058
cdn-storageserver
NY-430
cdn-cachedat
12/31/2023 22:42:35
cdn-pullzone
99152
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Sep 2023 16:47:37 GMT
cdn-proxyver
1.04
cdn-fileserver
388
cdn-requestpullcode
200
server
cloudflare
etag
W/"65087f29-81f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BpSupjvaQQkOGIyQX3mao7G4fIWsXW%2FyjMVm%2Bg4lPP96cX4bqFiSHuKlSIj7v5xoln%2Bn%2BhyOBVgoRKI4MrkLz2euXwQvNivoqGKZzPwFlpGDx74yIM%2BILCsi%2BJxwOeUzeIKcOf%2BFaaCsB%2BCSM5AssfmID6sxl0FQjPedTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
81914868a5a6ca3e6404e69c97e95537
cf-ray
84039a44db5c700b-CDG
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400&display=swap
Requested by
Host: mnstr2.benefitsapplication.com
URL: https://mnstr2.benefitsapplication.com/app/js/4.1dae6b4d.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 12:15:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 12:49:38 GMT
9f33ada2feee1686109539-money.jpg
mnstr2.benefitsapplication.com/users/069548d7f213/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mnstr2.benefitsapplication.com/users/069548d7f213/images/9f33ada2feee1686109539-money.jpg?width=1520
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:190f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7388a918fde9e20b8308d727aeb6d9618151155d10f1e46348894ca4d874276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

age
1061604
cdn-storageserver
NY-427
cdn-pullzone
99152
cdn-proxyver
1.04
cdn-fileserver
622
etag
"648015c0-9982"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Thu, 04 Jan 2024 12:49:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1068
perma-cache
HIT
cdn-cachedat
12/22/2023 23:34:57
alt-svc
h3=":443"; ma=86400
content-length
39298
last-modified
Wed, 07 Jun 2023 05:29:36 GMT
server
cloudflare
cdn-requestpullcode
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NapXd10EyI3swVPB0%2FIeEnov%2BCAGeaeaFwURT%2ByKHPSvXVsLK0MwLXa01llBpjNuiLLNKSfHjVzL9D81am1jVuDi3yITOSUKSHkLNDGBgpudvZr7ClAEm9a6l4m0%2FWh5u0UeemKsBMcj7i4%2BDunxEQuczcH4pl233bOK7w%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
267ea9eb341b5e5862b73a5d956644b6
accept-ranges
bytes
cf-ray
84039a45acc5700b-CDG
cdn-status
200
cdn-requestpullsuccess
True
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.benefitsapplication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:01:30 GMT
x-content-type-options
nosniff
age
24488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 06:01:30 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/reactive_library_fy2021.js?bust=31080217
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6053161399965587&plah=www.benefitsapplication.com&bust=31080217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
149c982f0853c2aaebc302dd11411dce35ddf7df8825d36319b205ca36a2edca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56255
x-xss-protection
0
server
cafe
etag
13593130337347202362
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 12:49:38 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame 455B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6053161399965587&plah=www.benefitsapplication.com&bust=31080217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsapplication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
49777
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 23:00:01 GMT
etag
9219409622527106327
expires
Wed, 17 Jan 2024 23:00:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame D601 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6053161399965587&plah=www.benefitsapplication.com&bust=31080217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsapplication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
49777
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 23:00:01 GMT
etag
9219409622527106327
expires
Wed, 17 Jan 2024 23:00:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 455B 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 12:18:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 12:49:38 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 455B 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:02:02 GMT
x-content-type-options
nosniff
age
60456
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Jan 2025 20:02:02 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 455B 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:21:26 GMT
x-content-type-options
nosniff
age
