benefits.legalactionfinder.com Open in urlscan Pro
164.90.140.247 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clck.ru/WbMeS
Effective URL:
https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Submission: On October 14 via manual (October 14th 2021, 10:19:33 am UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 31 HTTP transactions. The main IP is 164.90.140.247, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is benefits.legalactionfinder.com.
TLS certificate: Issued by R3 on September 10th 2021. Valid for: 3 months.

This is the only time benefits.legalactionfinder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	213.180.204.221 213.180.204.221	13238 (YANDEX) (YANDEX)
1 1	77.88.21.232 77.88.21.232	13238 (YANDEX) (YANDEX)
1	146.185.253.123 146.185.253.123	50673 (SERVERIUS-AS) (SERVERIUS-AS)
11	164.90.140.247 164.90.140.247	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	104.18.22.52 104.18.22.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
3	172.67.161.47 172.67.161.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
1	172.67.200.49 172.67.200.49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	172.67.213.152 172.67.213.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
4	104.21.76.201 104.21.76.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	13

1 213.180.204.221 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: clck.ru

clck.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.88.21.232 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: sba.search.yandex.net

sba.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.253.123 (Dronten, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: mx1.getrespecthelp.com

neenors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 164.90.140.247 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

benefits.legalactionfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.52 (None, )

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.161.47 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.200.49 (United States)

ASN13335 (CLOUDFLARENET, US)

push.smpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.legalactionfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.213.152 (United States)

ASN13335 (CLOUDFLARENET, US)

api.benefit-relief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

support-benefits.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.76.201 (None, )

ASN13335 (CLOUDFLARENET, US)

event.smpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	legalactionfinder.com benefits.legalactionfinder.com beacon.legalactionfinder.com	1019 KB
5	smpush.com push.smpush.com event.smpush.com	3 KB
4	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	23 KB
3	gstatic.com fonts.gstatic.com	68 KB
2	benefit-relief.com api.benefit-relief.com	4 KB
1	digitaloceanspaces.com support-benefits.nyc3.cdn.digitaloceanspaces.com	29 KB
1	google-analytics.com www.google-analytics.com	369 B
1	googletagmanager.com www.googletagmanager.com	49 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	neenors.com neenors.com	437 B
1	yandex.net 1 redirects sba.yandex.net	298 B
1	clck.ru 1 redirects clck.ru	370 B
31	12

	Domain	Requested by
11	benefits.legalactionfinder.com	neenors.com benefits.legalactionfinder.com
4	event.smpush.com	push.smpush.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	api.benefit-relief.com	benefits.legalactionfinder.com
1	support-benefits.nyc3.cdn.digitaloceanspaces.com
1	beacon.legalactionfinder.com	benefits.legalactionfinder.com
1	push.smpush.com	benefits.legalactionfinder.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	benefits.legalactionfinder.com
1	kit.fontawesome.com	benefits.legalactionfinder.com
1	fonts.googleapis.com	benefits.legalactionfinder.com
1	neenors.com
1	sba.yandex.net	1 redirects
1	clck.ru	1 redirects
31	15

This site contains links to these domains. Also see Links.

Domain
legalactionfinder.com

Subject Issuer	Validity	Valid
www.neenors.com Go Daddy Secure Certificate Authority - G2	`2021-02-15` - `2022-02-15`	a year	crt.sh
benefits.legalactionfinder.com R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
beacon.legalactionfinder.com R3	`2021-08-26` - `2021-11-24`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Frame ID: ED18B79E121F28CD0FEC1B6C4BCEDB8E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Legal Action Findermap_icon

Page URL History Show full URLs

https://clck.ru/WbMeS HTTP 302
https://sba.yandex.net/redirect?url=https%3A%2F%2Fneenors.com%2F100608571b701163800%2F&client=clck&... HTTP 302
https://neenors.com/100608571b701163800/ Page URL
https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3= Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

1197 kB
Transfer

1401 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://legalactionfinder.com/terms.php
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalactionfinder.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalactionfinder.com/donotsell.php
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://legalactionfinder.com/unsubscribe.php
Title: Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clck.ru/WbMeS HTTP 302
https://sba.yandex.net/redirect?url=https%3A%2F%2Fneenors.com%2F100608571b701163800%2F&client=clck&sign=895cad6ee92c7b8f57d5124113c0f0c1 HTTP 302
https://neenors.com/100608571b701163800/ Page URL
https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://clck.ru/WbMeS HTTP 302
https://sba.yandex.net/redirect?url=https%3A%2F%2Fneenors.com%2F100608571b701163800%2F&client=clck&sign=895cad6ee92c7b8f57d5124113c0f0c1 HTTP 302
https://neenors.com/100608571b701163800/

