benefits.benefit-relief.com Open in urlscan Pro
2606:4700:3030::6815:2571 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://amhr.info/UUBdbCj/110666562
Effective URL:
https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
Submission Tags: falconsandbox
Submission: On February 21 via api (February 21st 2021, 7:34:15 am UTC) from US

Summary HTTP 38 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3030::6815:2571, located in United States and belongs to CLOUDFLARENET, US. The main domain is benefits.benefit-relief.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 24th 2020. Valid for: a year.

This is the only time benefits.benefit-relief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3032::ac43:d7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	107.167.93.174 107.167.93.174	53755 (IOFLOOD) (IOFLOOD)
9	2606:4700:303... 2606:4700:3030::6815:2571	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:ca1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:303... 2606:4700:3031::ac43:cfd2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
10	162.243.189.2 162.243.189.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
38	12

2 2606:4700:3032::ac43:d7c7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

amhr.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.167.93.174 (Phoenix, United States) 2 redirects

ASN53755 (IOFLOOD, US)
PTR: server1.cloudbenz.com

hardshipservices.guide	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3030::6815:2571 (United States)

ASN13335 (CLOUDFLARENET, US)

benefits.benefit-relief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.benefit-relief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:cfd2 (United States)

ASN13335 (CLOUDFLARENET, US)

api.benefit-relief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.243.189.2 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

support-benefits.nyc3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	benefit-relief.com benefits.benefit-relief.com beacon.benefit-relief.com api.benefit-relief.com	261 KB
10	digitaloceanspaces.com support-benefits.nyc3.digitaloceanspaces.com	406 KB
7	google-analytics.com www.google-analytics.com	19 KB
4	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	23 KB
3	gstatic.com fonts.gstatic.com	41 KB
2	hardshipservices.guide 2 redirects hardshipservices.guide	799 B
2	amhr.info 2 redirects amhr.info	2 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	googleapis.com fonts.googleapis.com	732 B
38	9

	Domain	Requested by
10	support-benefits.nyc3.digitaloceanspaces.com
9	benefits.benefit-relief.com	benefits.benefit-relief.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com benefits.benefit-relief.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	api.benefit-relief.com	benefits.benefit-relief.com
2	hardshipservices.guide	2 redirects
2	amhr.info	2 redirects
1	beacon.benefit-relief.com	benefits.benefit-relief.com
1	www.googletagmanager.com	benefits.benefit-relief.com
1	kit.fontawesome.com	benefits.benefit-relief.com
1	fonts.googleapis.com	benefits.benefit-relief.com
38	12

This site contains links to these domains. Also see Links.

Domain
benefit-relief.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-24` - `2021-09-24`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
beacon.benefit-relief.com R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.nyc3.digitaloceanspaces.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-05-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
Frame ID: 310C5D3ED1685A3CDD9A809765E1BF8E
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://amhr.info/UUBdbCj/110666562 HTTP 301
https://amhr.info/UUBdbCj/110666562 HTTP 302
http://hardshipservices.guide/r/7ff8c67c-40a7-4cf9-9524-0222963316df/A9149/110666562 HTTP 302
https://hardshipservices.guide/r/797c29a2-9110-4f61-b66c-f66395c4d266/A9149/110666562///?fctr=1 HTTP 302
https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

38
Requests

100 %
HTTPS

79 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

790 kB
Transfer

1475 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://benefit-relief.com/terms.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://benefit-relief.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://benefit-relief.com/unsubscribe.html
Title: Opt Out

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://amhr.info/UUBdbCj/110666562 HTTP 301
https://amhr.info/UUBdbCj/110666562 HTTP 302
http://hardshipservices.guide/r/7ff8c67c-40a7-4cf9-9524-0222963316df/A9149/110666562 HTTP 302
https://hardshipservices.guide/r/797c29a2-9110-4f61-b66c-f66395c4d266/A9149/110666562///?fctr=1 HTTP 302
https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
benefits.benefit-relief.com/l/1/
Redirect Chain

http://amhr.info/UUBdbCj/110666562
https://amhr.info/UUBdbCj/110666562
http://hardshipservices.guide/r/7ff8c67c-40a7-4cf9-9524-0222963316df/A9149/110666562
https://hardshipservices.guide/r/797c29a2-9110-4f61-b66c-f66395c4d266/A9149/110666562///?fctr=1
https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149

