benefits5.pe-benefits.com Open in urlscan Pro
104.131.93.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pexc.io/x/a6GU16T6103LC9
Effective URL:
https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
Submission: On July 10 via manual (July 10th 2022, 4:32:51 am UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 50 HTTP transactions. The main IP is 104.131.93.124, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is benefits5.pe-benefits.com.
TLS certificate: Issued by R3 on June 11th 2022. Valid for: 3 months.

This is the only time benefits5.pe-benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.135.127.64 64.135.127.64	13645 (BROADBANDONE) (BROADBANDONE)
9	104.131.93.124 104.131.93.124	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3032::6815:1e29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:c831	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2606:4700:303... 2606:4700:3035::6815:4cc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	162.243.189.2 162.243.189.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
12	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	13

1 64.135.127.64 (Miami, United States) 1 redirects

ASN13645 (BROADBANDONE, US)

pexc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.131.93.124 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

benefits5.pe-benefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:1e29 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:c831 (United States)

ASN13335 (CLOUDFLARENET, US)

push.smpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.pe-benefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::6815:4cc9 (United States)

ASN13335 (CLOUDFLARENET, US)

event.smpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.243.189.2 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nyc3.digitaloceanspaces.com

support-benefits.nyc3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

thanos-assets.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support-benefits.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

hostandpost.rputools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	rputools.com hostandpost.rputools.com — Cisco Umbrella Rank: 758745	3 KB
12	pe-benefits.com benefits5.pe-benefits.com beacon.pe-benefits.com	1021 KB
10	digitaloceanspaces.com support-benefits.nyc3.digitaloceanspaces.com thanos-assets.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 751326 support-benefits.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 785917	506 KB
5	smpush.com push.smpush.com — Cisco Umbrella Rank: 186465 event.smpush.com — Cisco Umbrella Rank: 133860	3 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1942 ka-f.fontawesome.com — Cisco Umbrella Rank: 4239	23 KB
3	gstatic.com fonts.gstatic.com	68 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2733	370 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	69 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	pexc.io 1 redirects pexc.io	211 B
50	10

	Domain	Requested by
12	hostandpost.rputools.com	benefits5.pe-benefits.com
9	benefits5.pe-benefits.com	benefits5.pe-benefits.com
4	support-benefits.nyc3.digitaloceanspaces.com
4	event.smpush.com	push.smpush.com
3	support-benefits.nyc3.cdn.digitaloceanspaces.com
3	thanos-assets.nyc3.cdn.digitaloceanspaces.com
3	fonts.gstatic.com	fonts.googleapis.com
3	beacon.pe-benefits.com	benefits5.pe-benefits.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	region1.google-analytics.com	www.googletagmanager.com
1	push.smpush.com	benefits5.pe-benefits.com
1	www.googletagmanager.com	benefits5.pe-benefits.com
1	kit.fontawesome.com	benefits5.pe-benefits.com
1	fonts.googleapis.com	benefits5.pe-benefits.com
1	pexc.io	1 redirects
50	15

This site contains no links.

Subject Issuer	Validity	Valid
benefits.pe-benefits.com R3	`2022-06-11` - `2022-09-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh
beacon.pe-benefits.com R3	`2022-07-08` - `2022-10-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.nyc3.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-09` - `2023-05-26`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
Frame ID: 6821DDCCF4ECA4555CAC65BA928E7F76
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Precision Excavatingmap_icon

Page URL History Show full URLs

https://pexc.io/x/a6GU16T6103LC9 HTTP 302
https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t61... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

50
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

15
Subdomains

13
IPs

2
Countries

1696 kB
Transfer

1959 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pexc.io/x/a6GU16T6103LC9 HTTP 302
https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
benefits5.pe-benefits.com/l/2/
Redirect Chain

https://pexc.io/x/a6GU16T6103LC9
https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww

7 KB
3 KB

730ms
104ms

Document
text/html

104.131.93.124
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.131.93.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff597cfde81e2ec44fabc66af53713bdfa15459825441db028c3b94abfc98126

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 10 Jul 2022 04:32:44 GMT
ETag: W/"628fd618-1b25"
Last-Modified: Thu, 26 May 2022 19:33:44 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

cache-control: no-cache
content-length: 0
date: Sun, 10 Jul 2022 04:32:43 GMT
location: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
pragma: no-cache
server: Cowboy

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 104ms
32ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Requested by

Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

134a34661b81cec950a7cc40f7875b460eb6b912b744c420f2211e3c7f3250ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 10 Jul 2022 04:32:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 10 Jul 2022 04:32:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Jul 2022 04:32:44 GMT

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 11 KB
4 KB 302ms
29ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/268a7048dd.js

Requested by

Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 728693c62fa8bbad-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fvsu8M01hkStXOLxIyWi

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 91ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C89TKQTZ45

Requested by

Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c93d66bd59dae62bb1cbb9c1854d0fd70d2482d60c415e386257ef61ccd6b70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70552
x-xss-protection: 0
expires: Sun, 10 Jul 2022 04:32:44 GMT