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set /
neenors.com/100608571b701163800/
Redirect Chain

https://clck.ru/WbMeS
https://sba.yandex.net/redirect?url=https%3A%2F%2Fneenors.com%2F100608571b701163800%2F&client=clck&sign=895cad6ee92c7b8f57d5124113c0f0c1
https://neenors.com/100608571b701163800/

143 B
437 B

437ms
382ms

Document
text/html

146.185.253.123
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neenors.com/100608571b701163800/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.253.123 Dronten, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: mx1.getrespecthelp.com
Software: Apache /
Resource Hash

Request headers

Host: neenors.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 14 Oct 2021 10:19:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 143
Server: Apache
Set-Cookie: uid15731=1101201742-20211014051927-557443a7b26216421d830035b3d52805-; domain=; expires=Fri, 15-Oct-2021 11:19:27 GMT; path=/; SameSite=None; Secure

Redirect headers

Content-Length: 287
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Oct 2021 10:19:26 GMT
Location: https://neenors.com/100608571b701163800/
Strict-Transport-Security: max-age=3600; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Primary Request / Show response
benefits.legalactionfinder.com/l/2/ 10 KB
4 KB 291ms
89ms Document
text/html 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Requested by: Host: neenors.com
URL: https://neenors.com/100608571b701163800/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: dcd18861d6a288d107c48fd6893ea526d92b63179cd1c5cdd0864aabe04fea73

Request headers

Host: benefits.legalactionfinder.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://neenors.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://neenors.com/

Response headers

Server: nginx
Date: Thu, 14 Oct 2021 10:19:27 GMT
Content-Type: text/html
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6166fb72-26b3"
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 40ms
16ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

2a245d5316ce74ea8dea80f99838916f6d44d7724c7ba0d7fd2fffc9adda308c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 10:19:27 GMT
server: ESF
date: Thu, 14 Oct 2021 10:19:27 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 10:19:27 GMT

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 11 KB
4 KB 45ms
17ms Script
text/javascript 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/268a7048dd.js

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2c541caebe0c03f12aaf91164c76174b26ceb91df7a64db114ddca4f50bfa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:19:27 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 44
strict-transport-security: max-age=31536000; preload
x-request-id: FqeL8C_qU3sogMoAILcC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 69e011caa87e6969-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
49 KB 59ms
34ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VEWJ1C78X1

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3ea2d7f422c96fcdc813c2bd46037a9e6b518ed71f7686cabeef75323b4ca260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:19:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49511
x-xss-protection: 0
expires: Thu, 14 Oct 2021 10:19:27 GMT

GET
H/1.1 200
OK bundle.6cdcfa4e9e02e5fdba0e.css
benefits.legalactionfinder.com/l/2/ 30 KB
7 KB 88ms
88ms Stylesheet
text/css 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/bundle.6cdcfa4e9e02e5fdba0e.css?t=1634138961022
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8688a1f575b4a1e51924c24b0d8471e2b29c82de5de9fd7ae452a71ff41c2d1b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: W/"6166fb72-76a5"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Oct 2022 10:19:27 GMT

GET
H/1.1 200
OK logo.png
benefits.legalactionfinder.com/l/2/public/ 2 KB
3 KB 260ms
87ms Image
image/png 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefits.legalactionfinder.com/l/2/public/logo.png?v=etytuytiu
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 80a15f8c3dec732f606920d0a697da8d412741b8a859b1d90ef5423ab3daf37b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:28 GMT
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: "6166fb72-94f"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2383
Expires: Fri, 14 Oct 2022 10:19:28 GMT

GET
H/1.1 200
OK 8.36704195.chunk.js Show response
benefits.legalactionfinder.com/l/2/js/ 289 KB
289 KB 221ms
173ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/8.36704195.chunk.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cb138a43d4d73814359026d7693ade06968fa070ee521d391da3cb1f1ed41866

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:27 GMT
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: "6166fb72-484a8"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 296104
Expires: Fri, 14 Oct 2022 10:19:27 GMT