7 KB
3 KB

133ms
107ms

Document
text/html

2606:4700:3030::6815:2571
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4472a58393a40044db24f446a8a37e3482c4954a54f5333de56c2918b34051ab

Request headers

:method: GET
:authority: benefits.benefit-relief.com
:scheme: https
:path: /l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-type: text/html
set-cookie: __cfduid=d86de48d161f279440635a94bf663335a1613892834; expires=Tue, 23-Mar-21 07:33:54 GMT; path=/; domain=.benefit-relief.com; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 21 Jan 2021 13:55:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 08651b6c450000c2b8cd19f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ck9Lkblio7EDZAi%2Fcz9SEcCXiW37skheZPM%2BfJgruEtFoIUTunaA4viXaOG65TAY8%2FPe7yRqfomZV22JaDh5QkkXA5CCXwjfU9OowT8IWazELL3ucwZUhB60yCjlSf5NdT32s2SBhDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 624ec826dbb3c2b8-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Sun, 21 Feb 2021 07:33:54 GMT
Content-Length: 142
Connection: keep-alive
set-cookie: 15f94c20-2d40-4fd4-ac4c-31ff44478297=7c57e670-1de1-476d-a35a-93a6800851f6; Version=1; Expires=Tue, 23-Mar-2021 07:33:54 GMT; Max-Age=2592000; Domain=hardshipservices.guide; Path=/
Location: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
Cache-Control: no-cache
Expires: Sun, 21 Feb 2021 07:33:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
732 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Requested by

Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5c336543068fe4bfbd6cc01688a07c7d377e61238fc8d584b9f250e29696cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Feb 2021 07:33:54 GMT
server: ESF
date: Sun, 21 Feb 2021 07:33:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Feb 2021 07:33:54 GMT

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 11 KB
4 KB 55ms
38ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/268a7048dd.js

Requested by

Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4492156fcf7a679b28b4b75d5e84b2b5eec606d5da785eb67e73141d2df58db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; preload
cf-request-id: 08651b6cc50000c29ff93ad000000001
x-request-id: Flo5Fyev51Ip-_cAPn-B
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 624ec827a817c29f-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-92483201-41

Requested by

Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b73f36fa85f8612e495afc97f942b03833b753c67e12fcd3a056c15cdfab61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39292
x-xss-protection: 0
last-modified: Sun, 21 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Feb 2021 07:33:54 GMT

GET
H2 200 bundle.f50dac2cc4500cdd8f5b.css
benefits.benefit-relief.com/l/1/ 23 KB
5 KB 96ms
96ms Stylesheet
text/css 2606:4700:3030::6815:2571
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.benefit-relief.com/l/1/bundle.f50dac2cc4500cdd8f5b.css?t=1611237326472
Requested by: Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 410b66abd52766785ef4cfb54b8f75493973eaedc86d6881fa938a1f3088c586

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Jan 2021 13:55:49 GMT
server: cloudflare
etag: W/"600987e5-5c55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jbe3CR7TjHQYsZ%2BFA0EQRgQls11hCUdzZCUslK7avFY1Y4ZhEyY63RIAl0uqhkNe7aKKOIOxbFkhh5oUhgHjAeJVvhMqqfdsCh8YjMROaGTD31ElVakE4y6RSuv9osWtD580N7uR%2F%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 624ec8278c33c2b8-FRA
cf-request-id: 08651b6cb50000c2b8780e2000000001
expires: Fri, 21 Jan 2022 13:58:47 GMT

GET
H2 200 logo.png
benefits.benefit-relief.com/l/1/public/ 602 B
983 B 108ms
108ms Image
image/png 2606:4700:3030::6815:2571
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefits.benefit-relief.com/l/1/public/logo.png?v=etytuytiu
Requested by: Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad38b7c287f942deb7829aaf55457fcde14621d6067c47a855e232598a956e3

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 602
cf-request-id: 08651b6cc80000c2b8b0131000000001
last-modified: Tue, 29 Sep 2020 17:39:49 GMT
server: cloudflare
etag: "5f737165-25a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZwfNy%2F0vs9ZpzFLxEHCY1y%2BtAS4TegM%2FEj3E3ilqzivDiriviHuRrCzs%2FL%2BH14CAfUr4C2znSVL%2BbZjSbgTmpaN2mvSqVE4%2F1%2FcyXQcW6nIqX%2FAKAGnq1lnUGbw5V1CFeDO5WE3j1ic%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 624ec827ac4bc2b8-FRA
expires: Sun, 07 Nov 2021 09:41:47 GMT