GET
H/1.1 200
OK bundle.e40f76b810389dba5d71.css
benefits5.pe-benefits.com/l/2/ 38 KB
9 KB 108ms
104ms Stylesheet
text/css 104.131.93.124
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits5.pe-benefits.com/l/2/bundle.e40f76b810389dba5d71.css?t=1653593594368
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.131.93.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d12ba8023c5cc2a8a2bceddb85db405032e214507599b78995b484f7d5292448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 19:33:44 GMT
Server: nginx
ETag: W/"628fd618-98de"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 10 Jul 2023 04:32:44 GMT

GET
H/1.1 200
OK 7.020c5489.chunk.js Show response
benefits5.pe-benefits.com/l/2/js/ 313 KB
313 KB 203ms
94ms Script
application/javascript 104.131.93.124
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.131.93.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ec0ac6e7bc76394420caa54a1a0c6c6f786b3b17241f10b7bea736b3816309d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:44 GMT
Last-Modified: Thu, 26 May 2022 19:33:44 GMT
Server: nginx
ETag: "628fd618-4e369"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 320361
Expires: Mon, 10 Jul 2023 04:32:44 GMT

GET
H/1.1 200
OK app.0ed08fcd.js Show response
benefits5.pe-benefits.com/l/2/js/ 475 KB
476 KB 384ms
184ms Script
application/javascript 104.131.93.124
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits5.pe-benefits.com/l/2/js/app.0ed08fcd.js
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.131.93.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 43998fa05d9ea295e755a7f9d1373b8d0604d1826fde6f63f94c59cac04dfdbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/l/2/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:44 GMT
Last-Modified: Thu, 26 May 2022 19:33:44 GMT
Server: nginx
ETag: "628fd618-76d19"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 486681
Expires: Mon, 10 Jul 2023 04:32:44 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
353 B 41ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C89TKQTZ45&gtm=2oe6t0&_p=1821132550&_z=ccd.v9B&cid=992847101.1657427565&ul=en-us&sr=1600x1200&_s=1&sid=1657427564&sct=1&seg=0&dl=https%3A%2F%2Fbenefits5.pe-benefits.com%2Fl%2F2%2F%3Fwid%3D76c8bfe8-6888-4531-b270-c38ad1cad679%26affid%3D2CT%26s1%3Dnull%26s2%3Da6gu16t6103lc9%26s3%3Ds44peww&dt=Precision%20Excavating&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C89TKQTZ45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jul 2022 04:32:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits5.pe-benefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 63ms
44ms Fetch
text/css 2606:4700:3032::6815:1e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:44 GMT
via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upWfhYskmXWAQxXMJefKC4bdLOM9245Yc3HTfNQdxgqvd2NKDR7n57akIwy7k0DCx3CgLXoSDrc%2BkbvJEgNtanG2Pd45Z908WWr8Lzr%2BmfnDr4wl9J28mQzO5%2FyDwb03v%2BLGeBpZ86niwLFXj1EMHsMq8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 728693c679799bfe-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: I7kXlup11ctJzExxJQjjEI0G0TmBAuPacxwzTONEwyo3JHk13KQTWw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 62ms
43ms Fetch
text/css 2606:4700:3032::6815:1e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:44 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brjZY6bqco8zdwFNgrZ3MFS984lVwGThdfRogLRN43k5F8NVcKDwlm8G%2BfZLvUeJZaKhESpl5mbjdhCBp8lOYBFJXZZwsoUvzl3az1vTQTAMi3PUFhOouxv1jCuhHtq7X8vPwnINfJp3SNsBkQWRd63Hhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 728693c6797a9bfe-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 40aMAlTUc_T-S0NsjX7qv6n4zDCvgCmkcvSKbD-bcF6Iss3BMWtu-g==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 64ms
46ms Fetch
text/css 2606:4700:3032::6815:1e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:44 GMT
via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9xfJ%2Bb82P6TvQWevVFJmlImgkWeLe8crYsbpHKPP05aVG%2BhxIvYaVNgMlet2u8SfTuSuXeGSIPWarytiDrVc1LTq1Do08RplGaNuXNJP%2FZ2%2Bmpo7TIVgQPZxhYmLyWdN8DkmK5XgpfcZOJe8LM9FOCTpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 728693c6797c9bfe-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 1RIsN2M0_SBM_3KvEwSmVf0N9jj2db-CM791TL5O7LnhVEQusYGNcg==

GET
H2 200 l8emw37gkr Show response
push.smpush.com/scripts/push/script/ 7 KB
3 KB 464ms
415ms Script
application/javascript 2606:4700:3030::ac43:c831
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits5.pe-benefits.com

Requested by

Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/app.0ed08fcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae8f7d960ab32a5f4d0d028eeda5a97e2d87e8175c82570ac2288e8aaf7664e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 09 Jul 2022 00:44:38 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLdXOnEnc6N1zHjed94u2Y7mX5NHTlmtngrpvLYVDFJUq7KpPS8omQljCVmjGXtf0PBr17MsVlSrc9RgwWxgax1J672U8ruFV2Gy%2BcuPs66csTf1E7rfH%2FYK2bCIEJfIJ%2Ff1L0Sz4LdNA69kOxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: max-age=14400, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 728693c9fc089c12-FRA
expires: 0