GET
H/1.1 200
OK app.3108811a.js Show response
benefits.legalactionfinder.com/l/2/js/ 401 KB
401 KB 340ms
170ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/app.3108811a.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5fa741412d63b8c12677ebb46b5efa4ff97b52f12f87ccb32024679c318cb14b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:28 GMT
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: "6166fb72-64381"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 410497
Expires: Fri, 14 Oct 2022 10:19:28 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 63ms
21ms Fetch
text/css 172.67.161.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:19:27 GMT
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137740
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61yURqAFIx1MNUnUknOOVnaR4xlrOc2R9J38tv4W7PEgZDIa1Jn1hin2kZbJlwn%2BFO84vUXVSPWwiGvZ50ilUPjSPWETsOdAyYROwgdUBgjxHRBFvEWWwH6BO8UAU5QfJ6HNMgd9BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: DUS51-P1
cf-ray: 69e011cb0ae0f9de-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9pNcW-KQFbruslEpv6R8ZKxmBPjGuYgTftAfvzio0PDNdxr9rKxjQA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 61ms
20ms Fetch
text/css 172.67.161.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:19:27 GMT
via: 1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137740
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55PbRHEdRos5OO5ubMpodBQW6bCavXPwpPBVumnE8ulubhYjtZgti9vmukGTQb0IRb9Eet0k276M%2FsNJXoNTLksJYkvAmnp7IZjjIaQXhxo3nM8mmfyQtj2hDiYfoysb16FYreIjIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: DUS51-P1
cf-ray: 69e011cb0ae1f9de-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: J4dduqTNnfjL4d-p4uOYUlr4XimU1tqfSuH6yWGgaMW5ZYr0S6BH7w==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 62ms
21ms Fetch
text/css 172.67.161.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:19:27 GMT
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137740
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruKTjAGnS%2Fi4Za4xwHk5yfmS50s7wlXDiPBeke8Oma91sYvwg850ASZ0Kv0lE2QwQgx7%2BC3z%2FzIfX2WIfpOwyN99OlB%2FKmS%2Bquak49kUuBdOCMdCQ5GRfVBrj6RPH7os4B0W%2Bg37zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: DUS51-P1
cf-ray: 69e011cb0ae2f9de-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: gx7oi8qOcylD7MngEW5S4UkIe-SNowOt2wrOe_8rupU-wEfQ0T6rgQ==

GET
H/1.1 200
OK banner.png
benefits.legalactionfinder.com/l/2/public/ 175 KB
175 KB 296ms
173ms Image
image/png 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefits.legalactionfinder.com/l/2/public/banner.png
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 74572f8daaf2baacd3b19367e15adf6dd7ea968371bf360bd8186fc32942e0f6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=472932&s2=1101201742&s3=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:28 GMT
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: "6166fb72-2bc2f"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179247
Expires: Fri, 14 Oct 2022 10:19:28 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 35ms
12ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 194779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 04:13:08 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 41ms
18ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 358781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 06:39:46 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
369 B 41ms
14ms Ping
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VEWJ1C78X1&gtm=2oeab0&_p=39504286&sr=1600x1200&ul=en-us&cid=961366786.1634206768&_s=1&dl=https%3A%2F%2Fbenefits.legalactionfinder.com%2Fl%2F2%2F%3Fssid%3D269%26s1%3D472932%26s2%3D1101201742%26s3%3D&dr=https%3A%2F%2Fneenors.com%2F&dt=Legal%20Action%20Finder&sid=1634206767&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VEWJ1C78X1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f142.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 10:19:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.legalactionfinder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l8emw37gkr Show response
push.smpush.com/scripts/push/script/ 7 KB
3 KB 458ms
414ms Script
application/javascript 172.67.200.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.legalactionfinder.com

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.3108811a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.200.49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa8bbd9c96a72ca0669412b6de1193ca698718a3515b625a5972ef84c262a910

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Oct 2021 20:03:48 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=py8WFUrMXiPGA7D2tTDh6cDUt6Hb0VMXabM4ZZn%2B6xpiz3BoCZzbiqc%2BhyKUhkjfw11QHxeOj5%2B%2BmHtPLIXxSCPIJEyCkJ%2BOqWdYd2DkTd7AO2fMc%2FK3bfJeEmK4nOQLFkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: max-age=14400, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 69e011cf8d45411a-PRG
expires: 0