GET
H2 200 4.8233fc3f.chunk.js Show response
benefits.benefit-relief.com/l/1/js/ 264 KB
81 KB 118ms
118ms Script
application/javascript 2606:4700:3030::6815:2571
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.benefit-relief.com/l/1/js/4.8233fc3f.chunk.js
Requested by: Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22bdb808ea117f5cd34ed84d1d733e1c166838e50b8b57223cf0934b8d3959ca

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Jan 2021 13:55:47 GMT
server: cloudflare
etag: W/"600987e3-41fdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C1extxCmeERQIa%2Fht9B9VKZeEU6qIedI%2B158B4hmBLkHa9fpO7kz2hxBzqvpvw4FinZpZhReN8OBAQkQOKxvQHzePCz7SazfvbcPeWjRAoe4UKvAIZhpEhf4KY5Q6Qvr8OawJi8rgms%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 624ec827ac48c2b8-FRA
cf-request-id: 08651b6cc80000c2b8a5185000000001
expires: Fri, 21 Jan 2022 13:56:42 GMT

GET
H2 200 app.5cd9bad6.js Show response
benefits.benefit-relief.com/l/1/js/ 274 KB
47 KB 23ms
22ms Script
application/javascript 2606:4700:3030::6815:2571
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.benefit-relief.com/l/1/js/app.5cd9bad6.js
Requested by: Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0073b3c9fd5c53b94fdabb324c4e4bfcac977625e3d60b9f8c47500b42a0a338

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 404100
cf-request-id: 08651b6cc80000c2b89db50000000001
last-modified: Thu, 21 Jan 2021 13:55:47 GMT
server: cloudflare
etag: W/"600987e3-44975"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L6pZ4om%2FO1NQniygV4UBxQA970uTqShEX4DoySyIAsBoebdLCEkbf508WLFaY%2BdvpRu3K0eSn0ZrZMJT6j14GzlYWasICOAcre5fOkarNaVc2GklyWgwlHxwNt1hXfHBf4m7Svvleoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 624ec827ac49c2b8-FRA
expires: Fri, 21 Jan 2022 13:56:42 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 59 KB
13 KB 19ms
18ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3157646
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 08651b6cee000005bf51b1d000000001
last-modified: Wed, 13 Jan 2021 18:32:18 GMT
server: cloudflare
etag: W/"4ecc071b77d6b1790fa9fb8a5173f972"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3dGWD904WW8tNhBQLWpUj%2BvlTmkFt0AOXx4u8LarrM6zBhCCVSL%2BJ8XCiXZOUa7mO6G74lA%2B8mATNdWdpdoYh8ZM1SYprPmg6t%2FBNp4x1qc9W8aoTcDjQuhs81dgPCBkKg%3D%3D"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
cf-ray: 624ec827ea3c05bf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Lw4CbusXWUeZHdKdkIHAP0UrajQbSXOASxwverzJbCshMYSZ2IEADQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 26 KB
5 KB 17ms
16ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3157646
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 08651b6cee000005bf3c13a000000001
last-modified: Wed, 13 Jan 2021 18:32:17 GMT
server: cloudflare
etag: W/"1848e71668f42835079e5fa2af6cf4a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=su1suoWPmy%2FUz86IYhIZurivV7WWVUShS%2FeoVm6XHyhLdmNUE5hf2EuenL9JCZdW2dJ7WivwwVUGJVHM9vx569p9RUOQCsLT20JuzhS7sWYTp%2FPq4Gtq5%2FkWAG1Orr%2FgmA%3D%3D"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
cf-ray: 624ec827ea3f05bf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: mhahH9oYgy4-7QS3G-ZcviMsxpGdTG09i8zxrSXurpjSFWKTz3viOw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 3 KB
1 KB 18ms
17ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3157646
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 08651b6cee000005bf61bef000000001
last-modified: Wed, 13 Jan 2021 18:32:16 GMT
server: cloudflare
etag: W/"252773908df2cc3deb0e09dc1817e64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bzqbg1iX0lkUUl4uWV6fG9jB%2B88wm3qAbAbvHAcQxMAIWdKY0uZRfNIV5uPovmdzH%2F0hRHg3ZueGb1lR5oLMk%2F%2FBLwmr421IeSWFJzxA38u7%2BpQ8WWOafm9CF7njPT0KDQ%3D%3D"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
cf-ray: 624ec827ea4005bf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: vlPWo1v7A6Y4kergzMsIfqH-skLVUJ8576m_MCuG-1xxL1zQs6sxHA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92483201-41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6162
date: Sun, 21 Feb 2021 05:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 21 Feb 2021 07:51:12 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
395 B 47ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=302464138&t=pageview&_s=1&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fl%2F1%2F%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=2070004346&gjid=31938769&cid=205999815.1613892835&tid=UA-92483201-41&_gid=1522033977.1613892835&_r=1&gtm=2ou2a1&z=1620977952

