urlscan.io logo urlscan.io
SecurityTrails logo

compass.empyreanbenefits.com Open in urlscan Pro
192.48.98.17  Public Scan

Go To Rescan Add Verdict Report
URL: https://compass.empyreanbenefits.com/lyb
Submission: On August 28 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 192.48.98.17, located in United States and belongs to EBSI, US. The main domain is compass.empyreanbenefits.com. The Cisco Umbrella rank of the primary domain is 298702.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 8th 2023. Valid for: a year.
This is the only time compass.empyreanbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    192.48.98.17 (United States)

ASN63087 (EBSI, US)
compass.empyreanbenefits.com
2    52.217.50.28 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ebsi.s3.amazonaws.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
Apex Domain
Subdomains		 Transfer
11 empyreanbenefits.com
compass.empyreanbenefits.com — Cisco Umbrella Rank: 298702
442 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3101
307 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
134 KB
2 amazonaws.com
ebsi.s3.amazonaws.com — Cisco Umbrella Rank: 585492
2 MB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3506
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
253 B
19 6
Domain Requested by
11 compass.empyreanbenefits.com compass.empyreanbenefits.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.googletagmanager.com compass.empyreanbenefits.com
www.googletagmanager.com
2 ebsi.s3.amazonaws.com compass.empyreanbenefits.com
1 www.google.co.uk compass.empyreanbenefits.com
1 stats.g.doubleclick.net www.googletagmanager.com
19 6

This site contains links to these domains. Also see Links.

Domain
goempyrean.com
Subject Issuer Validity Valid
compass.empyreanbenefits.com
Go Daddy Secure Certificate Authority - G2		 2023-06-08 -
2024-07-09		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://compass.empyreanbenefits.com/lyb
Frame ID: 15DBA8531C0F2CAE957966186B0A358D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LyondellBasell Benefits Center

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

2125 kB
Transfer

3149 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lyb
compass.empyreanbenefits.com/ 		26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/lyb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
6ac5020a0d5b01eab02df552e8e824c8d42ef5beebcd33cf69f1319b232cc14c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Length
6980
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Aug 2023 13:56:33 GMT
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Strict-Transport-Security
max-age=15552000;
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1;mode=block
cache-control
max-age=0, no-cache, no-store
ebsi-compass-request-id
283faca4-46cc-4a5d-9a99-b00279cad3ad
ebsi-compass-traceparent-header
00-b97c3bf0c59f84f7b71c016c681a5f52-4a4830b1a7f6f5f1-00
expires
-1
pragma
no-cache
x-ua-compatible
IE=edge,chrome=1
vendor-26.min.css
compass.empyreanbenefits.com/css/dist/ 		192 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/css/dist/vendor-26.min.css?v=2023.16.3
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
221a915e8111f304b7dbe0cc2edf5a1ffddc7821874ac0fe45743656424806d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/lyb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000;
Age
2309
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Connection
close
Content-Length
32346
X-XSS-Protection
1;mode=block
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
ETag
"300a5-60366b277b100-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Accept-Ranges
bytes
fonts-26.min.css
compass.empyreanbenefits.com/css/dist/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/css/dist/fonts-26.min.css?v=2023.16.3
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
2161ed47549e5a73465b42a9ae5c275472de2310a6ce65dacb236a2954a961e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/lyb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000;
Age
7169
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Connection
close
Content-Length
2789
X-XSS-Protection
1;mode=block
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
ETag
"3f0e-60366b277b100-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Accept-Ranges
bytes
modules-26.min.css
compass.empyreanbenefits.com/css/dist/ 		327 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/css/dist/modules-26.min.css?v=2023.16.3
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
c4c018f6be9c9a83e8851094281515ff678d569f65ad6b8bc6aee9c1b2ace981
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/lyb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000;
Age
31597
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Connection
close
Content-Length
52384
X-XSS-Protection
1;mode=block
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
ETag
"51d1a-60366b277b100-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Accept-Ranges
bytes
demo.css
compass.empyreanbenefits.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/css/demo.css?v=2023.16.3
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
78ed4937767946a500f1bacf547d03c17a3d39b3131cb36ab0c12ee38d189245
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/lyb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000;
Age
34292
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Connection
close
Content-Length
766
X-XSS-Protection
1;mode=block
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
ETag
"8b8-60366b277b100-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Accept-Ranges
bytes
bundle-26.min.js
compass.empyreanbenefits.com/js/ 		413 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/js/bundle-26.min.js?v=2023.16.3
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
91b8f22272b18d5aa26f1a7249c765cfd86fd07c373f756c3996b11b90a060d8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/lyb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000;
Age
1133
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Connection
close
Content-Length
132110
X-XSS-Protection
1;mode=block
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
ETag
"67350-60366b277b100-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Accept-Ranges
bytes
LYBLogoAdvancingPossible.png
ebsi.s3.amazonaws.com/lyb/lyb/logos/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ebsi.s3.amazonaws.com/lyb/lyb/logos/LYBLogoAdvancingPossible.png
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.50.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d755ab976f95308ac969922b83c8d4ba6d7cf4af73146957fd20cd099a8ef793