GET
H/1.1 200
OK 0.2b7a2c75.chunk.js Show response
benefits.legalactionfinder.com/l/2/js/ 18 KB
18 KB 86ms
85ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/0.2b7a2c75.chunk.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.3108811a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 658c755cffda0171e31568101dbcc003d6a533a674aa09085f980ae4eae5e949

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
Cookie: _ga_VEWJ1C78X1=GS1.1.1634206767.1.0.1634206767.0; _ga=GA1.1.961366786.1634206768
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:28 GMT
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: "6166fb72-4645"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17989
Expires: Fri, 14 Oct 2022 10:19:28 GMT

GET
H/1.1 200
OK 1.a58d5275.chunk.js Show response
benefits.legalactionfinder.com/l/2/js/ 39 KB
40 KB 87ms
87ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/1.a58d5275.chunk.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.3108811a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4afce3e703e59e9ff49811c5542bae82ad39781410eb3fc56b40d40bac08f1cc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
Cookie: _ga_VEWJ1C78X1=GS1.1.1634206767.1.0.1634206767.0; _ga=GA1.1.961366786.1634206768
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:28 GMT
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: "6166fb72-9d8b"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40331
Expires: Fri, 14 Oct 2022 10:19:28 GMT

GET
H/1.1 200
OK 2.e6f5d09d.chunk.js Show response
benefits.legalactionfinder.com/l/2/js/ 15 KB
16 KB 88ms
88ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/2.e6f5d09d.chunk.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.3108811a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 99cf294029e27842b9e682117deddd00003b67ee12bae01c0981f18257db20ae

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
Cookie: _ga_VEWJ1C78X1=GS1.1.1634206767.1.0.1634206767.0; _ga=GA1.1.961366786.1634206768
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:28 GMT
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: "6166fb72-3d19"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15641
Expires: Fri, 14 Oct 2022 10:19:28 GMT

GET
H/1.1 200
OK 3.bundle.36928ed1821e4bdb5c25.css
benefits.legalactionfinder.com/l/2/ 16 KB
4 KB 88ms
87ms Stylesheet
text/css 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/3.bundle.36928ed1821e4bdb5c25.css?t=1634138961022
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.3108811a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 680354e5efe5c88e17c4663abacf1bb2f4b1a07420a9625ebc30b777026006da

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
Cookie: _ga_VEWJ1C78X1=GS1.1.1634206767.1.0.1634206767.0; _ga=GA1.1.961366786.1634206768
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: W/"6166fb72-3e42"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Oct 2022 10:19:28 GMT

GET
H/1.1 200
OK 3.cc7481da.chunk.js Show response
benefits.legalactionfinder.com/l/2/js/ 62 KB
62 KB 174ms
174ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/3.cc7481da.chunk.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.3108811a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 32dcaea9e70abbc7254138c581d329e00b636b0280a6fff76b5d23cc06b927bb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
Cookie: _ga_VEWJ1C78X1=GS1.1.1634206767.1.0.1634206767.0; _ga=GA1.1.961366786.1634206768
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:28 GMT
Last-Modified: Wed, 13 Oct 2021 15:29:54 GMT
Server: nginx
ETag: "6166fb72-f7b1"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63409
Expires: Fri, 14 Oct 2022 10:19:28 GMT

GET
H2 200 summary Show response
beacon.legalactionfinder.com/geo/ 121 B
568 B 307ms
103ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.legalactionfinder.com/geo/summary

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/8.36704195.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9be6bb0ea6fe5222a52bb50e809fbff4fb7a3eeed9e8c09acac8b63c7eacd1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:19:28 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
strict-transport-security: max-age=2592000
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

OPTIONS
H2 200 graphql
api.benefit-relief.com/ 0
0 193ms
145ms Preflight 172.67.213.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.benefit-relief.com/graphql
Protocol: H2
Server: 172.67.213.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://benefits.legalactionfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Oct 2021 10:19:28 GMT
access-control-allow-origin: *
access-control-request-method: HEAD, GET, POST
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, Content-Type, Content-Length
x-graphql-event-stream: /_postgraphile/stream
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sr9sUOtaSWide4Dlx%2F1%2FSPfeEz4KOnHK2EdrSvQr7RqoofARe%2BMlUo%2FQNCilXNEJCYyv69zADtWAK22iEGDVMzlg42RrZXC%2FFrZxezV%2FakmCqjpSQ8SfwCG7Xyow3sRUfH60kZNr%2BJXG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69e011d1595c27b8-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 graphql Show response
api.benefit-relief.com/ 14 KB
4 KB 192ms
191ms XHR
application/json 172.67.213.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.benefit-relief.com/graphql
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/8.36704195.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.213.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c7b4c24fe30113e6fa8d5af20ea90fcee29de8c903575e0099a4e3df4d620

