urlscan.io logo urlscan.io
SecurityTrails logo

benefits.benefit-relief.com Open in urlscan Pro
2606:4700:3031::6815:232d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trk.cp20.com/click/gcma-54b9h-39uyz-aqprmc7/pmreg33oorqwg5bomrxweir2eiytsojvfuydoljrgmqdamb2gaydumbqfyycelbci...
Effective URL: https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428...
Submission: On October 12 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3031::6815:232d, located in United States and belongs to CLOUDFLARENET, US. The main domain is benefits.benefit-relief.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 24th 2022. Valid for: a year.
This is the only time benefits.benefit-relief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.24.224.100 17358 (MOZGROUP-...)
1 1 205.144.171.175 55778 (WEBWEB-HK...)
1 1 65.98.48.237 25653 (FORTRESSITX)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 45.55.126.207 14061 (DIGITALOC...)
6 2607:f8b0:400... 15169 (GOOGLE)
25 10
1    216.24.224.100 (United States)

ASN17358 (MOZGROUP-CAMPAIGNER, US)
PTR: trk.cpro20.com
trk.cp20.com
1    205.144.171.175 (United States)

ASN55778 (WEBWEB-HK International Trade Centre, HK)
PTR: 205-144-171-175.alchemy.net
c.benefit-relief.com
1    65.98.48.237 (United States)

ASN25653 (FORTRESSITX, US)
PTR: crem-loop.foughtdear.com
travelerguidebuddy.com
5    2606:4700:3031::6815:232d (United States)

ASN13335 (CLOUDFLARENET, US)
benefits.benefit-relief.com
1    2607:f8b0:4006:80d::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2607:f8b0:4006:81f::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:822::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2606:4700:3035::6815:4cc9 (United States)

ASN13335 (CLOUDFLARENET, US)
push.smpush.com
3    45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
beacon.benefit-relief.com
6    2607:f8b0:4006:80b::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
9 benefit-relief.com
c.benefit-relief.com
benefits.benefit-relief.com
beacon.benefit-relief.com
237 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3306
ka-f.fontawesome.com — Cisco Umbrella Rank: 6353
23 KB
1 smpush.com
push.smpush.com — Cisco Umbrella Rank: 152279
event.smpush.com Failed
3 KB
1 gstatic.com
fonts.gstatic.com
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
42 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
1 travelerguidebuddy.com
travelerguidebuddy.com
719 B
1 cp20.com
trk.cp20.com — Cisco Umbrella Rank: 42394
1 KB
25 9
Domain Requested by
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
benefits.benefit-relief.com
5 benefits.benefit-relief.com benefits.benefit-relief.com
3 beacon.benefit-relief.com 1 redirects benefits.benefit-relief.com
3 ka-f.fontawesome.com kit.fontawesome.com
1 push.smpush.com benefits.benefit-relief.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com benefits.benefit-relief.com
1 kit.fontawesome.com benefits.benefit-relief.com
1 fonts.googleapis.com benefits.benefit-relief.com
1 travelerguidebuddy.com 1 redirects
1 c.benefit-relief.com 1 redirects
1 trk.cp20.com 1 redirects
0 event.smpush.com Failed push.smpush.com
25 13

This site contains links to these domains. Also see Links.

Domain
benefit-relief.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-24 -
2023-07-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
beacon.benefit-relief.com
R3		 2022-09-16 -
2022-12-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Frame ID: E294D2857D72F44D8D81B0B84F33F916
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Benefit Relief

Page URL History Show full URLs

  1. https://trk.cp20.com/click/gcma-54b9h-39uyz-aqprmc7/pmreg33oorqwg5bomrxweir2eiytsojvfuydoljrgmqda... HTTP 302
    http://c.benefit-relief.com/clk.ashx?cid=147575&provider_id=250&email=marleen.zambrano@broad-path.com&fi... HTTP 302
    http://travelerguidebuddy.com/r/672bb42b-c609-4ab7-80a3-638c9f37a6a2/250/147575/352776889 HTTP 302
    https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

