benefit.otisproductions.co
104.21.64.1  Public Scan Open in urlscan Pro

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response benefit.otisproductions.co/b/tpl1/1/	2 KB 2 KB	612ms 541ms	Document text/html	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://benefit.otisproductions.co/b/tpl1/1/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e07eb78c712e71dbab46f636817a70c6c75cf9bb5e9088c12ae176f792e908e7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 946956354854fcfa-SIN content-encoding zstd content-type text/html date Tue, 27 May 2025 23:36:51 GMT last-modified Wed, 30 Apr 2025 15:39:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdURtThQOdRG3pDkLq4M1mdvBz63%2FLmw2t64mz7CkUT2X72IMeh83Vzc9gwCBt1yfa6%2BAVUCAKhrhHpfmx27EiI04fV945%2BYIc0Fph%2FwyThddkagnxm5FqLEe%2BoB6vC%2BacK7dSCgy5vPTTTnjg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=66770&min_rtt=66578&rtt_var=8154&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3710&recv_bytes=3342&delivery_rate=42868&cwnd=12000&unsent_bytes=0&cid=b4dabad9f794db35&ts=545&x=80" vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	699ms 311ms	Stylesheet text/css	142.250.196.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cabin:400,700,900|Poppins:300,400,700&display=swap Requested by Host: benefit.otisproductions.co URL: https://benefit.otisproductions.co/b/tpl1/1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.196.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s35-in-f10.1e100.net Software ESF / Resource Hash 8c3a8cde89df3f10e8b5ab4407506ec6c091c7345b34aae5aeec42575e366de2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/ Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 27 May 2025 23:36:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 27 May 2025 23:36:51 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Tue, 27 May 2025 23:36:51 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	bundle.4994f3d26b630fd52c8a.css benefit.otisproductions.co/b/tpl1/1/	13 KB 3 KB	277ms 276ms	Stylesheet text/css	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://benefit.otisproductions.co/b/tpl1/1/bundle.4994f3d26b630fd52c8a.css?t=1746027569125 Requested by Host: benefit.otisproductions.co URL: https://benefit.otisproductions.co/b/tpl1/1/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38d00728cfe22c60dc0eb51563fa8f7ca7d7c6768ac9731e8987de88749d1abe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/b/tpl1/1/ Response headers content-encoding gzip cf-cache-status HIT etag W/"68124442-35ac" age 1108540 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4V3in%2B94nP4GgtL7koRRnFgXm8IIhG6PShJhBoD9BxHYDOT6yB%2BafX0pE%2BuwXwhDDn3TMBNcaw8bi12Drf3v4GROj65gcfzywr%2BtrFmZUBbfrmni1SoaFezUg9p8Ta%2B3htUWIGWDGR64f%2Brb1A%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 15 May 2026 03:41:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=66762&min_rtt=66578&rtt_var=6132&sent=27&recv=15&lost=0&retrans=0&sent_bytes=17676&recv_bytes=4387&delivery_rate=42868&cwnd=12000&unsent_bytes=0&cid=b4dabad9f794db35&ts=635&x=80" date Tue, 27 May 2025 23:36:51 GMT content-type text/css last-modified Wed, 30 Apr 2025 15:39:46 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 94695638b8c0fcfa-SIN server cloudflare
GET H3	200	1.518a2062.chunk.js Show response benefit.otisproductions.co/b/tpl1/1/js/	237 KB 85 KB	235ms 235ms	Script application/javascript	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://benefit.otisproductions.co/b/tpl1/1/js/1.518a2062.chunk.js Requested by Host: benefit.otisproductions.co URL: https://benefit.otisproductions.co/b/tpl1/1/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08775b2ca5038656e2e49af725036546c55993e7d1bb2519009844d5a8f3f251 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/b/tpl1/1/ Response headers content-encoding zstd cf-cache-status HIT etag W/"68124442-3b295" age 197688 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQXXd53wAH3KXZO2slD8UjuKH%2F7Oo6JkugBtvAJdG5gfEImqwz%2BPwEvXU2ovhpeIdBwmYkDeyA5eYJBYMREzC7oHKcTXYEzouatwwmiyjQ9KLLv7P5oYaQsPXFgTo%2FG2lV0UrlMvRkvIu6nTxA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 25 May 2026 16:42:03 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=66762&min_rtt=66578&rtt_var=6132&sent=27&recv=15&lost=0&retrans=0&sent_bytes=17676&recv_bytes=4387&delivery_rate=42868&cwnd=12000&unsent_bytes=0&cid=b4dabad9f794db35&ts=633&x=80" date Tue, 27 May 2025 23:36:51 GMT content-type application/javascript last-modified Wed, 30 Apr 2025 15:39:46 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 94695638b8c1fcfa-SIN server cloudflare