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 14 Oct 2021 10:19:29 GMT
access-control-request-method: HEAD, GET, POST
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69e011d24a2227b8-PRG
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iViNIPPF%2FFEnfsFIa8HN10vjw%2FRcsdQUbLozbFACd9J2PF3Ae3mhzRXD1BrfqVsqxuG%2FGrwr7A%2B29mxJqZ%2BCCVxidR7cdewg%2BS2SEFQw43ou95WcJdneRko1lBhJbxTOF7nnsgX8Kwg"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-graphql-event-stream: /_postgraphile/stream
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, Content-Type, Content-Length

GET
H/1.1 200
OK zvw17oyjk_1611762556078_Lawsuit_Winning_Round_Up_300x225.jpg
support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/ 29 KB
29 KB 49ms
9ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/zvw17oyjk_1611762556078_Lawsuit_Winning_Round_Up_300x225.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d76d0edb91bc45b2b98a6da1d4aa0b6f6dee013926bdd26aa18dc57432d2bc9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 10:19:29 GMT
Connection: Keep-Alive
Last-Modified: Wed, 27 Jan 2021 15:49:16 GMT
x-amz-request-id: tx00000000000006bf823be-0061635888-1800930a-nyc3c
etag: "014a3bd4ea33d635ae79868dca00892f"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1634206769.dop041.fr8.t,1634206769.cds127.fr8.shn,1634206769.dop041.fr8.t,1634206769.cds103.fr8.c
Content-Type: image/jpeg
Cache-Control: max-age=298711
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 29303

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 22ms
7ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 16:36:33 GMT
x-content-type-options: nosniff
age: 409376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 09 Oct 2022 16:36:33 GMT

POST
H3 200 l8emwpvgkr
event.smpush.com/register/event_log/ 0
0 637ms
403ms Fetch 104.21.76.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.smpush.com/register/event_log/l8emwpvgkr

Requested by

Host: push.smpush.com
URL: https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.legalactionfinder.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.76.201 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 14 Oct 2021 10:19:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKRtEXuZUdNUmPDFd%2Bm8lsCnXILJ6paVISpQnHYvION5zMIKZ4ArnS6DXmtpDBhJy007dImoKatA%2BolSwQfJ3IIR58%2BUed0IBMaS52hv7Jy%2FTNqDVMUYtFLW9p7%2F2sCpQJJh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://benefits.legalactionfinder.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 69e011dcda2427b4-PRG
x-pushplatformapp-params

OPTIONS
H2 200 l8emwpvgkr
event.smpush.com/register/event_log/ 0
0 455ms
413ms Preflight 104.21.76.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.smpush.com/register/event_log/l8emwpvgkr
Protocol: H2
Server: 104.21.76.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://benefits.legalactionfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Oct 2021 10:19:30 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://benefits.legalactionfinder.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1kOTFqGxZAYmWxk4IhgMnqP7OU1oD7nJERLxeIkqk7PfLIpn1v7Nb3F1itvPAMXm2TX849V8Kcx2e4RxQ5H2dVEByWvb%2FCzjhASMuNxwO2i6r2aCmGdvp9iCR1M42vZmFD0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69e011d8ca802784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 l8emwpvgkr
event.smpush.com/register/event_log/ 0
0 632ms
400ms Fetch 104.21.76.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.smpush.com/register/event_log/l8emwpvgkr

Requested by

Host: push.smpush.com
URL: https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.legalactionfinder.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.76.201 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 14 Oct 2021 10:19:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOt4CU5wlJbGJiKFD4DzaRuK%2BBGU%2B8HY5lOKaG0%2F9fn7YZXfwRzoTo7UCf4KhXeHWZZgEE1nJ0JdodjilTLcViVcdGcGtpjajUC8sfHWfqlaR6S51BHFhp4g4bhLX8f1heI0"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://benefits.legalactionfinder.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 69e011dcda2527b4-PRG
x-pushplatformapp-params