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 07:33:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.benefit-relief.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.76a2b477.chunk.js Show response
benefits.benefit-relief.com/l/1/js/ 40 KB
11 KB 108ms
108ms Script
application/javascript 2606:4700:3030::6815:2571
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.benefit-relief.com/l/1/js/0.76a2b477.chunk.js
Requested by: Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/js/app.5cd9bad6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd0ee03fb3f8e1c7be377f90d835fd49aad6b4a9ae28cc8456a32af038f8587

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Jan 2021 13:55:47 GMT
server: cloudflare
etag: W/"600987e3-a06f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=209g4T9eaBugR8uJ5%2F0%2B5DM%2FwmGpTKl3wjM1uIzATx08k3fpb2PlafARuLxBcnD8avjdaTU%2FGiiOGLiJDjSIu5zaeXuYeUsLXlEjNupWuDCaiFry3J6uuaFn7vpTlLGccngnQJJUw0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 624ec828cd32c2b8-FRA
cf-request-id: 08651b6d7d0000c2b882292000000001
expires: Fri, 21 Jan 2022 13:56:43 GMT

GET
H2 200 1.bundle.e4a9010a2952806ee320.css
benefits.benefit-relief.com/l/1/ 11 KB
3 KB 15ms
15ms Stylesheet
text/css 2606:4700:3030::6815:2571
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.benefit-relief.com/l/1/1.bundle.e4a9010a2952806ee320.css?t=1611237326472
Requested by: Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/js/app.5cd9bad6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47e7d8b987cff003899bb4d124fb4a929faa100299389358210ca9754365ff10

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 404098
cf-request-id: 08651b6d7d0000c2b8c716a000000001
last-modified: Thu, 21 Jan 2021 13:55:49 GMT
server: cloudflare
etag: W/"600987e5-2c3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ynoShy%2BOLId7RfUzJ2zgV5vjnfMzdL1EG%2Fhu6%2BdKEGESyjHaNsBxZaxU%2BF4o9n1bgvJiqAUxNpBaoUjUE0V5fwilQY6EZjwTMkt%2BT%2Bu2pLXOtYt%2BACaV9Xdc8aQWMpbBrTVUTB6wQq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 624ec828cd33c2b8-FRA
expires: Fri, 21 Jan 2022 13:59:01 GMT

GET
H2 200 1.24f47267.chunk.js Show response
benefits.benefit-relief.com/l/1/js/ 66 KB
21 KB 106ms
106ms Script
application/javascript 2606:4700:3030::6815:2571
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.benefit-relief.com/l/1/js/1.24f47267.chunk.js
Requested by: Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/js/app.5cd9bad6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ce1c7dc263bd02d17e4e3f64f0e2525b3507cbe94ff73add72bd025c84360a

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Jan 2021 13:55:47 GMT
server: cloudflare
etag: W/"600987e3-10779"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SdRh%2BXg9PXSPQHiCrxqc%2Fot0qxZ%2B8eEZHTUwsCOII%2Bh2DqLjiu%2BlwS1wFL34sNCk5nXkXrohMiS870ZSdt%2BU2UNkOby%2FqxGVTFEeAUK8XiKnB%2FbsTozH8%2BkN6X5IlGB1kaTEMZkChoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 624ec828cd34c2b8-FRA
cf-request-id: 08651b6d7d0000c2b85e919000000001
expires: Fri, 21 Jan 2022 13:56:43 GMT