GET
H2 200 summary Show response
beacon.pe-benefits.com/geo/ 115 B
556 B 717ms
106ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.pe-benefits.com/geo/summary

Requested by

Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

22a01ac9b0b836a7f300231b6ed33389c9324fe612fa066d1c7e2daa7bbe7e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:45 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
strict-transport-security: max-age=2592000
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2 200 76c8bfe8-6888-4531-b270-c38ad1cad679 Show response
beacon.pe-benefits.com/t/ 13 KB
4 KB 769ms
159ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.pe-benefits.com/t/76c8bfe8-6888-4531-b270-c38ad1cad679?affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&wid=76c8bfe8-6888-4531-b270-c38ad1cad679

Requested by

Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

335e99372374cfa402495d1c80e59a558ff4470caf013573a3c2aa4c4e656e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:45 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
strict-transport-security: max-age=2592000
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H/1.1 200
OK 0.5415aa12.chunk.js Show response
benefits5.pe-benefits.com/l/2/js/ 39 KB
40 KB 99ms
99ms Script
application/javascript 104.131.93.124
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits5.pe-benefits.com/l/2/js/0.5415aa12.chunk.js
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/app.0ed08fcd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.131.93.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8adf2184a552e0e74fab2f417b0a997b798ec17c3f4bfa55af9488dd8ec24255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/l/2/?affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&wid=76c8bfe8-6888-4531-b270-c38ad1cad679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:45 GMT
Last-Modified: Thu, 26 May 2022 19:33:44 GMT
Server: nginx
ETag: "628fd618-9ce6"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40166
Expires: Mon, 10 Jul 2023 04:32:45 GMT

GET
H/1.1 200
OK 1.00cae461.chunk.js Show response
benefits5.pe-benefits.com/l/2/js/ 15 KB
15 KB 95ms
95ms Script
application/javascript 104.131.93.124
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits5.pe-benefits.com/l/2/js/1.00cae461.chunk.js
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/app.0ed08fcd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.131.93.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: acf0f0848c631c7403428fc251b72c81eaadbd0923adb207e78c685d49634ca8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/l/2/?affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&wid=76c8bfe8-6888-4531-b270-c38ad1cad679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:45 GMT
Last-Modified: Thu, 26 May 2022 19:33:44 GMT
Server: nginx
ETag: "628fd618-3afa"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15098
Expires: Mon, 10 Jul 2023 04:32:45 GMT

GET
H/1.1 200
OK 2.bundle.87957b82c919d6141277.css
benefits5.pe-benefits.com/l/2/ 19 KB
4 KB 100ms
99ms Stylesheet
text/css 104.131.93.124
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits5.pe-benefits.com/l/2/2.bundle.87957b82c919d6141277.css?t=1653593594368
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/app.0ed08fcd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.131.93.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d3524349563dcdca537f3c79d726418953a82470c5cfbd9204afe2c249ab210c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/l/2/?affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&wid=76c8bfe8-6888-4531-b270-c38ad1cad679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 19:33:44 GMT
Server: nginx
ETag: W/"628fd618-4ab1"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 10 Jul 2023 04:32:45 GMT

GET
H/1.1 200
OK 2.cfb374fc.chunk.js Show response
benefits5.pe-benefits.com/l/2/js/ 72 KB
72 KB 412ms
411ms Script
application/javascript 104.131.93.124
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits5.pe-benefits.com/l/2/js/2.cfb374fc.chunk.js
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/app.0ed08fcd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.131.93.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 35627787d64996f940af8ae82b405f80a877eb90637fd1b79a6a3fe83f7ce386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/l/2/?affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&wid=76c8bfe8-6888-4531-b270-c38ad1cad679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:45 GMT
Last-Modified: Thu, 26 May 2022 19:33:44 GMT
Server: nginx
ETag: "628fd618-12094"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73876
Expires: Mon, 10 Jul 2023 04:32:45 GMT

POST
H3 200 l8em299vgk
event.smpush.com/register/event_log/ 0
0 400ms
376ms Fetch 2606:4700:3035::6815:4cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.smpush.com/register/event_log/l8em299vgk

Requested by

Host: push.smpush.com
URL: https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits5.pe-benefits.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4cc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 10 Jul 2022 04:32:47 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kMUTMVjj%2BV%2BPqmfufExtj68eeIk7zNSXtmBHDnmLw4fowsRQ3MrPFfmzF0%2BH4Brgj%2BZZEM1YRe8%2Bx2zmsMTpjMVirAPhdzVAviuB50L47iJRxjZBGh%2BJFpaGZsqWYtRsBgj2iNe29APW3xqD13K"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://benefits5.pe-benefits.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 728693d4de9dbbc2-FRA
x-pushplatformapp-params