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:36 GMT
Last-Modified
Fri, 20 Oct 2017 17:24:57 GMT
Server
AmazonS3
x-amz-request-id
3YK975WDXFHWMD84
ETag
"3e29b63a65ac156bec4e0394625be4fe"
Content-Type
image/png
Cache-Control
max-age=3153600
Accept-Ranges
bytes
Content-Length
31576
x-amz-id-2
IfxnnR/XleVtnauCSkccE/4eQhfaSNga2kjbVGUU4weJWNJ/p6wCemmtu9JdZrj1DYxrUrJIp3E=
print-26.min.css
compass.empyreanbenefits.com/css/dist/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/css/dist/print-26.min.css?v=2023.16.3
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
7b964045d9145b8efd7e77f7eae90b4d08629d09661b4d998f6c9e1a459055ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/lyb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000;
Age
47940
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Connection
close
Content-Length
3890
X-XSS-Protection
1;mode=block
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
ETag
"42ae-60366b277b100-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WLJR24W
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c12a64724477776e2f0c0e2f114435ded2fa6f46dbfcc1eafcf7f5cd46bfec5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:56:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46812
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Aug 2023 13:56:35 GMT
login-full-image%20%28resized%29.png
ebsi.s3.amazonaws.com/lyb/lyb/assets/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ebsi.s3.amazonaws.com/lyb/lyb/assets/login-full-image%20%28resized%29.png
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.50.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
73bbfc5c807a30dd21bc0b5dc8041fa62d1934d8b5f463ca36ae7113d51593b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:36 GMT
Last-Modified
Fri, 23 Aug 2019 19:04:16 GMT
Server
AmazonS3
x-amz-request-id
3YK0ZSEVHYCNCXKQ
ETag
"50c36f2df9bf96a5d8636c937c0103f0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1551985
x-amz-id-2
d4LQvSikDH+uZgjue9x6R5z18eXKHWIVt1VP7N87q6NiOcKyWDaO72gGKnkSE8rZXHEDB1rW/8M=
montserrat-bold-webfont.woff2
compass.empyreanbenefits.com/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/fonts/montserrat-bold-webfont.woff2
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/css/dist/fonts-26.min.css?v=2023.16.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
98cf0eafc149c5a5aa00934491551b6c5cd258712a6d3d05b5f5ea1c780c7aa6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://compass.empyreanbenefits.com/css/dist/fonts-26.min.css?v=2023.16.3
Origin
https://compass.empyreanbenefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:35 GMT
Strict-Transport-Security
max-age=15552000;
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
Age
119
ETag
"93c4-60366b277b100"
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Content-Type
font/woff2
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Connection
close
Accept-Ranges
bytes
Content-Length
37828
X-XSS-Protection
1;mode=block
montserrat-regular-webfont.woff2
compass.empyreanbenefits.com/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/fonts/montserrat-regular-webfont.woff2
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/css/dist/fonts-26.min.css?v=2023.16.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
f6af6bcd33efe4e72699374f59fb5d24561d175e82256701ea06aded86ce40db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://compass.empyreanbenefits.com/css/dist/fonts-26.min.css?v=2023.16.3
Origin
https://compass.empyreanbenefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:35 GMT
Strict-Transport-Security
max-age=15552000;
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
Age
43
ETag
"909c-60366b277b100"
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Content-Type
font/woff2
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Connection
close
Accept-Ranges
bytes
Content-Length
37020
X-XSS-Protection
1;mode=block
montserrat-semibold-webfont.woff2
compass.empyreanbenefits.com/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/fonts/montserrat-semibold-webfont.woff2
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/css/dist/fonts-26.min.css?v=2023.16.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
8cd286cdf0a704816f1b1f881851ee47654123ada05c5d1d8147cdcb591e984c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://compass.empyreanbenefits.com/css/dist/fonts-26.min.css?v=2023.16.3
Origin
https://compass.empyreanbenefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:35 GMT
Strict-Transport-Security
max-age=15552000;
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
Age
119
ETag
"6400-60366b277b100"
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Content-Type
font/woff2
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Connection
close
Accept-Ranges
bytes
Content-Length
25600
X-XSS-Protection
1;mode=block
ebsi-icons.woff
compass.empyreanbenefits.com/fonts/ 		112 KB
113 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://compass.empyreanbenefits.com/fonts/ebsi-icons.woff
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/css/dist/fonts-26.min.css?v=2023.16.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.48.98.17 , United States, ASN63087 (EBSI, US),
Reverse DNS
Software
/
Resource Hash
7fea82c031485649999f7e966240e1ceeaaae831f5937da196ded2147de05a18
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://compass.empyreanbenefits.com/css/dist/fonts-26.min.css?v=2023.16.3
Origin
https://compass.empyreanbenefits.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 13:56:35 GMT
Strict-Transport-Security
max-age=15552000;
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Aug 2023 03:44:36 GMT
Age
198
ETag
"1c038-60366b277b100"
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR SAMa BUS STA"
Content-Type
font/woff
X-Cache-Detail
"cache hit" from compass.empyreanbenefits.com
Connection
close
Accept-Ranges
bytes
Content-Length
114744
X-XSS-Protection
1;mode=block
js
www.googletagmanager.com/gtag/ 		265 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1JQYQGNMSX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLJR24W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4a9a10240bc42cdd9c415c0bb117346841f5dfe7ed1e756bcec09e843e80f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:56:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90329
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 28 Aug 2023 13:56:35 GMT
collect
region1.analytics.google.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1JQYQGNMSX&gtm=45je38n0&_p=1013463706&_gaz=1&cid=2108733946.1693230995&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fsecurity%2Flogin&sid=1693230995&sct=1&seg=0&dl=https%3A%2F%2Fcompass.empyreanbenefits.com%2Flyb&dt=LyondellBasell%20Benefits%20Center&en=page_view&_fv=1&_nsi=1&_ss=1&ep.ebsi_network=lyb&ep.ebsi_client=lyb&ep.ebsi_culture=en_us&ep.ebsi_impersonating=false&up.ebsi_via_go=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JQYQGNMSX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 13:56:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://compass.empyreanbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1JQYQGNMSX&cid=2108733946.1693230995&gtm=45je38n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JQYQGNMSX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 13:56:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://compass.empyreanbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1JQYQGNMSX&cid=2108733946.1693230995&gtm=45je38n0&aip=1&z=429017520
Requested by
Host: compass.empyreanbenefits.com
URL: https://compass.empyreanbenefits.com/lyb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 13:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1JQYQGNMSX&gtm=45je38n0&_p=1013463706&cid=2108733946.1693230995&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&dp=%2Fsecurity%2Flogin&sid=1693230995&sct=1&seg=0&dl=https%3A%2F%2Fcompass.empyreanbenefits.com%2Flyb&dt=LyondellBasell%20Benefits%20Center&en=scroll&ep.ebsi_network=lyb&ep.ebsi_client=lyb&ep.ebsi_culture=en_us&ep.ebsi_impersonating=false&epn.percent_scrolled=90&_et=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JQYQGNMSX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://compass.empyreanbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 13:56:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://compass.empyreanbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| g_baseUrl string| g_baseSkinUrl object| ebsi function| matrixToArray function| cmsInit function| addOptionToSelect function| populateSelect function| populateNestedSelect function| jsonPopulateNestedSelect function| $ function| jQuery function| Popper object| bootstrap object| bootbox object| browserPrefixes function| moment object| Modernizr object| dataLayer object| $this object| $thisInput string| invalidClass object| nestedSelects object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Domain/Path Name / Value
compass.empyreanbenefits.com/ Name: symfony_frontend_lyb
Value: 0bf8a38090690444cbfbddff2874eddc
.empyreanbenefits.com/ Name: _ga
Value: GA1.1.2108733946.1693230995
.empyreanbenefits.com/ Name: _ga_1JQYQGNMSX
Value: GS1.1.1693230995.1.0.1693230995.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