GET H3	200	app.c065b318.js Show response benefit.otisproductions.co/b/tpl1/1/js/	366 KB 80 KB	76ms 75ms	Script application/javascript	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://benefit.otisproductions.co/b/tpl1/1/js/app.c065b318.js Requested by Host: benefit.otisproductions.co URL: https://benefit.otisproductions.co/b/tpl1/1/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 371aefdcd5362af979742698c7335224193f12933ce7d7c61ae5b8ce351ac526 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/b/tpl1/1/ Response headers content-encoding zstd cf-cache-status HIT etag W/"68124442-5b673" age 197688 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I43WNO7BWshMwosaxZ9XDvwWOuJyO9gst8qpqbeCq067fYrMfUawch%2FaGZQQUXw546Wb9XbWl6CA%2FdHBQI7njr4RTVoHEAI%2FiJnYjT49bOJCO%2BUyct8i85QYEVtwFsh7%2B%2F%2FnMFaaIJnPvUKFog%3D%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 25 May 2026 16:42:03 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=66762&min_rtt=66578&rtt_var=6132&sent=16&recv=15&lost=0&retrans=0&sent_bytes=5676&recv_bytes=4387&delivery_rate=42868&cwnd=12000&unsent_bytes=0&cid=b4dabad9f794db35&ts=630&x=80" date Tue, 27 May 2025 23:36:51 GMT content-type application/javascript last-modified Wed, 30 Apr 2025 15:39:46 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 94695638b8c2fcfa-SIN server cloudflare
GET H3	200	l8emw37gkr Show response trk-architecto.com/scripts/push/script/	8 KB 4 KB	172ms 86ms	Script application/javascript	104.21.112.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk-architecto.com/scripts/push/script/l8emw37gkr?url=benefit.otisproductions.co Requested by Host: benefit.otisproductions.co URL: https://benefit.otisproductions.co/b/tpl1/1/js/app.c065b318.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5bdb042c742e945f9e78011e6db4acc6508e3633ff210e2984fd399575ddbde Security Headers Name Value Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com https://oaidalleapiprodscus.blob.core.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data: X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/ Response headers content-encoding gzip cf-cache-status HIT age 23080 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtSFvscoKw8rfwqAXi40yc%2FeTljYCl1BQpzC1fS7a0RuB%2BkP4qxw11wgUzUMkmrfee7EWdRyTZZd9yQy2FZWMv6amQfZJozntzNgTMWGteZkpbsdTSuoMlQFGiFNKCq1FbrzS8Q%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires 0 alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=66508&min_rtt=66494&rtt_var=24964&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3626&recv_bytes=3102&delivery_rate=42486&cwnd=12000&unsent_bytes=0&cid=d604c88dc275f36d&ts=91&x=80" date Tue, 27 May 2025 23:36:52 GMT content-type application/javascript;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers last-modified Tue, 27 May 2025 17:12:12 GMT x-frame-options SAMEORIGIN content-security-policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com https://oaidalleapiprodscus.blob.core.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data: cache-control max-age=14400, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache referrer-policy strict-origin-when-cross-origin cf-ray 9469563e68f84060-SIN permissions-policy camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() accept-ranges bytes content-length 2520 x-xss-protection 1; mode=block server cloudflare