OPTIONS
H2 200 l8em299vgk
event.smpush.com/register/event_log/ 0
0 163ms
116ms Preflight 2606:4700:3035::6815:4cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.smpush.com/register/event_log/l8em299vgk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://benefits5.pe-benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://benefits5.pe-benefits.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728693d3fdc7bc01-FRA
content-length: 0
date: Sun, 10 Jul 2022 04:32:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=camLDWbBMXsi8DBlR7fA4vNPV7l2VBeKv8xzS4vtoNMPSR1qrSa5WZ6i%2BRatPliPCBKQHuX3KvvKVH7xg6YGfDJMgy9dm1kwTq37yOlOkeAFfdRJwaoqP6VE%2BEKLoPo6g6rVfCncO2JmgXk1Pm75"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H3 200 l8em299vgk
event.smpush.com/register/event_log/ 0
0 419ms
396ms Fetch 2606:4700:3035::6815:4cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.smpush.com/register/event_log/l8em299vgk

Requested by

Host: push.smpush.com
URL: https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits5.pe-benefits.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4cc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 10 Jul 2022 04:32:47 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tsjf8ZXidi4PBcOT1clMDdDkyJMiQx1RPeyqu29GoYehRT40DmvznNNuSc8LbdbhUuRs0omWdWEVHZ2X4KHieGIKTWaKgnuWlg%2FNpK%2FEjp6RByiFEfa48dwAJUTVxhh6i6lveFDQgtFUKchERVmc"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://benefits5.pe-benefits.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 728693d4dea0bbc2-FRA
x-pushplatformapp-params

OPTIONS
H2 200 l8em299vgk
event.smpush.com/register/event_log/ 0
0 164ms
117ms Preflight 2606:4700:3035::6815:4cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.smpush.com/register/event_log/l8em299vgk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://benefits5.pe-benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://benefits5.pe-benefits.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728693d3fdcabc01-FRA
content-length: 0
date: Sun, 10 Jul 2022 04:32:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQlx%2FUZUwEpftkBd3JzsuTPaUZOKIhc%2BaS%2FCa4TCSqk5zn8T%2BPDuYshEhiRwxFYi4KZM5iFAnv%2FB5ZIAXYRD3XAc8qN%2Fws4AtBrW%2FvXuAP2GqBlPdjus%2BhP4Klh55i8aHm2KQKla8VHBSP5QBaRT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 76c8bfe8-6888-4531-b270-c38ad1cad679 Show response
beacon.pe-benefits.com/t/ 13 KB
4 KB 156ms
156ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

335e99372374cfa402495d1c80e59a558ff4470caf013573a3c2aa4c4e656e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:47 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
strict-transport-security: max-age=2592000
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H/1.1 200
OK bg-desktop.jpg
benefits5.pe-benefits.com/l/2/public/pe/background/ 81 KB
81 KB 306ms
305ms Image
image/jpeg 104.131.93.124
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefits5.pe-benefits.com/l/2/public/pe/background/bg-desktop.jpg
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/bundle.e40f76b810389dba5d71.css?t=1653593594368
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.131.93.124 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87849dec2e1f4ca8a502281839f6e21545d6f8732cadb1cacfc3bbbf9b5c3c0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/l/2/bundle.e40f76b810389dba5d71.css?t=1653593594368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:47 GMT
Last-Modified: Thu, 26 May 2022 19:33:44 GMT
Server: nginx
ETag: "628fd618-142e5"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 82661
Expires: Mon, 10 Jul 2023 04:32:47 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 115ms
62ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits5.pe-benefits.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:10:10 GMT
x-content-type-options: nosniff
age: 386557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:10:10 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 113ms
63ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits5.pe-benefits.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 386733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:07:14 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 74ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits5.pe-benefits.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 386733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:07:14 GMT

GET
H2 200 kwt72rcjn_1606164131481_420x200.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 34 KB
34 KB 612ms
396ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/kwt72rcjn_1606164131481_420x200.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

01533f2f0634d14d21f9986a54b44fff7acac14df9586a68f56d81c0ba5cc826

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
last-modified: Mon, 23 Nov 2020 20:42:12 GMT
x-amz-request-id: tx00000000000011474f50c-0062ca5670-319c06cb-nyc3c
etag: "b5cda0a74c21ad74c2f2c1f937f70446"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/jpeg
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 34494

GET
H/1.1 200
OK 0cb2e0855b1e31da93433a018fd49ef3imgpsh_fullsize_anim%20(2).jpg
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/ 82 KB
83 KB 485ms
409ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/0cb2e0855b1e31da93433a018fd49ef3imgpsh_fullsize_anim%20(2).jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

18c2073d10c98bf8ab5da14e0bc54aee2b2433323035031fa69ab78a36b249f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:48 GMT
Connection: Keep-Alive
Last-Modified: Fri, 21 Jan 2022 17:20:54 GMT
x-amz-request-id: tx00000000000011484cbbb-0062ca5670-319b2d5a-nyc3c
etag: "7fd9f0a3971fe6d0548670737811a4d8"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1657427567.dop159.fr8.t,1657427567.cds150.fr8.shn,1657427567.dop159.fr8.t,1657427568.cds122.fr8.pr
Content-Type: image/jpeg
Cache-Control: max-age=600
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 84198