OPTIONS
H2 200 l8emwpvgkr
event.smpush.com/register/event_log/ 0
0 457ms
416ms Preflight 104.21.76.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.smpush.com/register/event_log/l8emwpvgkr
Protocol: H2
Server: 104.21.76.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://benefits.legalactionfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Oct 2021 10:19:30 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://benefits.legalactionfinder.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjO3LsULjXh7eTcGNdBls0Kab25n20qAe2UcqV2kB83UNQ9zDGMUr%2FbZwe1l%2B9aYI62nTGD2FX20OcnVbGcjKoa%2FPNtGWruxNm%2F7yiXhFE6Qqtl7eKhbpl48pcj4tT3P3iE%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69e011d8ca822784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
neenors.com/	1970-01-19 21:58:16	Name: uid15731 Value: 1101201742-20211014051927-557443a7b26216421d830035b3d52805-
.legalactionfinder.com/	1970-01-20 15:27:58	Name: _ga Value: GA1.1.961366786.1634206768
.legalactionfinder.com/	1970-01-20 15:27:58	Name: _ga_VEWJ1C78X1 Value: GS1.1.1634206767.1.1.1634206770.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://benefits.legalactionfinder.com/l/2/?s1=472932&s2=1101201742&s3=&session_id=25eb40e9-78cd-4324-a3a9-6acdbf43a281&ssid=269#!/hst Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.benefit-relief.com
beacon.legalactionfinder.com
benefits.legalactionfinder.com
clck.ru
event.smpush.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
neenors.com
push.smpush.com
sba.yandex.net
support-benefits.nyc3.cdn.digitaloceanspaces.com
www.google-analytics.com
www.googletagmanager.com
104.18.22.52
104.21.76.201
142.250.184.202
142.250.184.232
142.250.185.131
146.185.253.123
164.90.140.247
172.217.16.142
172.67.161.47
172.67.200.49
172.67.213.152
205.185.216.10
213.180.204.221
45.55.126.207
77.88.21.232
2a245d5316ce74ea8dea80f99838916f6d44d7724c7ba0d7fd2fffc9adda308c
32dcaea9e70abbc7254138c581d329e00b636b0280a6fff76b5d23cc06b927bb
3ea2d7f422c96fcdc813c2bd46037a9e6b518ed71f7686cabeef75323b4ca260
4afce3e703e59e9ff49811c5542bae82ad39781410eb3fc56b40d40bac08f1cc
5fa741412d63b8c12677ebb46b5efa4ff97b52f12f87ccb32024679c318cb14b
658c755cffda0171e31568101dbcc003d6a533a674aa09085f980ae4eae5e949
680354e5efe5c88e17c4663abacf1bb2f4b1a07420a9625ebc30b777026006da
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
74572f8daaf2baacd3b19367e15adf6dd7ea968371bf360bd8186fc32942e0f6
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
80a15f8c3dec732f606920d0a697da8d412741b8a859b1d90ef5423ab3daf37b
8688a1f575b4a1e51924c24b0d8471e2b29c82de5de9fd7ae452a71ff41c2d1b
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
99cf294029e27842b9e682117deddd00003b67ee12bae01c0981f18257db20ae
9be6bb0ea6fe5222a52bb50e809fbff4fb7a3eeed9e8c09acac8b63c7eacd1e3
b2c541caebe0c03f12aaf91164c76174b26ceb91df7a64db114ddca4f50bfa94
c11c7b4c24fe30113e6fa8d5af20ea90fcee29de8c903575e0099a4e3df4d620
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cb138a43d4d73814359026d7693ade06968fa070ee521d391da3cb1f1ed41866
d76d0edb91bc45b2b98a6da1d4aa0b6f6dee013926bdd26aa18dc57432d2bc9f
dcd18861d6a288d107c48fd6893ea526d92b63179cd1c5cdd0864aabe04fea73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa8bbd9c96a72ca0669412b6de1193ca698718a3515b625a5972ef84c262a910
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

benefits.legalactionfinder.com Open in urlscan Pro 164.90.140.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

0 %IPv6

12 Domains

15 Subdomains

13 IPs

4 Countries

1197 kBTransfer

1401 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

benefits.legalactionfinder.com Open in urlscan Pro
164.90.140.247 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

1197 kB
Transfer

1401 kB
Size

3
Cookies

31 HTTP transactions
0 data transactions