GET
H2 200 summary Show response
beacon.benefit-relief.com/geo/ 131 B
575 B 309ms
103ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.benefit-relief.com/geo/summary

Requested by

Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/js/4.8233fc3f.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d3145901dd5f64de3a42140b8a2036e8f166976912e32dce70941dfa3fe120a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
strict-transport-security: max-age=2592000
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=302464138&t=event&_s=2&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fl%2F1%2F%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&dp=%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=offerwall&ea=offerwall%20loaded&el=%2Fl%2F1%3Fssid%3D305&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=205999815.1613892835&tid=UA-92483201-41&_gid=1522033977.1613892835&gtm=2ou2a1&z=690933811

Requested by

Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 14:22:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61869
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graphql Show response
api.benefit-relief.com/ 12 KB
3 KB 117ms
116ms XHR
application/json 2606:4700:3031::ac43:cfd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.benefit-relief.com/graphql
Requested by: Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/js/4.8233fc3f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cfd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0bfee6b387d9601a08ffed3ab41a01ba5d4d2c70ac2c536b393809a7abfa82

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 21 Feb 2021 07:33:55 GMT
access-control-request-method: HEAD, GET, POST
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 624ec82a6b774a97-FRA
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a22RoOICsaJ2HoTKWfvpYHyOimOS%2B5EbNn%2F%2F%2BfYusGJj9o8AVGXdtVZJ%2BFQ%2F810WmpgVqh39IymqT3LLaM09NvmZsgjzzczMn04yESsycqrZs80XY4JFO%2BShm7C6%2FZETkcA8"}],"max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-graphql-event-stream: /_postgraphile/stream
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, Content-Type, Content-Length
cf-request-id: 08651b6e8100004a9769a43000000001

OPTIONS
H2 200 graphql
api.benefit-relief.com/ 0
0 123ms
99ms Other 2606:4700:3031::ac43:cfd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.benefit-relief.com/graphql
Protocol: H2
Server: 2606:4700:3031::ac43:cfd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://benefits.benefit-relief.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
access-control-allow-origin: *
access-control-request-method: HEAD, GET, POST
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, Content-Type, Content-Length
x-graphql-event-stream: /_postgraphile/stream
cf-cache-status: DYNAMIC
cf-request-id: 08651b6e1b00004a978f8d8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fJTawQNmmz%2BvHk7Dn3jWq7Qw0P%2FWTEfq3qzlPePD0UWOGc3RKHKNoS4cLaPX0N3xqNO%2BjQIqzzMNdDq%2FvH0h%2FNg0ttP%2Fz9D%2FJF52Iqm3fHSktiSIFSihb%2BSn4k2WiuI5DA0O"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 624ec829caa54a97-FRA

GET
H2 200 banner-bg.jpg
benefits.benefit-relief.com/l/1/public/ 85 KB
86 KB 16ms
15ms Image
image/jpeg 2606:4700:3030::6815:2571
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefits.benefit-relief.com/l/1/public/banner-bg.jpg
Requested by: Host: benefits.benefit-relief.com
URL: https://benefits.benefit-relief.com/l/1/bundle.f50dac2cc4500cdd8f5b.css?t=1611237326472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad410b0c41e1bd3b73871143c2cdaa1e1e4731fac46026360ae015e171fc2fd

Request headers

Referer: https://benefits.benefit-relief.com/l/1/bundle.f50dac2cc4500cdd8f5b.css?t=1611237326472
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 07:33:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1160424
content-length: 87262
cf-request-id: 08651b6e050000c2b85709b000000001
last-modified: Thu, 19 Nov 2020 13:47:26 GMT
server: cloudflare
etag: "5fb6776e-154de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1DQcEteFW9P6tkgTpn76XQQKNmEvvpvK2IASfgHRDsLzQliMEyHl4tsvjG5YBnxtBYUjSTU3G1R%2Br4xWKZ3odecj0%2FBmzr9oES%2Fj2jD7W7c7eiyPsBXWwLn9zzHae6KqCXYkRYsTayY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 624ec829adc1c2b8-FRA
expires: Sat, 20 Nov 2021 08:49:52 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://benefits.benefit-relief.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 215548
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:26 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 30ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://benefits.benefit-relief.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:27:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 486363
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:27:51 GMT