25
Requests

80 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

10
IPs

1
Countries

333 kB
Transfer

1251 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.cp20.com/click/gcma-54b9h-39uyz-aqprmc7/pmreg33oorqwg5bomrxweir2eiytsojvfuydoljrgmqdamb2gaydumbqfyycelbcinxw45dbmn2c4rtjojzxiicomfwwkir2ejgwc4tmmvsw4irmejbw63tumfrxiltsmvrw64tel5uwiir2eiztkmrxg43dqobzeiwceq3pnz2gcy3ufzrws5dzei5cesdboj3gk6jcfqreg33oorqwg5bom5sw4zdfoirduisgeiwceq3pnz2gcy3ufzyhe33wnfsgk4s7nfsceorcgi2tairmejbw63tumfrxilsqnbxw4zjchircelbcinxw45dbmn2c46tjobpwg33emurduirwga2denrcfqreg33oorqwg5bonvsw2ytfojpwszbchirdmmbtgy3tmobcfqreg33oorqwg5bonvqxe2lumfwf643umf2hk4zchirhg2lom5wgkidomv3gk4ranvqxe4tjmvscelbcinxw45dbmn2c4tdbon2cattbnvsseorcljqw2ytsmfxg6irmejbw63tumfrxilttovrf62leei5cenrrgm2dknjugircyisdn5xhiyldoqxgk3lqnrxxs3lfnz2f643umf2hk4zchirgk3lqnrxxszleebtg64rao5qwozlteiwceq3pnz2gcy3ufzswi5ldmf2gs33ol5wgk5tfnqrduitinftwqidtmnug633mebsgs4dmn5wwcidhmvscelbcinxw45dbmn2c443fnzuw64rchiremylmonsselbcinxw45dbmn2c4rlnmfuwyir2ejwwc4tmmvsw4lt2mfwwe4tbnzxuaytsn5qwillqmf2gqltdn5wselbcinxw45dbmn2c443umf2gkir2ejeuyit5 HTTP 302
    http://c.benefit-relief.com/clk.ashx?cid=147575&provider_id=250&email=marleen.zambrano@broad-path.com&first_name=Marleen&last_name=Zambrano&cqs=idx&phone=&city=Harvey&birth_date=1995-07-13%2000:00:00.0&education_level=high%20school%20diploma%20ged&employment_status=employed%20for%20wages&gender=F&marital_status=single%20never%20married&senior=False&member_id=6036768&state=IL&sub_id=61345542&zip_code=60426&record_id=352776889 HTTP 302
    http://travelerguidebuddy.com/r/672bb42b-c609-4ab7-80a3-638c9f37a6a2/250/147575/352776889 HTTP 302
    https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://beacon.benefit-relief.com/g2/0b545203-e67b-4ce7-b1bb-1be1c66f43aa?fdhr=1&s1=250&s2=147575&s3=352776889&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c HTTP 302
  • https://beacon.benefit-relief.com/s/b5273545-535f-4e12-b863-f7ec3216a6dd?&requestid=_Ti1btgP8e&destinationid=2354893498&fdhr=1&s1=250&s2=147575&s3=352776889&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0
benefits.benefit-relief.com/sf/1/
Redirect Chain
  • https://trk.cp20.com/click/gcma-54b9h-39uyz-aqprmc7/pmreg33oorqwg5bomrxweir2eiytsojvfuydoljrgmqdamb2gaydumbqfyycelbcinxw45dbmn2c4rtjojzxiicomfwwkir2ejgwc4tmmvsw4irmejbw63tumfrxiltsmvrw64tel5uwiir2e...
  • http://c.benefit-relief.com/clk.ashx?cid=147575&provider_id=250&email=marleen.zambrano@broad-path.com&first_name=Marleen&last_name=Zambrano&cqs=idx&phone=&city=Harvey&birth_date=1995-07-13%2000:00:...
  • http://travelerguidebuddy.com/r/672bb42b-c609-4ab7-80a3-638c9f37a6a2/250/147575/352776889
  • https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:232d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b310c5bbe6838701072e5d9e57263f5ea37f6097c24822e44f613047c0c118f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75922845de4f4bd1-YUL
content-encoding
br
content-type
text/html
date
Wed, 12 Oct 2022 19:14:14 GMT
last-modified
Mon, 29 Aug 2022 12:42:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfQqz8my9PhgdPeJbbuEkvZYpCJShgm6IA8nsorkI7oEksTCAhYpXrKjhUuYhqchItmQqEGem1g%2FIk4Xb6FcutinmZSE7x9fYqO%2BmbM1XmBGCwR4bnIkYIkuAaTe2y9JXBcttwYXoUX9YO1BsaZhYByTPIsE9Zewt6Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