GET H2	200	summary Show response beacon.otisproductions.co/geo/	124 B 575 B	1134ms 560ms	XHR application/json	45.55.126.207 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://beacon.otisproductions.co/geo/summary Requested by Host: benefit.otisproductions.co URL: https://benefit.otisproductions.co/b/tpl1/1/js/1.518a2062.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Kestrel / Resource Hash 48f91b921d36b3449cf457ed34cb14f033cc342ccdd1d60ead0ceac26bcc76df Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://benefit.otisproductions.co/ Response headers strict-transport-security max-age=2592000 content-encoding gzip access-control-allow-credentials false access-control-allow-methods GET, POST, OPTIONS, PATCH, HEAD access-control-allow-origin * date Tue, 27 May 2025 23:36:52 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server Kestrel access-control-allow-headers Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
GET H2	200	f827f008-7c88-4b6a-9a9b-8ca3411d8d09 Show response beacon.otisproductions.co/c/	1 MB 836 KB	1171ms 596ms	XHR text/plain	45.55.126.207 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://beacon.otisproductions.co/c/f827f008-7c88-4b6a-9a9b-8ca3411d8d09?filter=low_income Requested by Host: benefit.otisproductions.co URL: https://benefit.otisproductions.co/b/tpl1/1/js/1.518a2062.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Kestrel / Resource Hash c4945a3ff92b4034743bb3a3378590ac955b10890ccc8fe65ae5700e91c3e815 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://benefit.otisproductions.co/ Response headers strict-transport-security max-age=2592000 content-encoding gzip access-control-allow-credentials false access-control-allow-methods GET, POST, OPTIONS, PATCH, HEAD access-control-allow-origin * date Tue, 27 May 2025 23:36:52 GMT content-type text/plain; charset=utf-8 vary Accept-Encoding server Kestrel access-control-allow-headers Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
GET H3	200	u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 fonts.gstatic.com/s/cabin/v27/	27 KB 27 KB	321ms 141ms	Font font/woff2	172.217.175.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:400,700,900|Poppins:300,400,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s21-in-f3.1e100.net Software sffe / Resource Hash dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Origin https://benefit.otisproductions.co Referer https://fonts.googleapis.com/ Response headers age 62285 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 27 May 2026 06:18:47 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 27 May 2025 06:18:47 GMT last-modified Wed, 13 Sep 2023 22:14:58 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 28076 x-xss-protection 0 server sffe
GET H3	200	favicon-32x32.png benefit.otisproductions.co/b/tpl1/1/public/op/favicon/	901 B 2 KB	558ms 558ms	Other image/png	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://benefit.otisproductions.co/b/tpl1/1/public/op/favicon/favicon-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d13e93e411bcbb58360c6e225b2e1bc01f9d8ae43e1d09c22aeaa1750ab7ed78 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/b/tpl1/1/?ld=1&session_id=a8efcd5e-eee9-4509-a572-735a7492f993 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "68124442-385" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HY4CG%2BhNDJGlQzNJrpO%2BbMC4HBDr%2B2BBZSvTvqzQljZL4w%2FGgw9xp%2FGTXSR7wI6BbTiIe5cI%2FOLvR1kkytkjAEHAkJHemgn2sOuzOe9zHqnLnqas1B7hV5Cc6xcI8EQeU%2BL6eAov7CXvYPXb2g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 946956406a1efcfa-SIN accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=67064&min_rtt=66518&rtt_var=353&sent=172&recv=75&lost=0&retrans=0&sent_bytes=182053&recv_bytes=7815&delivery_rate=1105014&cwnd=94800&unsent_bytes=0&cid=b4dabad9f794db35&ts=2348&x=80" content-length 901 date Tue, 27 May 2025 23:36:53 GMT content-type image/png last-modified Wed, 30 Apr 2025 15:39:46 GMT server cloudflare vary Accept-Encoding