GET
H/1.1 200
OK agtync43j_1615993654191_InsureMyCaAuto_420x200.jpg
support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/ 28 KB
29 KB 296ms
22ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/agtync43j_1615993654191_InsureMyCaAuto_420x200.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

e0821b97765cadc0472367e807547b8b585a492dae44bda217ced1f357c93764

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:48 GMT
Connection: Keep-Alive
Last-Modified: Wed, 17 Mar 2021 15:07:34 GMT
x-amz-request-id: tx000000000000100c879ba-0062c3135a-319bec8f-nyc3c
etag: "db21ab251bed5d0502916a43548d07d1"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1657427568.dop237.fr8.t,1657427568.cds139.fr8.shn,1657427568.dop237.fr8.t,1657427568.cds231.fr8.c
Content-Type: image/jpeg
Cache-Control: max-age=128874
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 28623

GET
H2 200 qqzjs3ias_1605914517850_Section8_460x160.jpg
support-benefits.nyc3.digitaloceanspaces.com/bannerMobile/ 23 KB
23 KB 420ms
205ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/bannerMobile/qqzjs3ias_1605914517850_Section8_460x160.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

dad6168b5a30c02b5fbc0b5b06c40fd314b6564088ccd40e0fd0f7f38016f532

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
last-modified: Fri, 20 Nov 2020 23:21:57 GMT
x-amz-request-id: tx0000000000001146cf614-0062ca5670-319bec8f-nyc3c
etag: "0a63e30e6d42510f67886a1ad81aa11d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/jpeg
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 23822

GET
H/1.1 200
OK 80812dcf4fb6eeb657193a018fd63cabimgpsh_fullsize_anim%20(3).jpg
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/ 85 KB
86 KB 623ms
368ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/80812dcf4fb6eeb657193a018fd63cabimgpsh_fullsize_anim%20(3).jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4aea5705ce1a0490590a1997dc1e26912ee365eef2e11e14fc9064493b813cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:48 GMT
Connection: Keep-Alive
Last-Modified: Fri, 21 Jan 2022 17:22:40 GMT
x-amz-request-id: tx00000000000011474f5d1-0062ca5670-319c06cb-nyc3c
etag: "43827d3c357e26cedbe609bcad5621de"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1657427568.dop167.fr8.shc,1657427568.dop167.fr8.t,1657427568.cds221.fr8.pr
Content-Type: image/jpeg
Cache-Control: max-age=600
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 87329

GET
H/1.1 200
OK 3520caa51c1cb26ee22b3a0281bd8359MyDegree_420x200%20(1).jpg
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/ 27 KB
28 KB 656ms
401ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/3520caa51c1cb26ee22b3a0281bd8359MyDegree_420x200%20(1).jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

91c84b01520f320c773201eb2fffb5fb03eb197a165bc228a0f730248915d1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:48 GMT
Connection: Keep-Alive
Last-Modified: Wed, 09 Mar 2022 16:43:46 GMT
x-amz-request-id: tx0000000000001146cf6f6-0062ca5670-319bec8f-nyc3c
etag: "7c79e6e079be96cb981ca4748b3707a9"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1657427568.dop160.fr8.shc,1657427568.dop160.fr8.t,1657427568.cds054.fr8.pr
Content-Type: image/jpeg
Cache-Control: max-age=600
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 28157

GET
H/1.1 200
OK cl831th9f_1621605392236_HousingBenefits_420x200%20%281%29.jpg
support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/ 91 KB
92 KB 887ms
577ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/cl831th9f_1621605392236_HousingBenefits_420x200%20%281%29.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

810ffe5ef82311916140b802dff402c5631630a2a37f2622f7f735f58f4de39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:48 GMT
Last-Modified: Fri, 21 May 2021 13:56:32 GMT
x-amz-request-id: tx00000000000011474f60e-0062ca5670-319c06cb-nyc3c
etag: "6adbeb565a25c47eae8adbac3be3161a"
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-HW: 1657427568.dop052.fr8.t,1657427568.cds222.fr8.shn,1657427568.dop052.fr8.t,1657427568.cds158.fr8.p
Content-Type: image/jpeg
Cache-Control: max-age=604800
x-rgw-object-type: Normal
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 93403

GET
H/1.1 200
OK vy1yd66x0_1621605313010_FoodStampsAssistance_420x200%20%281%29.jpg
support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/ 74 KB
74 KB 338ms
18ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/vy1yd66x0_1621605313010_FoodStampsAssistance_420x200%20%281%29.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

7613bdc57521fb36367f38a13556992dbd27dc3008c85f6f251225f1c840e0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 04:32:48 GMT
Connection: Keep-Alive
Last-Modified: Fri, 21 May 2021 13:55:13 GMT
x-amz-request-id: tx00000000000010c8794f2-0062c74ccf-319c06cb-nyc3c
etag: "08fec1e035195f0fd78b84ef52e5bcad"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1657427568.dop237.fr8.t,1657427568.cds139.fr8.shn,1657427568.dop237.fr8.t,1657427568.cds260.fr8.c
Content-Type: image/jpeg
Cache-Control: max-age=405727
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 75467

GET
H2 200 6y7nsjejw_1607097276401_Charmin_420x200.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 35 KB
35 KB 518ms
303ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/6y7nsjejw_1607097276401_Charmin_420x200.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