159
Date
Wed, 12 Oct 2022 19:14:13 GMT
Expires
Wed, 12 Oct 2022 19:14:13 GMT
Location
https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Server
nginx
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
134a34661b81cec950a7cc40f7875b460eb6b912b744c420f2211e3c7f3250ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Oct 2022 19:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 19:12:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Oct 2022 19:14:14 GMT
268a7048dd.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/268a7048dd.js
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
75922848b8bbecf2-YUL
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FtkoplJUlsk-jpPMb3bC
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92483201-41
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c4049ce64b3797cbe13b4d8435328c3ea34fe5cf7d9ec8b01a1dcf48a282564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42406
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Oct 2022 19:14:14 GMT
bundle.d596e9ccfc795a59cd32.css
benefits.benefit-relief.com/sf/1/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/bundle.d596e9ccfc795a59cd32.css?t=1661776918652
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:232d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a869a9985b80eebbba7dc025549fdde843df161f26e08f825e851e1b4b16ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 Aug 2022 12:42:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"630cb43d-d666"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlVq17fvyNuPUv0YBZMzhLmk41JiqVFioLpbAlz3Q1JHxVjQgkLrA5IJeuvQ10515IXdorrmJkmnlhLlFux4SnwxlBSlBMNjLP4g6QsY3%2FTlwJaBSdjPGx5%2Bk8V8yd0p5gVsgtSo1PslwsJ3NChQnywgBOZeGfOX4%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
759228462ec84bd1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 29 Aug 2023 13:14:35 GMT
logo.png
benefits.benefit-relief.com/sf/1/public/br/logo/ 		602 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefits.benefit-relief.com/sf/1/public/br/logo/logo.png?v=05468576
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:232d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad38b7c287f942deb7829aaf55457fcde14621d6067c47a855e232598a956e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Aug 2022 12:42:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"630cb43e-25a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j7z4p6tRF9Rm7AZ6S%2FRuwovJIHWb4v5WQTQ%2B8HDqBTZC%2FZY3c2nppRdQkQrQkCOpl2YhGVCKqTcUDRzxHGSqhSHC4shkSKyO8pL9UeRDtSsk9r2C1b6rt%2BObABZNjfMB%2FvPAvTIFG65uTyvgrhHwXKYELp8etkyH2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
759228490a80ca67-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
602
expires
Thu, 05 Oct 2023 01:22:14 GMT
8.2efe8a7f.chunk.js
benefits.benefit-relief.com/sf/1/js/ 		326 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/js/8.2efe8a7f.chunk.js
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:232d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222e603ee770d381bd22eb960db430d5496d3747bc43f15cb6b23ae7d50ce065