GET
H/1.1 200
OK xgtxk2kd4_1553785641895_SuperSampless_300x225_032609.jpg
support-benefits.nyc3.digitaloceanspaces.com/ahr/ 98 KB
98 KB 643ms
453ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/ahr/xgtxk2kd4_1553785641895_SuperSampless_300x225_032609.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

b455f8de9adc9534d35c7ceafddc81f46f115db376563fc2cb81a8ade03d12bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:33:55 GMT
Last-Modified: Thu, 28 Mar 2019 15:07:21 GMT
x-amz-request-id: tx00000000000002b0e629a-0060320ce3-43ba6e0-nyc3a
ETag: "667120007d28585accc175c734538dd1"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 100334

GET
H/1.1 200
OK 3zz3bjgz7_1553785670646_SuperSampless_460x160_032609.jpg
support-benefits.nyc3.digitaloceanspaces.com/ahr/ 83 KB
83 KB 358ms
166ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/ahr/3zz3bjgz7_1553785670646_SuperSampless_460x160_032609.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

d8544ac580885245b8cffcd5b6f01c7b0a903180367f2098afd0c19e156d0fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:33:55 GMT
Last-Modified: Thu, 28 Mar 2019 15:07:50 GMT
x-amz-request-id: tx000000000000014ef0fb0-0060320ce3-46b98f5-nyc3a
ETag: "f932bddf05e1dc21fdc8f0d7ea732f27"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 84710

GET
H/1.1 200
OK 8uzudsmzn_1602180129605_Senior_Assistance_Benefit_300x225.jpg
support-benefits.nyc3.digitaloceanspaces.com/bannerMobile/ 28 KB
28 KB 362ms
170ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/bannerMobile/8uzudsmzn_1602180129605_Senior_Assistance_Benefit_300x225.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

0fd42a17d8d251f2ffd610668f3df25d63b37eda4ca6d1ccf82e789c90abc0e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:29:21 GMT
Last-Modified: Thu, 08 Oct 2020 18:02:09 GMT
Age: 274
ETag: "568511fc6f81903f60493d4586b6ebde"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
x-amz-request-id: tx00000000000002b37cdb0-0060320bd1-43b5652-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 28237

GET
H/1.1 200
OK 5bbhkarj6_1602180104470_AHR_Senior_Assistance_Benefit_580x323.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 55 KB
56 KB 363ms
170ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/5bbhkarj6_1602180104470_AHR_Senior_Assistance_Benefit_580x323.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

d64042b2a82f0a0ccd4dbadb4c81b698580d794f9ba8e905dd3fe895cbbbb09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:33:49 GMT
Last-Modified: Thu, 08 Oct 2020 18:01:45 GMT
Age: 6
ETag: "cad73ed232be344cc9c67696ffae98f8"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
x-amz-request-id: tx000000000000014ef0cac-0060320cdd-46b98f5-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 56685

GET
H/1.1 200
OK r8yo83hjv_1606161657224_420x200.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 21 KB
21 KB 364ms
169ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/r8yo83hjv_1606161657224_420x200.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

626c6b88c66e9b882afe2ef6d1d6bf4ff5af7ad99cf58019f65ec27bc361cd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:32:58 GMT
Last-Modified: Mon, 23 Nov 2020 20:00:57 GMT
Age: 56
ETag: "9d693806b8cc79fcfc4507d715fdbc0d"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
x-amz-request-id: tx000000000000014eef682-0060320caa-46b98f5-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 21329

GET
H/1.1 200
OK o1r7e00gk_1545168789069_section8-desktop.jpg
support-benefits.nyc3.digitaloceanspaces.com/ahr/ 16 KB
16 KB 548ms
337ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/ahr/o1r7e00gk_1545168789069_section8-desktop.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

1c7d487c2e614144668ae526e86b1dbc787e9e87f3136708da45196f0e0aa297

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:33:55 GMT
Last-Modified: Tue, 18 Dec 2018 21:33:09 GMT
x-amz-request-id: tx000000000000014ef0fb4-0060320ce3-46b98f5-nyc3a
ETag: "de5a0dff438d719cca1aeb5e95b66db3"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 16115