8dc46ad51dee3717bc4dc15e822c57dde2f76f29394b190814274503d7361227

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
last-modified: Fri, 04 Dec 2020 15:54:37 GMT
x-amz-request-id: tx00000000000011484cb5b-0062ca5670-319b2d5a-nyc3c
etag: "fadd1d73cfd20f0e2086033d39cbeceb"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/jpeg
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 35758

GET
H2 200 6jxnch5qh_1606162713822_420x200.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 23 KB
23 KB 418ms
204ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/6jxnch5qh_1606162713822_420x200.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

fa19212bd9ead632bf886ed1c00c615f6a4174f5444f80f77ccc0f65019b8a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits5.pe-benefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
last-modified: Mon, 23 Nov 2020 20:18:33 GMT
x-amz-request-id: tx00000000000011474f50a-0062ca5670-319c06cb-nyc3c
etag: "bd684285c3008beccb3c458d5c8f6dea"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/jpeg
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 23077

OPTIONS
H2 200 pending
hostandpost.rputools.com/api/queue/ 0
0 361ms
116ms Preflight
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=0c47dce9-3956-4c4d-84f6-4f63e4739e92&trackingUrl=http://travelerguidebuddy.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://benefits5.pe-benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, session_id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728693dc6fc790e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Jul 2022 04:32:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OttHsZaldFDkSdcVpBvwA8L%2FhomP2WbpmBTVDMJPPsQ2%2BykSaA41ZIlcZIk5r7ZnGPju2%2B9Fggfz%2B19%2BdQAfTp8zlkCTfQwthKDRg1g%2BjQzYYcEgqnPIZuBXngGJvI6oQBmpuw9U8qFE5ud2K9%2FfuExmln2%2B9rI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H2 200 pending
hostandpost.rputools.com/api/queue/ 0
0 359ms
116ms Preflight
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=65b1db71-d092-44e6-8202-89b77993a6d6&trackingUrl=http://travelerguidebuddy.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://benefits5.pe-benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, session_id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728693dc6fc890e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Jul 2022 04:32:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1pTKA295aOoAZdrcDajQ4pwI%2FHm3TkE%2FUKrr21twanDk8wBRLcwRUSg77U3wG8zI7q1jq20T9aQPFpP9o9kgLeKK5%2BGLkci8AWKlYdjXtQVb7HJtMGSkVa9XIBTFEJDTxy0gtgDXsgjia6bmoaPfHpsyStuYSA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H2 200 pending
hostandpost.rputools.com/api/queue/ 0
0 371ms
131ms Preflight
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=d084c1d4-1af3-406f-be68-7ffc77de0e7d&trackingUrl=http://travelerguidebuddy.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://benefits5.pe-benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, session_id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728693dc6fca90e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Jul 2022 04:32:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwTOJHVYZQDqJjA49YVAO5Xkhu%2FKHdy1DY7ipTwqWF9l2L5RR9I1nRTJNdd%2FfjJppAgH59UPSMfxCvpqErUmxMUx%2BmdmLe7qqHIGmalT5eqpVvb%2Ft9%2BRIWWsdPI41udDo6sJqAhWT5t0zlFi16MfTdTvepNOr2E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H2 200 pending
hostandpost.rputools.com/api/queue/ 0
0 350ms
114ms Preflight
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=9e6e6f42-6c05-401c-bd18-04cbf9fb9f7b&trackingUrl=http://travelerguidebuddy.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://benefits5.pe-benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, session_id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728693dc6fcb90e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Jul 2022 04:32:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHxQ8Go%2BXasMzHhRUrZWu3oeTLp0ZKlAci%2FeMEmpaCbgK6AzXgJOtaj7gkodDRIpXup%2Fb2cTfQ9O0jrR%2FF3pHIsZRk3lIpQ%2FqN%2FxqfnKJBTOvBsa4TnL5yN%2BDxEKEGoUqM66hZQvx6%2FQ%2BzR2kXHdYQoEJkRGg4c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H2 200 pending
hostandpost.rputools.com/api/queue/ 0
0 349ms
114ms Preflight
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=6007335b-4d5c-4476-8848-9d0d5b0ac84a&trackingUrl=http://travelerguidebuddy.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://benefits5.pe-benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, session_id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728693dc6fcd90e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Jul 2022 04:32:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTSCntSVMm0u6CbPjjfprjXaw0BWaeIpyQHjhizkV4wZhyDfSz5tU9kU6ynNESnmH8Xh3C%2BlEyDtMVtZteR047QLk6FFVYMt04Q7WwOMtLynQdDmVNNNWuPz7BOCsQo0f3Px68KHusdJ%2Fv3RTzfZAVht%2FbX7Ewo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 pending Show response