62892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Jan 2025 19:21:26 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame 455B 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 02:20:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 02:20:10 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame 455B 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 02:20:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 02:20:10 GMT
css
fonts.googleapis.com/ Frame D601 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 11:41:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 12:49:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame D601 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:25:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
62665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:25:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame D601 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
62770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame D601 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
5842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame D601 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
62770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D601 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 12:49:38 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame D601 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 31 Mar 2024 13:56:43 GMT
css
fonts.googleapis.com/ Frame 4C88 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 12:05:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 12:49:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 4C88 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:25:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
62665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:25:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame 4C88 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
62770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 4C88 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
5842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 4C88 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
62770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4C88 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 12:49:38 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 4C88 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 31 Mar 2024 13:56:43 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 8220 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
259112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 12:51:06 GMT
style
accounts.google.com/gsi/ 		533 B
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bD-XKODBs4Z575nXgWWnYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bD-XKODBs4Z575nXgWWnYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 04 Jan 2024 12:49:38 GMT
status
accounts.google.com/gsi/ 		40 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=988239005636-a2atcm2k6jk17m2sied4th6avacn8ra4.apps.googleusercontent.com&as=jONFZYXjuMgJpoi5dm1kSw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4682113ca80dd09d23538160a7fee0e228023dee9c0c2e425bf8ca8a6683a38
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-q7-D8rJX6e-3_gaHrSfA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-q7-D8rJX6e-3_gaHrSfA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.benefitsapplication.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240102&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6053161399965587&plah=www.benefitsapplication.com&bust=31080217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1553ea1de539362cdd1ed24d29778238d9db1ab407008c37fdb1285894de368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12301
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 3BCC 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: www.benefitsapplication.com
URL: https://www.benefitsapplication.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
259112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 12:51:06 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=725147423&t=timing&_s=2&dl=https%3A%2F%2Fwww.benefitsapplication.com%2F&ul=en-us&de=UTF-8&dt=Benefits%20Application&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3513&pdt=1&dns=0&rrt=0&srt=206&tcp=531&dit=2701&clt=2701&_gst=2091&_gbt=2182&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=528437311.1704372577&tid=UA-232355558-3&_gid=991164536.1704372577&gtm=45He3bt0n81WQGK66Hv896926857&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=416112455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 05:51:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25091