GET
H/1.1 200
OK tyibn57b8_1545168783945_section8-mobile.jpg
support-benefits.nyc3.digitaloceanspaces.com/ahr/ 14 KB
15 KB 111ms
110ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/ahr/tyibn57b8_1545168783945_section8-mobile.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

db5bfb6e46140215eb30dc9ec18f8bfbd91c5f124cd51c48a868419fd48b8bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:33:55 GMT
Last-Modified: Tue, 18 Dec 2018 21:33:03 GMT
x-amz-request-id: tx00000000000002b3c8177-0060320ce3-43b55da-nyc3a
ETag: "ba14f6c904164ec454b8800237a1ff72"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 14572

GET
H/1.1 200
OK dpdysma7p_1610728154623_check.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 32 KB
32 KB 96ms
96ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/dpdysma7p_1610728154623_check.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

38ec846cfdceade300db6b117351e24139f78e4b46e1a3a3913c1c25b99a307d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:31:51 GMT
Last-Modified: Fri, 15 Jan 2021 16:29:15 GMT
Age: 124
ETag: "eb6205ab20355e001bd7486d5afcceba"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
x-amz-request-id: tx00000000000002b3c4a42-0060320c67-43b55da-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 32711

GET
H/1.1 200
OK krxwxwhna_1610728154755_check.jpg
support-benefits.nyc3.digitaloceanspaces.com/bannerMobile/ 32 KB
32 KB 95ms
95ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/bannerMobile/krxwxwhna_1610728154755_check.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

38ec846cfdceade300db6b117351e24139f78e4b46e1a3a3913c1c25b99a307d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:31:51 GMT
Last-Modified: Fri, 15 Jan 2021 16:29:15 GMT
Age: 124
ETag: "eb6205ab20355e001bd7486d5afcceba"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
x-amz-request-id: tx00000000000002b3c4a38-0060320c67-43b55da-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 32711

GET
H/1.1 200
OK 9es5ab40t_1607017294836_Cash_App.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 24 KB
24 KB 97ms
97ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/9es5ab40t_1607017294836_Cash_App.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

64990010b7b6a875e841777a86a3bad539a79acee5a7ca827761af64b5742a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 07:33:00 GMT
Last-Modified: Thu, 03 Dec 2020 17:41:35 GMT
Age: 55
ETag: "cf6fca5c3e237f219ec1d69ec0770ff1"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: image/jpeg
x-amz-request-id: tx000000000000014eef77b-0060320cac-46b98f5-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 24332

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://benefits.benefit-relief.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 496744
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 15 Feb 2022 13:34:51 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=302464138&t=event&_s=3&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fl%2F1%2F%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&dp=%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=OW%20-%20Resources4me%20-%20BrightReach&ea=view&el=%2Fl%2F1%3Fssid%3D305&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=205999815.1613892835&tid=UA-92483201-41&_gid=1522033977.1613892835&gtm=2ou2a1&z=810560515

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 17:28:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50722
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=302464138&t=event&_s=4&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fl%2F1%2F%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&dp=%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=OW%20-%20Super%20Samples&ea=view&el=%2Fl%2F1%3Fssid%3D305&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=205999815.1613892835&tid=UA-92483201-41&_gid=1522033977.1613892835&gtm=2ou2a1&z=1037889172

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 12:41:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67922
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
85 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=302464138&t=event&_s=5&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fl%2F1%2F%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&dp=%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=OW%20-%20Section%208%20Assistance&ea=view&el=%2Fl%2F1%3Fssid%3D305&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=205999815.1613892835&tid=UA-92483201-41&_gid=1522033977.1613892835&gtm=2ou2a1&z=140105835

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 05:19:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8041
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=302464138&t=event&_s=6&dl=https%3A%2F%2Fbenefits.benefit-relief.com%2Fl%2F1%2F%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&dp=%3F__por%3D1%26ssid%3D305%26sub1%3D100%26sub2%3D7c57e670-1de1-476d-a35a-93a6800851f6%26sub3%3DA9149&ul=en-us&de=UTF-8&dt=Benefit%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=OW%20-%20Senior%20Assistance%20Benefits%20&ea=view&el=%2Fl%2F1%3Fssid%3D305&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=205999815.1613892835&tid=UA-92483201-41&_gid=1522033977.1613892835&gtm=2ou2a1&z=868993642

