employer.myameriflex.com Open in urlscan Pro
146.88.104.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ameriflex.zendesk.com/verification/email/47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc
Effective URL:
https://employer.myameriflex.com/
Submission: On September 28 via manual (September 28th 2022, 2:13:45 pm UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 146.88.104.115, located in United States and belongs to RMH-14, US. The main domain is employer.myameriflex.com. The Cisco Umbrella rank of the primary domain is 805217.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 12th 2022. Valid for: a year.

This is the only time employer.myameriflex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	146.88.104.115 146.88.104.115	33070 (RMH-14) (RMH-14)
2	99.86.240.71 99.86.240.71	16509 (AMAZON-02) (AMAZON-02)
2	13.32.110.7 13.32.110.7	16509 (AMAZON-02) (AMAZON-02)
2	18.66.15.82 18.66.15.82	16509 (AMAZON-02) (AMAZON-02)
25	4

1 104.16.51.111 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ameriflex.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 146.88.104.115 (United States)

ASN33070 (RMH-14, US)

employer.myameriflex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
producer-api.ameriflexbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.240.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-71.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-7.vie50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.15.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-82.vie50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	myameriflex.com employer.myameriflex.com — Cisco Umbrella Rank: 805217	7 MB
6	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 595 script.hotjar.com — Cisco Umbrella Rank: 767 vars.hotjar.com — Cisco Umbrella Rank: 889	138 KB
1	ameriflexbenefits.com producer-api.ameriflexbenefits.com — Cisco Umbrella Rank: 652001	193 B
1	zendesk.com 1 redirects ameriflex.zendesk.com	2 KB
25	4

	Domain	Requested by
18	employer.myameriflex.com	employer.myameriflex.com
2	vars.hotjar.com	static.hotjar.com
2	script.hotjar.com	static.hotjar.com
2	static.hotjar.com	employer.myameriflex.com
1	producer-api.ameriflexbenefits.com	employer.myameriflex.com
1	ameriflex.zendesk.com	1 redirects
25	6

This site contains links to these domains. Also see Links.

Domain
www.epopdocs.com
cobra.myameriflex.com

Subject Issuer	Validity	Valid
*.myameriflex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-12` - `2023-04-25`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.ameriflexbenefits.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-10` - `2023-01-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://employer.myameriflex.com/
Frame ID: C685B20AB3DA628C2066BB159C1103D6
Requests: 23 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 27BB3162E8C29FAE8BDCCD7F86C265B1
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 20476A85B998E7A8BD74AE238D617DF1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ameriflex

Page URL History Show full URLs

https://ameriflex.zendesk.com/verification/email/47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc HTTP 302
https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk... Page URL
https://employer.myameriflex.com/ Page URL

Detected technologies

Zendesk (CMS) Expand

Overall confidence: 100%
Detected patterns

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

7127 kB
Transfer

14105 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.epopdocs.com/
Title: ePOP+

Search URL Search Domain Scan URL

URL: https://cobra.myameriflex.com/
Title: COBRAPoint

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ameriflex.zendesk.com/verification/email/47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc HTTP 302
https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413 Page URL
https://employer.myameriflex.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ameriflex.zendesk.com/verification/email/47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc HTTP 302
https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
employer.myameriflex.com/
Redirect Chain

https://ameriflex.zendesk.com/verification/email/47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc
https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413

1 KB
1 KB

493ms
143ms

Document
text/html

146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

17e21219ed51386b8379704e32dcec52c5cd75292ccd5f295dc3f08bb49c9b70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 1191
content-type: text/html
date: Wed, 28 Sep 2022 14:13:33 GMT
etag: "d7d3c6dcd6d2d81:0"
last-modified: Wed, 28 Sep 2022 01:08:47 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 751d14916c109280-FRA
content-length: 283
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 14:13:33 GMT
location: https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413#/zendesk/sso
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beppto23VkiRXTmenlJ%2BMQFdVXCqBkV6K7xf9cndUqLXVxVZukDVODeEUPG6RtLeyLS1NZxFV3AIggsPqT%2FddRhEWUg2yPK46zR%2BzKRcASiiSK%2BXgGHb8qkGcLwrZCZVBWqeK7zM1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
x-request-id: 58cb5db27c05dd83414c0863c9d2ede8 58cb5db27c05dd83414c0863c9d2ede8
x-runtime: 0.120665
x-zendesk-origin-server: classic-app-server-6444bf9f65-4kt9f
x-zendesk-zorg: yes