OPTIONS H3	200	l4ev951vd1 event.trk-architecto.com/register/event_log/	0 0	1155ms 1072ms	Preflight	104.21.32.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://event.trk-architecto.com/register/event_log/l4ev951vd1 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com https://oaidalleapiprodscus.blob.core.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data: X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://benefit.otisproductions.co Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params access-control-max-age 1800 alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 946956412c494027-SIN content-length 0 content-security-policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com https://oaidalleapiprodscus.blob.core.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data: date Tue, 27 May 2025 23:36:53 GMT expires 0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MnBk7zdAB%2Fia1Nu0BE127uqFv7wGAUBoRRhxUPtlLwCxQhnSZSSN8SiWgjAoxSfuJRzgdMWyX94ekR1MD7AjmSUJZFD8ggKPSk0VRYyvO4XdvAuEZXIj4rvUO32%2BjfVCCszdeA5qepXZUzU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=66602&min_rtt=66517&rtt_var=7995&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3710&recv_bytes=3302&delivery_rate=42918&cwnd=12000&unsent_bytes=0&cid=282041651dd08aa0&ts=1076&x=80" vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
POST H3	200	l4ev951vd1 event.trk-architecto.com/register/event_log/	0 0	327ms 327ms	Fetch	104.21.32.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://event.trk-architecto.com/register/event_log/l4ev951vd1 Requested by Host: trk-architecto.com URL: https://trk-architecto.com/scripts/push/script/l8emw37gkr?url=benefit.otisproductions.co Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com https://oaidalleapiprodscus.blob.core.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data: X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-type application/json Referer https://benefit.otisproductions.co/ Response headers access-control-expose-headers Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params x-pushplatformapp-alert pushPlatformApp.pushSubscription.deleted cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WpKkU%2F3L6eoXhWbI7eyXj48l45qiSx%2B6ttOWu4MgGvMx0HwkINJ2SsU52f%2BGcgQ5SnLiaNtb2AaIOX2DjJZLqq9yc5cXlMRgtnP5buGsklishK%2Fhvz%2Bvb7qHN%2FuaETcvBvxU%2B72pPtBfC%2Bs%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires 0 alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=66604&min_rtt=66517&rtt_var=5999&sent=14&recv=14&lost=0&retrans=0&sent_bytes=5012&recv_bytes=3892&delivery_rate=42918&cwnd=12000&unsent_bytes=0&cid=282041651dd08aa0&ts=1403&x=80" date Tue, 27 May 2025 23:36:53 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options SAMEORIGIN content-security-policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com https://oaidalleapiprodscus.blob.core.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data: cache-control no-cache, no-store, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache referrer-policy strict-origin-when-cross-origin cf-ray 94695647dc714027-SIN permissions-policy camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() x-pushplatformapp-params access-control-allow-origin * content-length 0 x-xss-protection 1; mode=block server cloudflare
GET H3	200	favicon-16x16.png benefit.otisproductions.co/b/tpl1/1/public/op/favicon/	412 B 1 KB	537ms 537ms	Other image/png	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://benefit.otisproductions.co/b/tpl1/1/public/op/favicon/favicon-16x16.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ec17ecb64bd511ff4955dbab8849ea3d00068fb3bd1cde2d12b7f7cb7d8a9b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/b/tpl1/1/?ld=1&session_id=a8efcd5e-eee9-4509-a572-735a7492f993 Response headers cf-cache-status MISS etag "68124442-19c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8WdDFo6yqUD8DF5W%2BdHBADJKFQeBYL%2F9RwbvJWz7wKa1t1N%2FujAnL8ZBVa9neAzmVqD2HQ%2FRV3vPisuIRO1HLlC2LHQGKeaUlsxe73G04iofgTq%2FLvDtvl7dHJEmfNhAZEZpUwnFGG0tIWMBhg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Wed, 27 May 2026 23:36:53 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=67007&min_rtt=66518&rtt_var=380&sent=175&recv=76&lost=0&retrans=0&sent_bytes=183663&recv_bytes=8250&delivery_rate=1105014&cwnd=94800&unsent_bytes=0&cid=b4dabad9f794db35&ts=2887&x=80" date Tue, 27 May 2025 23:36:53 GMT content-type image/png last-modified Wed, 30 Apr 2025 15:39:46 GMT vary Accept-Encoding cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 94695643ea93fcfa-SIN accept-ranges bytes content-length 412 server cloudflare