compass.empyreanbenefits.com
ebsi.s3.amazonaws.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.co.uk
www.googletagmanager.com
192.48.98.17
2001:4860:4802:34::36
2a00:1450:4001:80e::2008
2a00:1450:4001:812::2003
2a00:1450:400c:c08::9d
52.217.50.28
2161ed47549e5a73465b42a9ae5c275472de2310a6ce65dacb236a2954a961e7
221a915e8111f304b7dbe0cc2edf5a1ffddc7821874ac0fe45743656424806d5
6ac5020a0d5b01eab02df552e8e824c8d42ef5beebcd33cf69f1319b232cc14c
73bbfc5c807a30dd21bc0b5dc8041fa62d1934d8b5f463ca36ae7113d51593b9
78ed4937767946a500f1bacf547d03c17a3d39b3131cb36ab0c12ee38d189245
7b964045d9145b8efd7e77f7eae90b4d08629d09661b4d998f6c9e1a459055ed
7fea82c031485649999f7e966240e1ceeaaae831f5937da196ded2147de05a18
8cd286cdf0a704816f1b1f881851ee47654123ada05c5d1d8147cdcb591e984c
91b8f22272b18d5aa26f1a7249c765cfd86fd07c373f756c3996b11b90a060d8
98cf0eafc149c5a5aa00934491551b6c5cd258712a6d3d05b5f5ea1c780c7aa6
c12a64724477776e2f0c0e2f114435ded2fa6f46dbfcc1eafcf7f5cd46bfec5f
c4c018f6be9c9a83e8851094281515ff678d569f65ad6b8bc6aee9c1b2ace981
d755ab976f95308ac969922b83c8d4ba6d7cf4af73146957fd20cd099a8ef793
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a9a10240bc42cdd9c415c0bb117346841f5dfe7ed1e756bcec09e843e80f23
f6af6bcd33efe4e72699374f59fb5d24561d175e82256701ea06aded86ce40db