hostandpost.rputools.com/api/queue/ 19 B
616 B 180ms
161ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=0c47dce9-3956-4c4d-84f6-4f63e4739e92&trackingUrl=http://travelerguidebuddy.com
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxT7%2Bbri31ZtFe8oGNGviTm3jzEBfC%2FOF5kejrDK5GSSJIUjFhJFF%2F%2BN7mdTL9R6R8i4ZN%2BE84tpGf8DohVRfSfpfV5TpAlIVAYjlVz%2BKbPPWLcrdglROqihrRjj1ihpPPYFo%2FEG1hhqAgx2IxNdxGuXlcTHo%2Fg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 728693dd491491d2-FRA
access-control-allow-headers: Content-Type, session_id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pending Show response
hostandpost.rputools.com/api/queue/ 19 B
578 B 227ms
208ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=65b1db71-d092-44e6-8202-89b77993a6d6&trackingUrl=http://travelerguidebuddy.com
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNlEBHEG%2B%2FMqkc7IQ9VReFsjBamF9LfEPMZcctZxzS1prbVrGbS5XrwRmCvvU4wBxRD%2BjoLDRChDsuUCdlBEyQRdmoSWqR6Hhl9IFv8bWwzqEuBPiOEA5QU4K3%2F%2Fz3gZNXHhmVmGVKkygKFPlQAheAfcQLcIPpY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 728693dd491991d2-FRA
access-control-allow-headers: Content-Type, session_id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pending Show response
hostandpost.rputools.com/api/queue/ 19 B
577 B 242ms
238ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=d084c1d4-1af3-406f-be68-7ffc77de0e7d&trackingUrl=http://travelerguidebuddy.com
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8gIGDBLHFB0%2BZSdiVaaMIyHHy%2FaAiWL2%2FM%2FGzeIkrZb%2FOSHkjmZpThJW2PWpXbgMzNwUyutRWBA5vV2Z4fsz2fhCVvQred9iPYaZsx%2BAMVeDOAzlzK8PQHIl5xKKooLmlzhl342gobGaZrkxDP64nh6V4AwLbA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 728693dd491691d2-FRA
access-control-allow-headers: Content-Type, session_id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pending Show response
hostandpost.rputools.com/api/queue/ 19 B
574 B 230ms
209ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=9e6e6f42-6c05-401c-bd18-04cbf9fb9f7b&trackingUrl=http://travelerguidebuddy.com
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqRuO6MJfa0tyrd3w5vvVjF2sZ6PChNQf9Fg6rlU9%2BsY8dUGboBgUf6hsVBBonGdTwBzyl7O139j%2FK5HsdJxYSbiTe6NgyrVIpOu6bZLq%2Btf7gI0st0EROZgF%2FZak8twzSFChyBb5gy3rxLIkXTVAkREinhEUmM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 728693dd491791d2-FRA
access-control-allow-headers: Content-Type, session_id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pending Show response
hostandpost.rputools.com/api/queue/ 19 B
573 B 203ms
182ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=6007335b-4d5c-4476-8848-9d0d5b0ac84a&trackingUrl=http://travelerguidebuddy.com
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUidMZ1T6ZARe92h67UTcvZt56lnnax4QRqSehIYIJK8ZcUZ%2BGOs%2FISmUr6Es9XDMhRfWvlUZkFp66qthfrGS9khbJvJ7P7LDZPA4SUOlYrGXkg%2FupT75gadZhKtjRLYEFqEPWsOmhtchZuHnb0zKRKg8cuUJ2Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 728693dd491591d2-FRA
access-control-allow-headers: Content-Type, session_id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pending Show response
hostandpost.rputools.com/api/queue/ 19 B
575 B 205ms
196ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=78aea899-a46c-4455-b80a-0f1d751d4207&trackingUrl=http://travelerguidebuddy.com
Requested by: Host: benefits5.pe-benefits.com
URL: https://benefits5.pe-benefits.com/l/2/js/7.020c5489.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Sun, 10 Jul 2022 04:32:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6sJ1okRfMdqaqyIhReqSdbAzxrSfUUnxuUTqQydeyouZRBOxuVwCnMKZu7yGKy%2FBECiRi8ucPojJoZyItDgh%2BxK0PZm8d8LAsp%2B3Ag0PPh0LojuQmfc4uSPwzlFRmGqRvOlOO4SxfSVMRMVv8%2FIYmB6UIIQKXM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 728693dd491891d2-FRA
access-control-allow-headers: Content-Type, session_id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 pending
hostandpost.rputools.com/api/queue/ 0
0 359ms
127ms Preflight