GET DATA	200 OK	truncated /	380 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 59cac1a37612eb643f9cbf618e604e946b9c66c27bad01a31ade8c93e896f303 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	d617e43a-5d64-4ba6-90ff-a4287ef04ca8 Show response beacon.otisproductions.co/t/	3 KB 2 KB	290ms 290ms	XHR text/plain	45.55.126.207 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://beacon.otisproductions.co/t/d617e43a-5d64-4ba6-90ff-a4287ef04ca8 Requested by Host: benefit.otisproductions.co URL: https://benefit.otisproductions.co/b/tpl1/1/js/1.518a2062.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Kestrel / Resource Hash cef4abcec68a3ec6900f23284f13e8e6cf68a73ec76521329a020b8fae796513 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://benefit.otisproductions.co/ Response headers strict-transport-security max-age=2592000 content-encoding gzip access-control-allow-credentials false access-control-allow-methods GET, POST, OPTIONS, PATCH, HEAD access-control-allow-origin * date Tue, 27 May 2025 23:36:53 GMT content-type text/plain; charset=utf-8 vary Accept-Encoding server Kestrel access-control-allow-headers Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
GET H2	200	js Show response www.googletagmanager.com/gtag/	361 KB 124 KB	591ms 269ms	Script application/javascript	172.217.175.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CSQ3T208XX Requested by Host: benefit.otisproductions.co URL: https://benefit.otisproductions.co/b/tpl1/1/js/app.c065b318.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.175.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s20-in-f8.1e100.net Software Google Tag Manager / Resource Hash 47ae36df7fc95dc51c54b6fcc0542a2ff8d334e175ac7c83806d6302f31dce6c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/ Response headers content-encoding br report-to {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],} expires Tue, 27 May 2025 23:36:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 27 May 2025 23:36:55 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascgcycc:1077:0 content-length 125795 x-xss-protection 0 server Google Tag Manager
GET H2	200	5d32bc6300e4452a689939fee35b97c2ipad.png thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/6/	91 KB 92 KB	502ms 353ms	Image image/png	104.18.42.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/6/5d32bc6300e4452a689939fee35b97c2ipad.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.42.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cb0a6625c4eff724227c13ef7788f27f53dedd4c674cec02ed6fe51295ea40d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/ Response headers x-envoy-upstream-healthchecked-cluster cf-cache-status REVALIDATED etag "1c1440bd621ebb75d7d45e8a045406ea" date Tue, 27 May 2025 23:36:55 GMT x-rgw-object-type Normal content-type image/png last-modified Fri, 10 Sep 2021 19:28:27 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding x-do-cdn-uuid 50a42686-32f3-4d68-ae2d-9154bc1f5050 strict-transport-security max-age=15552000; includeSubDomains; preload cache-control max-age=600 x-amz-request-id tx0000015f14535ce28fbc4-00674c09ec-cdc45d54-nyc3c cf-ray 9469564fbe10fda2-SIN accept-ranges bytes content-length 93646 server cloudflare
GET H3	200	favicon-32x32.png benefit.otisproductions.co/b/tpl1/1/public/op/favicon/	901 B 0	0ms 0ms	Other image/png	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://benefit.otisproductions.co/b/tpl1/1/public/op/favicon/favicon-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d13e93e411bcbb58360c6e225b2e1bc01f9d8ae43e1d09c22aeaa1750ab7ed78 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/b/tpl1/1/?ld=1&session_id=a8efcd5e-eee9-4509-a572-735a7492f993&type=Computer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "68124442-385" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HY4CG%2BhNDJGlQzNJrpO%2BbMC4HBDr%2B2BBZSvTvqzQljZL4w%2FGgw9xp%2FGTXSR7wI6BbTiIe5cI%2FOLvR1kkytkjAEHAkJHemgn2sOuzOe9zHqnLnqas1B7hV5Cc6xcI8EQeU%2BL6eAov7CXvYPXb2g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 946956406a1efcfa-SIN accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=67064&min_rtt=66518&rtt_var=353&sent=172&recv=75&lost=0&retrans=0&sent_bytes=182053&recv_bytes=7815&delivery_rate=1105014&cwnd=94800&unsent_bytes=0&cid=b4dabad9f794db35&ts=2348&x=80" content-length 901 date Tue, 27 May 2025 23:36:53 GMT content-type image/png last-modified Wed, 30 Apr 2025 15:39:46 GMT server cloudflare vary Accept-Encoding