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Aug 2022 18:55:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6306740d-51717"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lu5kWGh7SBx5Hpep9NlJnrMA8O1BuqFBnXdnxsk8REyF8amUVJuXRQoRgbxnY3vIcIvcMzf%2F5OV2iH23TrrmghbZQ1JiOUlV2siKjHQZqLjncDVBIIh6qSfhSLUMCzLlpaKeNJcwGynlfTVNejwP6Sjn%2BevTNDQUvow%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
759228490a78ca67-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 24 Aug 2023 19:08:00 GMT
app.93262075.js
benefits.benefit-relief.com/sf/1/js/ 		587 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.benefit-relief.com/sf/1/js/app.93262075.js
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:232d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68cd280518ce614ff12c1278bc17e6387350daa15ae73cdbfe9e527234e019da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/sf/1/0?sf=mydegree&fdhr=1&s1=250&s2=147575&s3=352776889&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 Aug 2022 12:42:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"630cb43d-92ceb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYrR86rhsoAbtV5IbD%2FYnN89%2FwZce8ITYv0N7vavt5HoRlZvCpSesAjT6SYFEKfn2qicVV9jOoZVEHJPMSOPmP3LVV8kvhCQqtvHarpHBHPhEKSeJ84cGNVKq3Bh20hAR%2FMuy7vcGtCdsViha6Q4DtYaSeANK8GQCe4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
759228490a7eca67-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 29 Aug 2023 13:14:38 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://benefits.benefit-relief.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:12:27 GMT
x-content-type-options
nosniff
age
129707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 07:12:27 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
via
1.1 346bf51bc00fbeaa3f4c461a781bceb0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
610417
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W27W9kMftfRUTqKjMStMVF%2FQgokK%2BK13Le3fYAjp1SrC%2BMG17wlrSjSwWjYOSoE5yLQkuf67AH%2F9NCFQymWhkEqa5KSeWMr8a7eLmGHeQ%2FjSGUNzApNIeQS9T73YE9sp9qIWFwBqcT%2Bjw1hEriFq2wymmA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
759228497c6917fd-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
wXRKuPynOX2hJPtx2dZVSFo-96VpLLWUowZKvJs3h7nQv8UGB7Qk3w==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
via
1.1 d9904d2a7eb0a13ec208dbdb43366b78.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
610417
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSnYLX6WgD2eQxq5FmNpKAm6Y4ECHEoS%2BIGKdSPish6ofs6ScdsPBdOrbQCYvEfsS1SbvYGA0B6pU%2B6OA3Zpb3L2hDFEVuFJkH7d2rZTjUxK0UlyxvBIJMNTSvQJoDuYb3G%2Bcd6IS7Q%2F%2BcgXXgxXbpSC5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
759228497c6b17fd-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
BUpOXn6OGA6Xn9lkU_-Wro522eR_axwRNAr16f5gpMhJLJCSI4j7PQ==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
139276
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkqAlFOQ2HpCe5DbWeELltHinEFv3AZXUhNURyPVkfYS5rq4ycgeBK0rF3xfYwBlfIaXczys6Fkx5O68ja6izOxItGZUHmrpjx6xsZVWO5jViFvFKrNHTA0ujkEAptCcAC2jPxxzAdWKU9z0%2Fc7A1j4csQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
759228497c6e17fd-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
_2XNtEyDakHx4CYMDK-DwHz6N8fB5RS9pwYJHN7ZWacmpt6fLw8CCA==
l8emw37gkr
push.smpush.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.benefit-relief.com
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/js/app.93262075.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8d9fecb3c0ab2a9fc1d52a31054d428e65fc81b04b6a2c70b44a16887b2179
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:16 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 19:14:16 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8BB8CQqNz%2Bba4FBmBqLCWldBuo5sDzoh7%2FEcdQyegToQrQxQjOob9crvJYQh1bt%2BZCrcseP5wM7mkj0eZ2y1xg0WiXiRvSHp8DkjqW25Y4tIACbb86D36MWpJ6dDV%2FwLc7Zw%2B9YQIKlGCkTLRQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray
7592284abde3ca6f-YUL
expires
0
summary
beacon.benefit-relief.com/geo/ 		118 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.benefit-relief.com/geo/summary
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/js/8.2efe8a7f.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
fbc796e8f12e3b7de042589245109142e544828c4191a19c60220e9b6aa88125
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://benefits.benefit-relief.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
b5273545-535f-4e12-b863-f7ec3216a6dd
beacon.benefit-relief.com/s/
Redirect Chain
  • https://beacon.benefit-relief.com/g2/0b545203-e67b-4ce7-b1bb-1be1c66f43aa?fdhr=1&s1=250&s2=147575&s3=352776889&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
  • https://beacon.benefit-relief.com/s/b5273545-535f-4e12-b863-f7ec3216a6dd?&requestid=_Ti1btgP8e&destinationid=2354893498&fdhr=1&s1=250&s2=147575&s3=352776889&sf=mydegree&trackid=61724cb5-28a7-467c-b...
2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.benefit-relief.com/s/b5273545-535f-4e12-b863-f7ec3216a6dd?&requestid=_Ti1btgP8e&destinationid=2354893498&fdhr=1&s1=250&s2=147575&s3=352776889&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?fdhr=1&s1=250&s2=147575&s3=352776889&session_id=8c92f3eb-4309-4031-b2ed-114d85347471&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H2
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
047421091eb51dd9bc34eab1dd0406455f6c5e38f7519da468e3a9859a6dbd5f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:14:14 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