GET
H2 200 app.f20b4f0e3906e6726b85560a60b504d8.css
employer.myameriflex.com/static/css/ 395 KB
62 KB 142ms
141ms Stylesheet
text/css 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/css/app.f20b4f0e3906e6726b85560a60b504d8.css

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cf778b9d537d5a2912ee7d46b63b6419b7f27a8960261e170957eac708ca6c67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:33 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 18:41:44 GMT
server: Microsoft-IIS/10.0
etag: "0646acaa0d2d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 62922

GET
H2 200 manifest.40ddcf24de16677d8e32.js Show response
employer.myameriflex.com/static/js/ 1 KB
1 KB 425ms
424ms Script
application/javascript 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/js/manifest.40ddcf24de16677d8e32.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d6d429bd10c174e0509531b4514f1288fdb84e2ae64b44968c14153855e37237

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:33 GMT
last-modified: Tue, 27 Sep 2022 18:41:44 GMT
server: Microsoft-IIS/10.0
etag: "0646acaa0d2d81:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 1460

GET
H2 200 vendor.8f931b72f26c870c47a9.js Show response
employer.myameriflex.com/static/js/ 1 MB
449 KB 565ms
564ms Script
application/javascript 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/js/vendor.8f931b72f26c870c47a9.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cf0c0f2daa690cde33af743cd2b2f23dea22e023a7000574110afc106fb7bed8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:33 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 18:41:44 GMT
server: Microsoft-IIS/10.0
etag: "0646acaa0d2d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 459364

GET
H2 200 app.5e4f5935d3c986455312.js Show response
employer.myameriflex.com/static/js/ 2 MB
358 KB 425ms
424ms Script
application/javascript 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/js/app.5e4f5935d3c986455312.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

516a7d63ec9b077bc39f84ef39264e31401c5a3fd42ac6a03c97851fd27cfb39

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:33 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 01:08:47 GMT
server: Microsoft-IIS/10.0
etag: "80f966dcd6d2d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 366587

GET
H2 200 hotjar-1628963.js Show response
static.hotjar.com/c/ 4 KB
3 KB 250ms
78ms Script
application/javascript 99.86.240.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1628963.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-71.vie50.r.cloudfront.net

Software

Resource Hash

0474de373bbf79518b31f0fe187fa1e904e3fc52d803344d5d769bb7feb91dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 a243c19b86829b9271d382d92416109c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/7435975fd7516c11f6e4334f0878e9bf
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: hgUmW3zf9ycYsFzz_eETlpj1XhuAAVBMeNWeghEUmsM-_nlZc7J3mQ==

GET
H2 200 modules.cf44a0a6b448df1b035e.js Show response
script.hotjar.com/ 254 KB
65 KB 115ms
36ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cf44a0a6b448df1b035e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1628963.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-7.vie50.r.cloudfront.net

Software

Resource Hash

78d8ab2b9baadd2598db1f3035673d66f361b5111238ce78b80deedc0508efb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 9388
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66148
last-modified: Wed, 28 Sep 2022 11:36:53 GMT
etag: "5f131c93ccff63ccc86d0067d0eebf99"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: BNzQb3MmHAHPSKu3hTHIOfzb1EGE2vTLXpQzTAALwGaorfk0phVEaw==

GET
H2 200 app-config.json Show response
employer.myameriflex.com/ 67 B
158 B 142ms
142ms XHR
application/json 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/app-config.json?t=1664374414969

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/static/js/vendor.8f931b72f26c870c47a9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

98c6308a5aa19ece5eb46d046a7a8a672d8e52585966941fb9ba51426350584b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:34 GMT
last-modified: Wed, 28 Sep 2022 01:08:47 GMT
server: Microsoft-IIS/10.0
etag: "2370c7dcd6d2d81:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 67

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 27BB 2 KB
1 KB 112ms
34ms Document
text/html 18.66.15.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1628963.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-82.vie50.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://employer.myameriflex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1832188
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
x-amz-cf-id: jJpbAemohCZsbSOQDmYD8Z13TV5R5OBK0lUtv3gUt2blevGVBbqN0w==
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 app-config.json
employer.myameriflex.com/ 67 B
104 B 141ms
141ms XHR
application/json 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/app-config.json?t=1664374415116

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/static/js/vendor.8f931b72f26c870c47a9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:34 GMT
last-modified: Wed, 28 Sep 2022 01:08:47 GMT
server: Microsoft-IIS/10.0
etag: "2370c7dcd6d2d81:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 67

GET
H2 200 Primary Request / Show response
employer.myameriflex.com/ 1 KB
1 KB 142ms
142ms Document
text/html 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/static/js/app.5e4f5935d3c986455312.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