GET H3	200	favicon-16x16.png benefit.otisproductions.co/b/tpl1/1/public/op/favicon/	412 B 0	0ms 0ms	Other image/png	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://benefit.otisproductions.co/b/tpl1/1/public/op/favicon/favicon-16x16.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ec17ecb64bd511ff4955dbab8849ea3d00068fb3bd1cde2d12b7f7cb7d8a9b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/b/tpl1/1/?ld=1&session_id=a8efcd5e-eee9-4509-a572-735a7492f993&type=Computer Response headers cf-cache-status MISS etag "68124442-19c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8WdDFo6yqUD8DF5W%2BdHBADJKFQeBYL%2F9RwbvJWz7wKa1t1N%2FujAnL8ZBVa9neAzmVqD2HQ%2FRV3vPisuIRO1HLlC2LHQGKeaUlsxe73G04iofgTq%2FLvDtvl7dHJEmfNhAZEZpUwnFGG0tIWMBhg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Wed, 27 May 2026 23:36:53 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=67007&min_rtt=66518&rtt_var=380&sent=175&recv=76&lost=0&retrans=0&sent_bytes=183663&recv_bytes=8250&delivery_rate=1105014&cwnd=94800&unsent_bytes=0&cid=b4dabad9f794db35&ts=2887&x=80" date Tue, 27 May 2025 23:36:53 GMT content-type image/png last-modified Wed, 30 Apr 2025 15:39:46 GMT vary Accept-Encoding cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 94695643ea93fcfa-SIN accept-ranges bytes content-length 412 server cloudflare
POST H3	200	l4ev951vd1 event.trk-architecto.com/register/event_log/	0 0	325ms 324ms	Fetch	104.21.32.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://event.trk-architecto.com/register/event_log/l4ev951vd1 Requested by Host: trk-architecto.com URL: https://trk-architecto.com/scripts/push/script/l8emw37gkr?url=benefit.otisproductions.co Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com https://oaidalleapiprodscus.blob.core.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data: X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-type application/json Referer https://benefit.otisproductions.co/ Response headers access-control-expose-headers Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params x-pushplatformapp-alert pushPlatformApp.pushSubscription.deleted cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5Mok1XpW466fJxEZEPw59OnsEdEyFptf8krps%2BaDDhQuIFzdExBYKScD5z6Up%2FS7FXnYdiczFQ3JbuMDAtpyXR%2B7Ha6h%2FXupCYE%2FBTmEUKK6%2BSJHn4SD6GSxf%2FOLVszhoAaDcdqTpheDX0%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires 0 alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=66609&min_rtt=66517&rtt_var=4509&sent=18&recv=17&lost=0&retrans=0&sent_bytes=6347&recv_bytes=4515&delivery_rate=42918&cwnd=12000&unsent_bytes=0&cid=282041651dd08aa0&ts=3032&x=80" date Tue, 27 May 2025 23:36:55 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options SAMEORIGIN content-security-policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com https://oaidalleapiprodscus.blob.core.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data: cache-control no-cache, no-store, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache referrer-policy strict-origin-when-cross-origin cf-ray 946956520ca54027-SIN permissions-policy camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() x-pushplatformapp-params access-control-allow-origin * content-length 0 x-xss-protection 1; mode=block server cloudflare