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6053161399965587&plah=www.benefitsapplication.com&bust=31080217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 12:49:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 41C4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitsapplication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 11:12:16 GMT
expires
Fri, 03 Jan 2025 11:12:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8DFF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b2e40d5acaa3d8a8d4844ab00a25705b2ab252b291b04c41a78a081e2c2057ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qk3DAW50MP-PEgJOtfyAQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.benefitsapplication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Qk3DAW50MP-PEgJOtfyAQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 12:49:38 GMT
expires
Thu, 04 Jan 2024 12:49:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 41C4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 11:12:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
5841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 11:12:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DFF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240102&jk=2626435110204115&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 41C4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Qj0fgQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 12:49:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240102&jk=2626435110204115&bg=!vb6lvvHNAAY3kmNgF5I7ADQBe5WfOAJ-Dr6weBa3wwVKJva67oKYuEZvH7Wp_BzD4h8Pvz3Tmy8XEzG6oMU5LEIyAnYNAgAAAD5SAAAAAmgBB5kC0c3u1Hro7BC5WvQRxFIxtUMUOEb5DheQOJZGw9MAATXPBfAUncowkGf3URrYuJhVrGUNgjNjRd4TpkprVovz-uN_cf2lCsfRbkXDsBZZCRhjYy5uXaJx4pmFKKZDNNh48hBk_XrgMMM4MtkavjRSS_0Zl3GDwA3vu4MFYnALwjYsEwWme0BQVuWd2rCxwoxNCv-cEo2ZhRL_h9u1GxDSJ59eZTfmCrwG2plKqPnlgor2LwIXde6g202CH6BBLYmVzf2AXkaPI_jzsCUdCA7k5qdgAbEdqosIPuiPtT2n2wF5hcqsYbMNf1oYpZPQ-Uj4Fnbi7O3uYr0IJRYhbXpD97jDwSxDH6c16WagkgKaw-15am9F9F6AnM7rYdowLfOnVg_fOY2Do9cHIK9oM8Ve08yGvFg7fCA5K3_dv2LTmPkcQKCZpBVCsfD46zNJKeAOHxIK9M6VxajqLju3YU79WTo_yPUaM0-rLB5kThvDXss4Oan7UNIWX9Zue-SV9c46GJn_qbp_W6hQVg9szjiKSOtLf5arV4KfK-EAckDOjjydk0E6qdsZ6FvmJvz39UJj-_mxw2wGTi5n9Zf8bYYQdslST0SAQ4uN7TI_A7kyN1I6YrRq4gYwwPI93LW-aZZJ0pSJTqHl6e8cPTDewRKXJNybFqa0mHtsVEhGt2VECkuBq5hkFr9riVg6ZnNmQiZ0IuyFOUi8zHOkFUtqXNa9MYgsy7r7c_F7ENgGVvhdHw2elJvELQKdm2QBUTWSpi7TwxBzX4fDofHQsmG-kOrJGDhps26TG80l8QtnEvfZZMvg-deuSHgql-Xv9UzZAEl25xEFbrDqMYE84dA1cJQSM4u71HE9FK8okIAFdLkhRGdTCsjKzljXCvODlHQuiEjuoA02ACHXvOYHovTeq9TgBDEvVCe5MLccMPwUJpAUitrSRTLpGvLTSNqIKTC-LGqCi0s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.benefitsapplication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| dataLayer object| Modernizr function| $ function| jQuery object| jQuery1124005357733953529853 function| Inputmask string| c object| theme boolean| initialized object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| getURLParameter function| _statcounter object| src object| utm_source number| sc_project number| sc_invisible string| sc_security object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| default_gsi object| _F_toggles object| google function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om186974_172542 object| _omq function| omq function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| closure_lm_578759 object| omwayqwjbylt5ue2lb7pxr object| omjvyonoyjhtf60ouf2b2d object| omfj6zhvdbbqutm84jdcrp object| omv967qwmgjfv4zbzs7rch object| omqhd4ynustmnooharlwet object| google_llp object| googletag object| __G_ID_CLIENT__ object| GoogleGcLKhOms

13 Cookies

Domain/Path Name / Value
.benefitsapplication.com/ Name: PHPSESSID
Value: liu95sh67jm4lkljbk8mmb8p86
.benefitsapplication.com/ Name: _ga_XW69MMEQH2
Value: GS1.1.1704372577.1.0.1704372577.0.0.0
.benefitsapplication.com/ Name: _ga
Value: GA1.2.528437311.1704372577
.benefitsapplication.com/ Name: _gid
Value: GA1.2.991164536.1704372577
.benefitsapplication.com/ Name: _gat_UA-232355558-3
Value: 1
.benefitsapplication.com/ Name: sc_is_visitor_unique
Value: rx12816753.1704372577.C2D50F96A3554F2FDC4B90EC073A23BA.1.1.1.1.1.1.1.1.1
www.benefitsapplication.com/ Name: _omappvp