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&mobile=&full_date=July%2010,%202022&domain=benefits5.pe-benefits.com&age=&day=sunday&hour=4&utchour=4&utcday=sunday&uuid=fa910561-dd84-4f03-b3cb-b13efea081c0&folder=l2/&sms_opt_in=&sms_optin=&tcpa_opt_in=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ip=178.162.209.129&country=DE&email_signup_url=&cid=78aea899-a46c-4455-b80a-0f1d751d4207&trackingUrl=http://travelerguidebuddy.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://benefits5.pe-benefits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, session_id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728693dc7fce90e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Jul 2022 04:32:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cB0BY5Kfx1Zo8028i3PMhWqI63aK2s0sKF7FPatS0sionUPEUls%2B6aHNey68W2Kldu5zBHdf3XFH6uyU4HOGCoyFin4PItLK2fzlak8Ltg3kupVGZCJcN%2FcfgqWDg2YxCmMtmXiD9eXLDDVm%2F2dmZtT6BIGrtEE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 77ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C89TKQTZ45&gtm=2oe6t0&_p=1821132550&_z=ccd.v9B&cid=992847101.1657427565&ul=en-us&sr=1600x1200&sid=1657427564&sct=1&seg=1&dl=https%3A%2F%2Fbenefits5.pe-benefits.com%2Fl%2F2%2F%3Faffid%3D2CT%26s1%3Dnull%26s2%3Da6gu16t6103lc9%26s3%3Ds44peww%26session_id%3D308d3a68-991a-4fe3-b80a-c808df5b4892%26wid%3D76c8bfe8-6888-4531-b270-c38ad1cad679&dt=Precision%20Excavating&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C89TKQTZ45
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefits5.pe-benefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Jul 2022 04:32:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits5.pe-benefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pe-benefits.com/	1970-01-20 21:54:59	Name: _ga Value: GA1.1.992847101.1657427565
			.pe-benefits.com/	1970-01-20 21:54:59	Name: _ga_C89TKQTZ45 Value: GS1.1.1657427564.1.1.1657427567.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://benefits5.pe-benefits.com/l/2/?affid=2CT&s1=null&s2=a6gu16t6103lc9&s3=s44peww&session_id=308d3a68-991a-4fe3-b80a-c808df5b4892&wid=76c8bfe8-6888-4531-b270-c38ad1cad679#!/hst Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.pe-benefits.com
benefits5.pe-benefits.com
event.smpush.com
fonts.googleapis.com
fonts.gstatic.com
hostandpost.rputools.com
ka-f.fontawesome.com
kit.fontawesome.com
pexc.io
push.smpush.com
region1.google-analytics.com
support-benefits.nyc3.cdn.digitaloceanspaces.com
support-benefits.nyc3.digitaloceanspaces.com
thanos-assets.nyc3.cdn.digitaloceanspaces.com
www.googletagmanager.com
104.131.93.124
162.243.189.2
2001:4860:4802:34::36
205.185.216.42
2606:4700:3030::ac43:c831
2606:4700:3032::6815:1e29
2606:4700:3035::6815:4cc9
2606:4700::6812:1634
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:82a::2003
2a06:98c1:3120::3
45.55.126.207
64.135.127.64
01533f2f0634d14d21f9986a54b44fff7acac14df9586a68f56d81c0ba5cc826
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
134a34661b81cec950a7cc40f7875b460eb6b912b744c420f2211e3c7f3250ac
18c2073d10c98bf8ab5da14e0bc54aee2b2433323035031fa69ab78a36b249f6
22a01ac9b0b836a7f300231b6ed33389c9324fe612fa066d1c7e2daa7bbe7e0b
2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366
335e99372374cfa402495d1c80e59a558ff4470caf013573a3c2aa4c4e656e0d
35627787d64996f940af8ae82b405f80a877eb90637fd1b79a6a3fe83f7ce386
43998fa05d9ea295e755a7f9d1373b8d0604d1826fde6f63f94c59cac04dfdbf
4aea5705ce1a0490590a1997dc1e26912ee365eef2e11e14fc9064493b813cdb
68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7613bdc57521fb36367f38a13556992dbd27dc3008c85f6f251225f1c840e0b8
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
810ffe5ef82311916140b802dff402c5631630a2a37f2622f7f735f58f4de39e
87849dec2e1f4ca8a502281839f6e21545d6f8732cadb1cacfc3bbbf9b5c3c0f
8adf2184a552e0e74fab2f417b0a997b798ec17c3f4bfa55af9488dd8ec24255
8dc46ad51dee3717bc4dc15e822c57dde2f76f29394b190814274503d7361227
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c84b01520f320c773201eb2fffb5fb03eb197a165bc228a0f730248915d1cd
acf0f0848c631c7403428fc251b72c81eaadbd0923adb207e78c685d49634ca8
ae8f7d960ab32a5f4d0d028eeda5a97e2d87e8175c82570ac2288e8aaf7664e4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c93d66bd59dae62bb1cbb9c1854d0fd70d2482d60c415e386257ef61ccd6b70f
d12ba8023c5cc2a8a2bceddb85db405032e214507599b78995b484f7d5292448
d3524349563dcdca537f3c79d726418953a82470c5cfbd9204afe2c249ab210c
dad6168b5a30c02b5fbc0b5b06c40fd314b6564088ccd40e0fd0f7f38016f532
e0821b97765cadc0472367e807547b8b585a492dae44bda217ced1f357c93764
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0ac6e7bc76394420caa54a1a0c6c6f786b3b17241f10b7bea736b3816309d4
fa19212bd9ead632bf886ed1c00c615f6a4174f5444f80f77ccc0f65019b8a9f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
ff597cfde81e2ec44fabc66af53713bdfa15459825441db028c3b94abfc98126

benefits5.pe-benefits.com Open in urlscan Pro 104.131.93.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

64 %IPv6

10 Domains

15 Subdomains

13 IPs

2 Countries

1696 kBTransfer

1959 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

benefits5.pe-benefits.com Open in urlscan Pro
104.131.93.124 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

15
Subdomains

13
IPs

2
Countries

1696 kB
Transfer

1959 kB
Size

2
Cookies

50 HTTP transactions
0 data transactions