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://benefits.benefit-relief.com/l/1/?__por=1&ssid=305&sub1=100&sub2=7c57e670-1de1-476d-a35a-93a6800851f6&sub3=A9149
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42750
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benefit-relief.com/	1970-01-19 16:18:12	Name: _gat_gtag_UA_92483201_41 Value: 1
.benefit-relief.com/	1970-01-19 16:19:39	Name: _gid Value: GA1.2.1522033977.1613892835
.benefit-relief.com/	1970-01-20 09:49:24	Name: _ga Value: GA1.2.205999815.1613892835
.benefit-relief.com/	1970-01-19 17:01:24	Name: __cfduid Value: d86de48d161f279440635a94bf663335a1613892834

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://benefits.benefit-relief.com/l/1/js/4.8233fc3f.chunk.js(Line 13) Message: i18next: languageChanged en
console-api	log	URL: https://benefits.benefit-relief.com/l/1/js/4.8233fc3f.chunk.js(Line 13) Message: i18next: initialized [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amhr.info
api.benefit-relief.com
beacon.benefit-relief.com
benefits.benefit-relief.com
fonts.googleapis.com
fonts.gstatic.com
hardshipservices.guide
ka-f.fontawesome.com
kit.fontawesome.com
support-benefits.nyc3.digitaloceanspaces.com
www.google-analytics.com
www.googletagmanager.com
107.167.93.174
162.243.189.2
2606:4700:3030::6815:2571
2606:4700:3031::ac43:cfd2
2606:4700:3032::ac43:d7c7
2606:4700::6812:1734
2606:4700:e6::ac40:ca1c
2a00:1450:4001:800::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
45.55.126.207
0073b3c9fd5c53b94fdabb324c4e4bfcac977625e3d60b9f8c47500b42a0a338
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fd42a17d8d251f2ffd610668f3df25d63b37eda4ca6d1ccf82e789c90abc0e0
1c7d487c2e614144668ae526e86b1dbc787e9e87f3136708da45196f0e0aa297
22bdb808ea117f5cd34ed84d1d733e1c166838e50b8b57223cf0934b8d3959ca
25ce1c7dc263bd02d17e4e3f64f0e2525b3507cbe94ff73add72bd025c84360a
2b73f36fa85f8612e495afc97f942b03833b753c67e12fcd3a056c15cdfab61b
2d3145901dd5f64de3a42140b8a2036e8f166976912e32dce70941dfa3fe120a
38ec846cfdceade300db6b117351e24139f78e4b46e1a3a3913c1c25b99a307d
410b66abd52766785ef4cfb54b8f75493973eaedc86d6881fa938a1f3088c586
4472a58393a40044db24f446a8a37e3482c4954a54f5333de56c2918b34051ab
4492156fcf7a679b28b4b75d5e84b2b5eec606d5da785eb67e73141d2df58db0
47e7d8b987cff003899bb4d124fb4a929faa100299389358210ca9754365ff10
4ad38b7c287f942deb7829aaf55457fcde14621d6067c47a855e232598a956e3
626c6b88c66e9b882afe2ef6d1d6bf4ff5af7ad99cf58019f65ec27bc361cd0b
64990010b7b6a875e841777a86a3bad539a79acee5a7ca827761af64b5742a96
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
8fd0ee03fb3f8e1c7be377f90d835fd49aad6b4a9ae28cc8456a32af038f8587
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
b455f8de9adc9534d35c7ceafddc81f46f115db376563fc2cb81a8ade03d12bf
cad410b0c41e1bd3b73871143c2cdaa1e1e4731fac46026360ae015e171fc2fd
cd0bfee6b387d9601a08ffed3ab41a01ba5d4d2c70ac2c536b393809a7abfa82
d5c336543068fe4bfbd6cc01688a07c7d377e61238fc8d584b9f250e29696cca
d64042b2a82f0a0ccd4dbadb4c81b698580d794f9ba8e905dd3fe895cbbbb09a
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
d8544ac580885245b8cffcd5b6f01c7b0a903180367f2098afd0c19e156d0fdf
db5bfb6e46140215eb30dc9ec18f8bfbd91c5f124cd51c48a868419fd48b8bf0

benefits.benefit-relief.com Open in urlscan Pro 2606:4700:3030::6815:2571 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

79 %IPv6

9 Domains

12 Subdomains

12 IPs

2 Countries

790 kBTransfer

1475 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

benefits.benefit-relief.com Open in urlscan Pro
2606:4700:3030::6815:2571 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

79 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

790 kB
Transfer

1475 kB
Size

4
Cookies

38 HTTP transactions
0 data transactions