Value: PLIYMcqbs6EfFj704o4MZY8xgI82ybnG80LYtMTGmCSOBVj3cVLhpW0xGxkyDEVwJ9WELP6QHxQB9uiuewNd9MkYQuyKUqIq
www.benefitsapplication.com/ Name: _omappvs
Value: 1704372577582
.statcounter.com/ Name: is_unique
Value: sc12816753.1704372577.0
.statcounter.com/ Name: is_visitor_unique
Value: 1704372577947722390
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.benefitsapplication.com/ Name: __gads
Value: ID=b01a190c08371941:T=1704372577:RT=1704372577:S=ALNI_MYL7GTJN4ILVnpfAxi_ewgLjKXH1A
.benefitsapplication.com/ Name: __gpi
Value: UID=00000d380a65bb5d:T=1704372577:RT=1704372577:S=ALNI_MZDL07HhRpbY6I11JHkSfSekIts0w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
c.statcounter.com
cdnjs.cloudflare.com
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
influx.consumerco.com
mnstr1.benefitsapplication.com
mnstr2.benefitsapplication.com
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.benefitsapplication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
104.20.94.138
2001:4860:4802:34::36
2606:4700:3036::6815:190f
2606:4700::6811:180e
2606:4700:e2::ac40:8516
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c0d::54
2a06:98c1:3120::3
35.165.45.62
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
038e7a4457b074067737e013c674811b17c0f8a8761ec1dafcea423e591f9524
09ccf30d24a06cf01d23e30df3265bdaad87f18705eee05d5595e6debe5a7ab5
0a7e5e83c81662be23e8f37041fa062a0169bf39ed1e7f47e78e949f689a954a
0bafa7062b95827be9f20fe9dc3d2abfbae82992f4e6ec3425f22d28815456be
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
149c982f0853c2aaebc302dd11411dce35ddf7df8825d36319b205ca36a2edca
177bf6acfc0b1376b21043cc76ccb2eb3a4f971d02b7a01f6ce9056ec5979554
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21111013521ce045115ade20ed1b0ac09b102688f010ecf84bb7f3f53574456c
2379363060b818df38089983c12a4508ad8c35944ae59f9519cccdc4f3e80b6c
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36
285132eb88e2328a0b59cb850c242f72059270652c2c902509ffc28dd81beece
28dba4dba3d85963175f8fb1bfc3de65149524ebd16f8abcecd982713d770684
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39273e2e4cf831cc2c2eaf3717564c5a67c5fd6a04bde2c57820d7281b4e6a0a
3b4fba6352ae26ab2f342588cff67b4e27380216d14911d12f872e6458c77ff4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42a52245f40f55b1974447abf8c35a40a75a9dc8b20a9dc9234ce2ff26d7c995
42ac0ebd5ae95afa11fac40a7e17362fe3c58520610be0040a68b93deb174000
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4884b43e7f85dadc592c6e1da9d1af0cdae02d7997e75e9dd0e087d6cb1c1348
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5
607a588e3361eedf5b16d4d1c8d6e229c7ff8856dc9a2bdfc95c0d68b382ab8d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6
760166921158c77eaa586af8a466635f6701c430e088515e237bbece5f548303
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
81a4bfeb8c59f96ffddeb7a407712c4244f38c7ed6d9445ffcac685777018b39
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8aaf1b59c4b84fbde03218907ea49d2ff12d9f3c22ff6f0f579f9f2fdd7575d9
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05
8b78ba2c63cd266f16ecf432e1287d91864ec0bb000368ef2bc547df7fb88e1e
8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a
92bf874314db1cec62060d4c7ecbee6dbb17f0494b7c2fdf66ebd8947481541c
9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72
a3a0dacaf00e9ee1d2d872159ea0633b012f9c4df1a324b8f413bd2031960b57
a694ebde945fc7f31e7a071f223ab27f6b34029470562ef7f542903128d8b3f1
a7388a918fde9e20b8308d727aeb6d9618151155d10f1e46348894ca4d874276
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aaf58b4994c3565ee67c204b37bb4079b10e94d3fbbdadd2c38d75b65852ee18
b2e40d5acaa3d8a8d4844ab00a25705b2ab252b291b04c41a78a081e2c2057ab
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2
c931f1812e6d7938bd2642c4064c20c12fb60eb33ec1495eedd4027b15477161
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1553ea1de539362cdd1ed24d29778238d9db1ab407008c37fdb1285894de368
e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef
e2cdfe0f62d2cd472d9bca953623da9c440b259eb41859ecb92870abd8313f40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4682113ca80dd09d23538160a7fee0e228023dee9c0c2e425bf8ca8a6683a38
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f0cfed0ee5400bc6a4069a1955457c81135372595d037b51f546fa57a527cb1e
f41aee2ea6d4ffd75a6e3fdf812d2fbb30c197380db3f56be6aff8c9d79be733
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9d9f9a36bbc68b76f2e23f45ac94aa53a8f0b8e2bd79ab6c240e23e1cda0d11