17e21219ed51386b8379704e32dcec52c5cd75292ccd5f295dc3f08bb49c9b70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://employer.myameriflex.com/?brand_id=360002158153&locale_id=1&return_to=https%3A%2F%2Fameriflex.zendesk.com%2Fverification%2Femail%2F47g1WCtPCZM2fCw8icYH9GSXVI6Wq5nc&timestamp=1664374413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 1191
content-type: text/html
date: Wed, 28 Sep 2022 14:13:34 GMT
etag: "d7d3c6dcd6d2d81:0"
last-modified: Wed, 28 Sep 2022 01:08:47 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

GET
H2 200 app.f20b4f0e3906e6726b85560a60b504d8.css
employer.myameriflex.com/static/css/ 395 KB
62 KB 145ms
144ms Stylesheet
text/css 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/css/app.f20b4f0e3906e6726b85560a60b504d8.css

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cf778b9d537d5a2912ee7d46b63b6419b7f27a8960261e170957eac708ca6c67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:35 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 18:41:44 GMT
server: Microsoft-IIS/10.0
etag: "0646acaa0d2d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 62922

GET
H2 200 manifest.40ddcf24de16677d8e32.js Show response
employer.myameriflex.com/static/js/ 1 KB
1 KB 150ms
149ms Script
application/javascript 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/js/manifest.40ddcf24de16677d8e32.js

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d6d429bd10c174e0509531b4514f1288fdb84e2ae64b44968c14153855e37237

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:35 GMT
last-modified: Tue, 27 Sep 2022 18:41:44 GMT
server: Microsoft-IIS/10.0
etag: "0646acaa0d2d81:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 1460

GET
H2 200 vendor.8f931b72f26c870c47a9.js Show response
employer.myameriflex.com/static/js/ 1 MB
449 KB 299ms
298ms Script
application/javascript 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/js/vendor.8f931b72f26c870c47a9.js

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cf0c0f2daa690cde33af743cd2b2f23dea22e023a7000574110afc106fb7bed8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:35 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 18:41:44 GMT
server: Microsoft-IIS/10.0
etag: "0646acaa0d2d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 459364

GET
H2 200 app.5e4f5935d3c986455312.js Show response
employer.myameriflex.com/static/js/ 2 MB
358 KB 151ms
151ms Script
application/javascript 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/js/app.5e4f5935d3c986455312.js

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

516a7d63ec9b077bc39f84ef39264e31401c5a3fd42ac6a03c97851fd27cfb39

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:35 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 01:08:47 GMT
server: Microsoft-IIS/10.0
etag: "80f966dcd6d2d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 366587

GET
H2 200 hotjar-1628963.js Show response
static.hotjar.com/c/ 4 KB
3 KB 69ms
68ms Script
application/javascript 99.86.240.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1628963.js?sv=6

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-71.vie50.r.cloudfront.net

Software

Resource Hash

0474de373bbf79518b31f0fe187fa1e904e3fc52d803344d5d769bb7feb91dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 a243c19b86829b9271d382d92416109c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/7435975fd7516c11f6e4334f0878e9bf
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: m_pHp_OAjVqNwP6cbsKnwNAhWQKyn-zPiW0HOQrxTxNCnqNginthdw==

GET
H2 200 modules.cf44a0a6b448df1b035e.js Show response
script.hotjar.com/ 254 KB
65 KB 46ms
45ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cf44a0a6b448df1b035e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1628963.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-7.vie50.r.cloudfront.net

Software

Resource Hash

78d8ab2b9baadd2598db1f3035673d66f361b5111238ce78b80deedc0508efb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 9389
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66148
last-modified: Wed, 28 Sep 2022 11:36:53 GMT
etag: "5f131c93ccff63ccc86d0067d0eebf99"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: uCCOf-Egq_DhvLeD7-FazriBFED5-QwzZ5BYFgpmV2CGBxaZ95n3Zw==

GET
H2 200 app-config.json Show response
employer.myameriflex.com/ 67 B
127 B 142ms
141ms XHR
application/json 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/app-config.json?t=1664374416849

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/static/js/vendor.8f931b72f26c870c47a9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

98c6308a5aa19ece5eb46d046a7a8a672d8e52585966941fb9ba51426350584b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://employer.myameriflex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:36 GMT
last-modified: Wed, 28 Sep 2022 01:08:47 GMT
server: Microsoft-IIS/10.0
etag: "2370c7dcd6d2d81:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 67

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 2047 2 KB
1 KB 32ms
32ms Document
text/html 18.66.15.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1628963.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-82.vie50.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://employer.myameriflex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1832189
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
x-amz-cf-id: NltUyXl544JIiIcHAr10h9jK07yhtBO47MAvuHKCkbfCZ2yVvQkoyQ==
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 app-config.json Show response
employer.myameriflex.com/ 67 B
104 B 141ms
141ms XHR
application/json 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/app-config.json?t=1664374416992

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/static/js/vendor.8f931b72f26c870c47a9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

98c6308a5aa19ece5eb46d046a7a8a672d8e52585966941fb9ba51426350584b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://employer.myameriflex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:36 GMT
last-modified: Wed, 28 Sep 2022 01:08:47 GMT
server: Microsoft-IIS/10.0
etag: "2370c7dcd6d2d81:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 67

GET
H2 200 announcement Show response
producer-api.ameriflexbenefits.com/ 2 B
193 B 788ms
143ms XHR
application/json 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://producer-api.ameriflexbenefits.com/announcement?clientName=spa

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/static/js/vendor.8f931b72f26c870c47a9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://employer.myameriflex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:37 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://employer.myameriflex.com
access-control-allow-credentials: true
content-length: 2

GET
H2 200 infinite-logo-white.7946ff0.svg
employer.myameriflex.com/static/img/ 6 MB
4 MB 993ms
992ms Image
image/svg+xml 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://employer.myameriflex.com/static/img/infinite-logo-white.7946ff0.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

90190604592ae0b7e70d5cf050ef73784a8e94ee5cebf5ca241289cc1fc849e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:36 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 18:41:44 GMT
server: Microsoft-IIS/10.0
etag: "0646acaa0d2d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4369966

GET
H2 200 background-forest-blue.a4d72c2.jpg
employer.myameriflex.com/static/img/ 930 KB
931 KB 143ms
143ms Image
image/jpeg 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://employer.myameriflex.com/static/img/background-forest-blue.a4d72c2.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8c49cfe6e6a41a1941a29b773e7f3766af4ac77f8d125d2b1c32aa2de1ec1f58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employer.myameriflex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:36 GMT
last-modified: Tue, 27 Sep 2022 18:41:44 GMT
server: Microsoft-IIS/10.0
etag: "0646acaa0d2d81:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 952547

GET
H2 200 DMSerifDisplay-Regular.075d532.woff2
employer.myameriflex.com/static/fonts/ 30 KB
30 KB 2558ms
2557ms Font
application/font-woff2 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/fonts/DMSerifDisplay-Regular.075d532.woff2

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/static/css/app.f20b4f0e3906e6726b85560a60b504d8.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6deaa331a510ba35f85cd8f8450135cea3e93e9877273a275f5e8cf97bdde1dc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://employer.myameriflex.com/static/css/app.f20b4f0e3906e6726b85560a60b504d8.css
Origin: https://employer.myameriflex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:36 GMT
last-modified: Tue, 27 Sep 2022 18:41:44 GMT
server: Microsoft-IIS/10.0
etag: "0646acaa0d2d81:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
accept-ranges: bytes
content-length: 30720

GET
H2 200 OpenSans-Regular.33543c5.woff2
employer.myameriflex.com/static/fonts/ 14 KB
14 KB 3691ms
3691ms Font
application/font-woff2 146.88.104.115
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://employer.myameriflex.com/static/fonts/OpenSans-Regular.33543c5.woff2

Requested by

Host: employer.myameriflex.com
URL: https://employer.myameriflex.com/static/css/app.f20b4f0e3906e6726b85560a60b504d8.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.88.104.115 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://employer.myameriflex.com/static/css/app.f20b4f0e3906e6726b85560a60b504d8.css
Origin: https://employer.myameriflex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:13:36 GMT
last-modified: Tue, 27 Sep 2022 18:41:42 GMT
server: Microsoft-IIS/10.0
etag: "03739c9a0d2d81:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
accept-ranges: bytes
content-length: 14380