Redirect headers

date
Wed, 12 Oct 2022 19:14:14 GMT
strict-transport-security
max-age=2592000
server
Kestrel
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
location
https://beacon.benefit-relief.com/s/b5273545-535f-4e12-b863-f7ec3216a6dd?&requestid=_Ti1btgP8e&destinationid=2354893498&fdhr=1&s1=250&s2=147575&s3=352776889&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
content-length
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92483201-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 19:02:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
714
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 12 Oct 2022 21:02:20 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=716845132&t=pageview&_s=1&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Ffdhr%3D1%26s1%3D250%26s2%3D147575%26s3%3D352776889%26session_id%3D8c92f3eb-4309-4031-b2ed-114d85347471%26sf%3Dmydegree%26trackid%3D61724cb5-28a7-467c-bb84-f4549428f02c&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=593588412&gjid=757110346&cid=1542251603.1665602055&tid=UA-92483201-41&_gid=1466195993.1665602055&_r=1&gtm=2ouaa0&z=520300985
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://benefits.benefit-relief.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 19:14:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://benefits.benefit-relief.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=716845132&t=event&_s=2&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Ffdhr%3D1%26s1%3D250%26s2%3D147575%26s3%3D352776889%26session_id%3D8c92f3eb-4309-4031-b2ed-114d85347471%26sf%3Dmydegree%26trackid%3D61724cb5-28a7-467c-bb84-f4549428f02c&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageload&ea=load&el=%2Fsf%2F1&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1542251603.1665602055&tid=UA-92483201-41&_gid=1466195993.1665602055&gtm=2ouaa0&z=43096402
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?fdhr=1&s1=250&s2=147575&s3=352776889&session_id=8c92f3eb-4309-4031-b2ed-114d85347471&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 19:55:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83901
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=716845132&t=event&_s=3&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Ffdhr%3D1%26s1%3D250%26s2%3D147575%26s3%3D352776889%26session_id%3D8c92f3eb-4309-4031-b2ed-114d85347471%26sf%3Dmydegree%26trackid%3D61724cb5-28a7-467c-bb84-f4549428f02c&dp=0%3Ffdhr%3D1%26s1%3D250%26s2%3D147575%26s3%3D352776889%26session_id%3D8c92f3eb-4309-4031-b2ed-114d85347471%26sf%3Dmydegree%26trackid%3D61724cb5-28a7-467c-bb84-f4549428f02c&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20started%20Survey%20Flow&ea=survey-flow-started&el=%2Fsf%2F1&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1542251603.1665602055&tid=UA-92483201-41&_gid=1466195993.1665602055&gtm=2ouaa0&z=2080924893
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?fdhr=1&s1=250&s2=147575&s3=352776889&session_id=8c92f3eb-4309-4031-b2ed-114d85347471&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 19:55:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83901
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=716845132&t=event&_s=4&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Ffdhr%3D1%26s1%3D250%26s2%3D147575%26s3%3D352776889%26session_id%3D8c92f3eb-4309-4031-b2ed-114d85347471%26sf%3Dmydegree%26trackid%3D61724cb5-28a7-467c-bb84-f4549428f02c&dp=0%3Ffdhr%3D1%26s1%3D250%26s2%3D147575%26s3%3D352776889%26session_id%3D8c92f3eb-4309-4031-b2ed-114d85347471%26sf%3Dmydegree%26trackid%3D61724cb5-28a7-467c-bb84-f4549428f02c&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=MyDegreeCPC&ea=view&el=%2Fsf%2F1&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1542251603.1665602055&tid=UA-92483201-41&_gid=1466195993.1665602055&gtm=2ouaa0&z=254341861
Requested by
Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/sf/1/0?fdhr=1&s1=250&s2=147575&s3=352776889&session_id=8c92f3eb-4309-4031-b2ed-114d85347471&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 19:55:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83901
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=716845132&t=event&_s=5&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fsf%2F1%2F0%3Ffdhr%3D1%26s1%3D250%26s2%3D147575%26s3%3D352776889%26session_id%3D8c92f3eb-4309-4031-b2ed-114d85347471%26sf%3Dmydegree%26trackid%3D61724cb5-28a7-467c-bb84-f4549428f02c&dp=0%3Ffdhr%3D1%26s1%3D250%26s2%3D147575%26s3%3D352776889%26session_id%3D8c92f3eb-4309-4031-b2ed-114d85347471%26sf%3Dmydegree%26trackid%3D61724cb5-28a7-467c-bb84-f4549428f02c&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user&ea=push-optin-ignored&el=%2Fsf%2F1&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1542251603.1665602055&tid=UA-92483201-41&_gid=1466195993.1665602055&gtm=2ouaa0&z=69813152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://benefits.benefit-relief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 19:55:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
z0gr10mdx9
event.smpush.com/register/event_log/ 		0
0
z0gr10mdx9
event.smpush.com/register/event_log/ 		0
0
z0gr10mdx9
event.smpush.com/register/event_log/ 		0
0
z0gr10mdx9
event.smpush.com/register/event_log/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
event.smpush.com
URL
https://event.smpush.com/register/event_log/z0gr10mdx9
Domain
event.smpush.com
URL
https://event.smpush.com/register/event_log/z0gr10mdx9
Domain
event.smpush.com
URL
https://event.smpush.com/register/event_log/z0gr10mdx9
Domain
event.smpush.com
URL
https://event.smpush.com/register/event_log/z0gr10mdx9