POST H2	204	collect analytics.google.com/g/	0 0	661ms 275ms	Fetch text/plain	172.217.161.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-CSQ3T208XX&gtm=45je55q0v874357082za200&_p=1748389014803&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=1842426963.1748389016&ul=zh-tw&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1748389015&sct=1&seg=0&dl=https%3A%2F%2Fbenefit.otisproductions.co%2Fb%2Ftpl1%2F1%2F%3Fld%3D1%26session_id%3Da8efcd5e-eee9-4509-a572-735a7492f993%26type%3DComputer&dt=OP%20-%20Otis%20Productions&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4972 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CSQ3T208XX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.161.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s23-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:156:0 report-to {"group":"ascnsrsggc:156:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:156:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://benefit.otisproductions.co cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:156:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 27 May 2025 23:36:56 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 556 B	669ms 278ms	Ping text/plain	172.217.221.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CSQ3T208XX&cid=1842426963.1748389016&gtm=45je55q0v874357082za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CSQ3T208XX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.221.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS yunrtaa-in-f154.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:125:0 report-to {"group":"ascnsrsggc:125:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:125:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://benefit.otisproductions.co cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:125:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 27 May 2025 23:36:56 GMT content-type text/plain server Golfe2
GET H2	200	ga-audiences www.google.com.tw/ads/	42 B 409 B	669ms 282ms	Image image/gif	142.251.222.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.tw/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CSQ3T208XX&cid=1842426963.1748389016&gtm=45je55q0v874357082za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&z=158800315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.222.3 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s71-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://benefit.otisproductions.co/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 27 May 2025 23:36:56 GMT x-xss-protection 0 content-type image/gif server cafe

23 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp function| _ function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.otisproductions.co/	1970-01-21 15:15:49	Name: _ga Value: GA1.1.1842426963.1748389016
			.otisproductions.co/	1970-01-21 15:15:49	Name: _ga_CSQ3T208XX Value: GS2.1.s1748389015$o1$g0$t1748389015$j60$l0$h0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://benefit.otisproductions.co/b/tpl1/1/?ld=1&session_id=a8efcd5e-eee9-4509-a572-735a7492f993 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
beacon.otisproductions.co
benefit.otisproductions.co
event.trk-architecto.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
thanos-assets.nyc3.cdn.digitaloceanspaces.com
trk-architecto.com
www.google.com.tw
www.googletagmanager.com
104.18.42.227
104.21.112.1
104.21.32.1
104.21.64.1
142.250.196.106
142.251.222.3
172.217.161.46
172.217.175.72
172.217.175.99
172.217.221.154
45.55.126.207
08775b2ca5038656e2e49af725036546c55993e7d1bb2519009844d5a8f3f251
2cb0a6625c4eff724227c13ef7788f27f53dedd4c674cec02ed6fe51295ea40d
371aefdcd5362af979742698c7335224193f12933ce7d7c61ae5b8ce351ac526
38d00728cfe22c60dc0eb51563fa8f7ca7d7c6768ac9731e8987de88749d1abe
47ae36df7fc95dc51c54b6fcc0542a2ff8d334e175ac7c83806d6302f31dce6c
48f91b921d36b3449cf457ed34cb14f033cc342ccdd1d60ead0ceac26bcc76df
59cac1a37612eb643f9cbf618e604e946b9c66c27bad01a31ade8c93e896f303
8c3a8cde89df3f10e8b5ab4407506ec6c091c7345b34aae5aeec42575e366de2
8ec17ecb64bd511ff4955dbab8849ea3d00068fb3bd1cde2d12b7f7cb7d8a9b3
b5bdb042c742e945f9e78011e6db4acc6508e3633ff210e2984fd399575ddbde
c4945a3ff92b4034743bb3a3378590ac955b10890ccc8fe65ae5700e91c3e815
cef4abcec68a3ec6900f23284f13e8e6cf68a73ec76521329a020b8fae796513
d13e93e411bcbb58360c6e225b2e1bc01f9d8ae43e1d09c22aeaa1750ab7ed78
dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada
e07eb78c712e71dbab46f636817a70c6c75cf9bb5e9088c12ae176f792e908e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629