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ameriflex.zendesk.com/	1969-12-31 23:59:59	Name: _zendesk_shared_session Value: -RGNUUGZVSDJMTXhaNEhualZjbXQ0UlROYzBGbThZc29sT1grNFFxNXpxanJJbmJ1dXE2OUJ4cktrOXdzVmxqYnRUbG10Zmh0ck5FcU5ScUlaRlB1b0hiU2NIYXRpNU9VUGk0c0E3cEMyd0x0VjhnTUJCbTcvaXc5M01XNkZaWVZuZjV6MGpCSDd6M0Z5Ri9hNXVBMEhnPT0tLXo0djRoVXplRGZwRWdxVTlSMy9qR3c9PQ%3D%3D--97b001db6378d8769ebb7d6b495aed1e100482ac
ameriflex.zendesk.com/	1969-12-31 23:59:59	Name: _zendesk_session Value: UTFtZXB2U2pDWXVhMmtCSjBZMUpGZmo2b0VpYTI5ZGxWZ3FNNzN3YjNQK2ZYNG1rUnk4cjA4SFRZOWxOK1JEejdTNTg3U3E4WXQ4dWRRK2p6bTg0K1VKRDNpRXQ0TXRVeTN5U0VaOGdwY01UdDVVNU9NdDNXVGdHdmJEcjRPbmh2TUsrcWt5QVRKWnNZK1pQeU9FNWVqUUtab3lHQzJUVEhLaVNkNmNMOG1XUXVEbC9aeFRrZytHaElWeWZnVWVUVmRQbGovemdsY1R0TzRPc0RlL21IWDJFZHEzQVlGRFp2aVlpV2VEQ0h1VUFKaEdzRGRqSWQwZ3VjTHRXVHhsNG9JSUVMdUcvTGtYblN6RzRyL1pPNUlOd1RwMzYyanNLQTV5S3BzcUVkRlU9LS1DeVVUUDN5L1lSMjNYWWUvcFREK1JBPT0%3D--56dd2421a5c406eea32ccf452c595724310294bd
.ameriflex.zendesk.com/	1969-12-31 23:59:59	Name: __cfruid Value: 09e5584dbb360634dcd920daa96836574502ff48-1664374413
.myameriflex.com/	1970-01-20 06:19:36	Name: _hjFirstSeen Value: 1
employer.myameriflex.com/	1970-01-20 06:19:34	Name: _hjIncludedInSessionSample Value: 0
.myameriflex.com/	1970-01-20 06:19:36	Name: _hjSession_1628963 Value: eyJpZCI6IjJmODdhZjI0LWYyZTEtNGJhZC04ODlhLWUwY2MwODVmMmJhNSIsImNyZWF0ZWQiOjE2NjQzNzQ0MTUxNzQsImluU2FtcGxlIjpmYWxzZX0=
.myameriflex.com/	1970-01-20 06:19:36	Name: _hjAbsoluteSessionInProgress Value: 0
.myameriflex.com/	1970-01-20 15:05:10	Name: _hjSessionUser_1628963 Value: eyJpZCI6IjY3OGE3MWEyLWNmMjEtNThmZC05NWEyLWQyZTA4Mjg3MDk0MSIsImNyZWF0ZWQiOjE2NjQzNzQ0MTQzMzcsImV4aXN0aW5nIjp0cnVlfQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ameriflex.zendesk.com
employer.myameriflex.com
producer-api.ameriflexbenefits.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
104.16.51.111
13.32.110.7
146.88.104.115
18.66.15.82
99.86.240.71
0474de373bbf79518b31f0fe187fa1e904e3fc52d803344d5d769bb7feb91dd9
17e21219ed51386b8379704e32dcec52c5cd75292ccd5f295dc3f08bb49c9b70
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516a7d63ec9b077bc39f84ef39264e31401c5a3fd42ac6a03c97851fd27cfb39
6deaa331a510ba35f85cd8f8450135cea3e93e9877273a275f5e8cf97bdde1dc
78d8ab2b9baadd2598db1f3035673d66f361b5111238ce78b80deedc0508efb3
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8c49cfe6e6a41a1941a29b773e7f3766af4ac77f8d125d2b1c32aa2de1ec1f58
90190604592ae0b7e70d5cf050ef73784a8e94ee5cebf5ca241289cc1fc849e6
98c6308a5aa19ece5eb46d046a7a8a672d8e52585966941fb9ba51426350584b
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
cf0c0f2daa690cde33af743cd2b2f23dea22e023a7000574110afc106fb7bed8
cf778b9d537d5a2912ee7d46b63b6419b7f27a8960261e170957eac708ca6c67
d6d429bd10c174e0509531b4514f1288fdb84e2ae64b44968c14153855e37237

employer.myameriflex.com Open in urlscan Pro 146.88.104.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

4 IPs

2 Countries

7127 kBTransfer

14105 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

8 Cookies

Security Headers

Indicators

employer.myameriflex.com Open in urlscan Pro
146.88.104.115 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

7127 kB
Transfer

14105 kB
Size

8
Cookies

25 HTTP transactions
0 data transactions