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| FontAwesomeKitConfig object| webpackJsonp object| regeneratorRuntime function| _ object| core function| ScratchCard object| SCRATCH_TYPE object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

5 Cookies

Domain/Path Name / Value
.travelerguidebuddy.com/ Name: 31d96da6-008b-4179-a47e-89a3955aa486
Value: 61724cb5-28a7-467c-bb84-f4549428f02c
.travelerguidebuddy.com/ Name: 31d96da6-008b-4179-a47e-89a3955aa486-trkid
Value: 61724cb5-28a7-467c-bb84-f4549428f02c
.benefit-relief.com/ Name: _ga
Value: GA1.2.1542251603.1665602055
.benefit-relief.com/ Name: _gid
Value: GA1.2.1466195993.1665602055
.benefit-relief.com/ Name: _gat_gtag_UA_92483201_41
Value: 1

1 Console Messages

Source Level URL
Text
other error URL: https://benefits.benefit-relief.com/sf/1/0?fdhr=1&s1=250&s2=147575&s3=352776889&session_id=8c92f3eb-4309-4031-b2ed-114d85347471&sf=mydegree&trackid=61724cb5-28a7-467c-bb84-f4549428f02c#!/hst
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.benefit-relief.com
benefits.benefit-relief.com
c.benefit-relief.com
event.smpush.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
push.smpush.com
travelerguidebuddy.com
trk.cp20.com
www.google-analytics.com
www.googletagmanager.com
event.smpush.com
205.144.171.175
216.24.224.100
2606:4700:3031::6815:232d
2606:4700:3035::6815:4cc9
2606:4700::6812:1734
2606:4700:e6::ac40:cb1c
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81f::2008
2607:f8b0:4006:822::2003
45.55.126.207
65.98.48.237
047421091eb51dd9bc34eab1dd0406455f6c5e38f7519da468e3a9859a6dbd5f
134a34661b81cec950a7cc40f7875b460eb6b912b744c420f2211e3c7f3250ac
222e603ee770d381bd22eb960db430d5496d3747bc43f15cb6b23ae7d50ce065
2c4049ce64b3797cbe13b4d8435328c3ea34fe5cf7d9ec8b01a1dcf48a282564
2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366
4ad38b7c287f942deb7829aaf55457fcde14621d6067c47a855e232598a956e3
68cd280518ce614ff12c1278bc17e6387350daa15ae73cdbfe9e527234e019da
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
78a869a9985b80eebbba7dc025549fdde843df161f26e08f825e851e1b4b16ab
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
b310c5bbe6838701072e5d9e57263f5ea37f6097c24822e44f613047c0c118f6
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
fb8d9fecb3c0ab2a9fc1d52a31054d428e65fc81b04b6a2c70b44a16887b2179
fbc796e8f12e3b7de042589245109142e544828c4191a19c60220e9b6aa88125
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda