usbenefitsguide.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://usbenefitsguide.com/
Submission Tags: @ecarlesi possiblethreat #phishing Search All
Submission: On October 28 via api (October 28th 2023, 12:22:12 pm UTC) from FR — Scanned from NL

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 43 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is usbenefitsguide.com.
TLS certificate: Issued by GTS CA 1P5 on October 27th 2023. Valid for: 3 months.

This is the only time usbenefitsguide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	34.107.249.15 34.107.249.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	3.233.53.79 3.233.53.79	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:209... 2600:9000:2090:aa00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
5	3.216.35.27 3.216.35.27	14618 (AMAZON-AES) (AMAZON-AES)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.156.61.171 108.156.61.171	16509 (AMAZON-02) (AMAZON-02)
1	3.209.34.145 3.209.34.145	14618 (AMAZON-AES) (AMAZON-AES)
43	13

16 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

usbenefitsguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.249.15 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.249.107.34.bc.googleusercontent.com

www.c6cmgvtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.233.53.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-53-79.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2090:aa00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.216.35.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-35-27.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.61.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-171.ams1.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.34.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-34-145.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	usbenefitsguide.com usbenefitsguide.com	3 MB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 25271 cdn.trustedform.com — Cisco Umbrella Rank: 28978	38 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 t.clarity.ms — Cisco Umbrella Rank: 7395 c.clarity.ms — Cisco Umbrella Rank: 1405	27 KB
5	leadid.com create.leadid.com — Cisco Umbrella Rank: 15368	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	c6cmgvtrk.com www.c6cmgvtrk.com	19 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 17080	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	764 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 27272	39 KB
0	ipqscdn.com Failed www.ipqscdn.com Failed
43	11

	Domain	Requested by
16	usbenefitsguide.com	usbenefitsguide.com cdn.trustedform.com
5	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	fonts.googleapis.com	usbenefitsguide.com
3	t.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	cdn.trustedform.com	usbenefitsguide.com api.trustedform.com
2	www.clarity.ms	usbenefitsguide.com www.clarity.ms
2	www.c6cmgvtrk.com	usbenefitsguide.com www.c6cmgvtrk.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	c.bing.com	1 redirects
1	create.lidstatic.com	usbenefitsguide.com
0	www.ipqscdn.com Failed	usbenefitsguide.com
43	14

This site contains no links.

Subject Issuer	Validity	Valid
usbenefitsguide.com GTS CA 1P5	`2023-10-27` - `2024-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
nshwg2tr.com Starfield Secure Certificate Authority - G2	`2023-07-05` - `2024-06-12`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh

This page contains 3 frames:

Primary Page: https://usbenefitsguide.com/
Frame ID: BA569DC615041E4193871B2994EA9E45
Requests: 41 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=25810B47-CB7F-163A-F9FA-3B5ABD120572&lac=78F5B404-AC1F-C2AC-4091-C714C8413DA5
Frame ID: C40312E8E022FD8F1EE3402AD0442005
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=25810B47-CB7F-163A-F9FA-3B5ABD120572&lac=78F5B404-AC1F-C2AC-4091-C714C8413DA5
Frame ID: 1A1028D3747A8EFF53E7E680C859BB8F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Social Security Disability Benefits

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

93 %
HTTPS

46 %
IPv6

11
Domains

14
Subdomains

13
IPs

3
Countries

3662 kB
Transfer

4247 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16984957270130.9542738134601625&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16984957270130.9542738134601625&invert_field_sensitivity=false

Request Chain 24

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A005787AED9F441799C6C088F833D22E&RedC=c.clarity.ms&MXFR=2D901A4FC604670A32EC09F7C20469D3 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A005787AED9F441799C6C088F833D22E&MUID=25C1478CF82C64BA1CF55434F9FE65BD

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
usbenefitsguide.com/ 29 KB
8 KB 474ms
402ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usbenefitsguide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d2639601fc8951a59ba2d78ddba8d60962837b209168cd5e9aac09206d02e43

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81d3246a3db99bc4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 28 Oct 2023 12:22:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntXESmNUDNQg2AbToQZry9Z9pEdolUcpRnHUHv6yunONsxJ%2B2m0CyO7UocJypvhPW45SmeUfMg4ibDW3wn856OctScPgeDyTt8ceyahaU945n1%2BLDoSw9%2FPx1FBmIg55cUshTZ4Onfn3v2KhwNz2YgXY"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
553 B 82ms
32ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Maven+Pro:wght@900&display=swap

Requested by

Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d71a40a51453f59b986787469df1bb13138ecaad12e9991701d88984a9ae58bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 12:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 12:22:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 12:22:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 88ms
38ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 12:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 10:40:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 12:22:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
947 B 81ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans:wght@400;700&display=swap

Requested by

Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9b71c5eaa38cdc096b9155d085559cbd569e299c476f5f649dea619afe869f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 12:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 11:38:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 12:22:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
693 B 85ms
35ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300;700;900&display=swap

Requested by

Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68fd4f93fd594cfe2f52d45fc379fe1d9d4ccc1e278aa823ccf2d50e51a0717d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 12:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 12:22:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 12:22:05 GMT

GET
H2 200 style2.css
usbenefitsguide.com/css/ 26 KB
5 KB 560ms
558ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usbenefitsguide.com/css/style2.css
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787c0383d7c15159e5d1500a40f36959b2fd332c808e9b36cafc8b20bec0bed7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPX8GRw6V77lQKFG6rxkh%2BAidKKy2Xg90do4HOWvBua7kZzUGCeU%2BREuvrEkUm%2FlRU9k7UX9BlntW6BRkXL68eNd42ZyyCeVC3JY5KjNtyGPDnHXlYkvZZk0iCcXYMgdaaUSeRL7eFaPxY%2FvVYFhXk12"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81d3246cc8bc9bc4-FRA
alt-svc: h3=":443"; ma=86400

GET learn.js
www.ipqscdn.com/api/usdisabilitypartners.com/z1gt1tIEh8Vwv3ZwVVNeX1I6DZI4ox2lMAkXTTNL1HWMfhcHfzSq5hzf1h6mQeL3CDnmTS1B2MUbBFQb6khRLFkjMoy39EFpxYPCsDCoyNOdhyegZ53ahT877EN61vW0ZazMGdJr1OT1J0tCqPNFqRqk... 0
0

GET
H2 200 logo.png
usbenefitsguide.com/images/ 17 KB
17 KB 562ms
561ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbenefitsguide.com/images/logo.png
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67e94c2e3ad38c1d959a001ec7dfd102789c925b4e0281eb3bd1b8b8fa471fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:06 GMT
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rl2%2FDpRmVEukyywVJXwejWT7mqx9qL8%2FjGy5doMH9PfRONOXI%2FkXq2y0DxZ0HB3DEyGv2q43L5Kl9dR75TId3Punz9g4yHWixXqrYjf1EP9BUh9HpTU4wb0a5NjgxncIVJuVHnZ1Qv%2BEhCZi%2B8zJu3wX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81d3246cc8bd9bc4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17288

GET
H2 200 loading.gif
usbenefitsguide.com/images/ 3 KB
3 KB 374ms
373ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbenefitsguide.com/images/loading.gif
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c40f0d154764279c7cdd9aa67692eee2193324b90f8d4f638ecd31489d553b1d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:05 GMT
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsAg1iU3YAeJOUADdqOkhFHG2QGqHBZgirNsUM79nfVzYFLcAb5HQ4ukdE4D%2FSN4CxT0Z1Wsy9ymVpLsrj0otAjO1bNwDqUforK3Im2%2BTI8blMG1IdWlaX4Ml4e9%2BA3uDB9f0MCKdsbLPuV813DccUYZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81d3246cc8be9bc4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3083

GET
H3 200 logo1.png
usbenefitsguide.com/images/ 2 MB
2 MB 30ms
29ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbenefitsguide.com/images/logo1.png
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99b17ac15aa7122b80c8d19879505e9d5d8081624261029d43d72df4020c2c63

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:05 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 15:06:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1094
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nM9FuvMmgEfPhkJTjpB02uwiKFdfeocWkYjGFbqvCKrs7p6tHnSI7DPZ%2BUW23Zb3juD%2Ffgs%2B10dG%2BMCcvQ1bXYjjqNqrChqF42%2FZIXjYXRkxcuTMAULPpVEmsPCVekB9ka6Ss5Qu44fAozQmsFkGwJZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81d3246f2c319bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1666884

GET
H3 200 jquery.min2.js Show response
usbenefitsguide.com/js/ 89 KB
32 KB 869ms
868ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usbenefitsguide.com/js/jquery.min2.js
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0964f6bbd28f4168a0a9a5974b07b2bb1683d9979d1e033e05724b2990143e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0IrmdnXraNdLTEmwBjfflGTJv37Y5%2Ftnbq9iM%2FkgfVGSbcCmY7DMzVYXGqsrPmEdZhtjpRwS92qCeMV9HOlQaeqY0oEJVar2OOslLDclb45TteXPUk%2Bwwq4E3WbNMzP1m9xwcUoWuMHjbkOJKCjgaRr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81d324705d7a9bbc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.validate.min.js Show response
usbenefitsguide.com/js/ 23 KB
8 KB 542ms
541ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usbenefitsguide.com/js/jquery.validate.min.js
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUqWkDJ%2BChc5egQ41aNqHZyGDMsQ1a47FY7lKKkuggLQDg3G5ADD8o4uxsMxXycbvVjR8mh4UGWKQcmXcnrNA%2BWHMpU33%2F9XXd8wYpINSR0ChHCWlaeXTLaN86w1VB1R01iKmZ3%2FrxvqDlm17saBPARD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81d324706d889bbc-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 everflow.js Show response
www.c6cmgvtrk.com/scripts/sdk/ 60 KB
19 KB 206ms
117ms Script
text/javascript 34.107.249.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.c6cmgvtrk.com/scripts/sdk/everflow.js
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.15 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.249.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e7bcfcaa883f5f56dbbccaa39f4b627b55a80427b4ac2f87cbd3acb3353d95fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:06 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 9a0f6cec-3d21-4dfd-9976-55ab3613b0d8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gy7xs3uixj Show response
www.clarity.ms/tag/ 650 B
1013 B 178ms
110ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gy7xs3uixj
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2424c521c4a2a9c06aef521b6243a7536ca1dcf07c1e9ee331149340e13373ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: -1
date: Sat, 28 Oct 2023 12:22:06 GMT
x-azure-ref: 20231028T122206Z-mtc7fwte0p5ud6en8r935kp1g400000003bg000000008qd3
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 bg.jpg
usbenefitsguide.com/images/ 15 KB
15 KB 546ms
546ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbenefitsguide.com/images/bg.jpg
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/css/style2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 068484bf81a4c86f4625aee662fbd064271bf241a2f1a69e939bfde347e57d01

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:06 GMT
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fr1vDqDOElXRtedIjAX%2Fn%2F%2Fc9Xlca5eoQrWQUVSORsZUU7UohKcOjiy4P7%2BUDta3WslG7TgCxFa7QAkVMBOtuUYKFSNUdApZtacb7SyDVC5cHiRKp8VQ7jTfgH7f%2F%2BPACvFbV5y5tWCjyBpXAdTR5lv1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81d324711e729bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15073

GET
H3 200 loc.png
usbenefitsguide.com/images/ 3 KB
4 KB 372ms
371ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbenefitsguide.com/images/loc.png
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/css/style2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf8695ddf3c70929ed031cf4054d6590cd0f334ecc19ecd91283b8a03ff12d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:06 GMT
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvqur04MGEYTuLJadAo65lJT0hdj9vImaPcWz4dJaZtmSpE1MW8UhJO%2Fy1ydTVxk9RA7FeetJRXpYNsHssZp55hKMx85brvsb8MLfwlBn3LsQ7IjjnLIN9cqp5tlIlJL1TsTV6k%2F8qW7jlIZzFkA7pk%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81d324711e749bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3201

GET
H3 200 Avenir-Roman.ttf
usbenefitsguide.com/css/fonts/ 102 KB
43 KB 1067ms
1067ms Font
font/ttf 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usbenefitsguide.com/css/fonts/Avenir-Roman.ttf
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/css/style2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40a73f9cc8055200c45b765deb372aedd752ade2b8d29029c70ace0f9796ac01

Request headers

Referer: https://usbenefitsguide.com/css/style2.css
Origin: https://usbenefitsguide.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCZ8z6yZXPBRyJ3N%2BmvCqWqP5WNErk6aiUBFiTF3UTsXWkB2%2B0SLsYgOhaNJK8vTnl1c%2BB8yA7%2FW6oXopHBfMkRybBQjFvS7xpPgd8P8dC9hOqO2tZvMATrq8gW%2FSrld8pcADhaoQUBaDESwVNrDx4Ko"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 81d324711e779bbc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rarrow.png
usbenefitsguide.com/images/ 3 KB
3 KB 368ms
368ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbenefitsguide.com/images/rarrow.png
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/css/style2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 703aecad36886f487008e7f2e49ad59132dd5349c19254a24a1d3be09a537656

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:06 GMT
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53ulGaxXnbR9NEObbOx0Csp1HMTkfYrlriWegqTDS%2FpGBdlMVQj5O4S7lAdqDVNGGyrcnUypTgCy0Z4bJmnzNeY0Wd0QYUKvUO5pdl4k0%2BcssdYml3d9OL1LahLcOeBRq%2BAD1y5bcqlvkQwL%2B198A5rm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81d324712e7c9bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3135

GET
H3 200 AvenirNext-DemiBold.ttf
usbenefitsguide.com/css/fonts/ 131 KB
42 KB 880ms
880ms Font
font/ttf 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usbenefitsguide.com/css/fonts/AvenirNext-DemiBold.ttf
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/css/style2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1585f9f3b7014855ae7b91feb2d46edb9547eca3a618114416b16435f3dbb1cd

Request headers

Referer: https://usbenefitsguide.com/css/style2.css
Origin: https://usbenefitsguide.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xe%2BEIEhKWEJNztppOtUNYVlli6iDJz6%2B2K8qsT3Ge%2Bnl124C5ta%2Fw%2BP5XoQrl7CrOSBN6PTKLR%2F71jTEX1%2FhJbmZXSVcR3%2B%2B7rjVb%2Bsu3%2BYHqy%2B4Xt3F7suX3IVNrUZvmz6p5JWuxJ3a%2FVh2uEl1iHS"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 81d324712e819bbc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Avenir-Medium.ttf
usbenefitsguide.com/css/fonts/ 136 KB
59 KB 1025ms
1025ms Font
font/ttf 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usbenefitsguide.com/css/fonts/Avenir-Medium.ttf
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/css/style2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95b722a5c204d0169ea7dc7c0901ad7759b133c287b9d1aab370ad9bccd24142

Request headers

Referer: https://usbenefitsguide.com/css/style2.css
Origin: https://usbenefitsguide.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Oct 2023 15:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2S2d%2BpaoF4zJv0Mg0jYfhgK8a81abblgzZRTyqTw0rQqvYm653TRnIaYVNH4wz2Z9R1dnsITIrHw82fLZiQSoUL6JDk%2BmBoVJpFADs9IXHxnsPssZSDRP35sr%2F0ng2lfmqHwtMaEndq%2B%2BNL5RfapV8c"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 81d324712e839bbc-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.13/ 59 KB
25 KB 42ms
42ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.13/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gy7xs3uixj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:06 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 11:58:02 GMT
etag: W/"0x8DBCF0850CC9F3D"
vary: Accept-Encoding
x-azure-ref: 20231028T122206Z-mtc7fwte0p5ud6en8r935kp1g400000003bg000000008qdg
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6acae9a4-801e-0077-7193-07fb4f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
299 B 330ms
103ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://usbenefitsguide.com
Date: Sat, 28 Oct 2023 12:22:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 25810b47-cb7f-163a-f9fa-3b5abd120572.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 762ms
700ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/25810b47-cb7f-163a-f9fa-3b5abd120572.js?snippet_version=2
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bba83ada2ef5ba3bc06ad550190774670fbf784a074e7be8e708eb4965e8b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:07 GMT
x-amz-version-id: cWjs7EQx9psva9mT4VLzwlr6MvYAkX36
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 12 Nov 2021 00:40:49 GMT
server: cloudflare
x-amz-request-id: 5P0H7BCSV8ZSWCSH
etag: W/"c70b836812be80fb9936d7e0473dfda5"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 81d3247649b7bbce-FRA
x-amz-id-2: Fpea2ixq0hZIp615PenzpID4aXPCAfBKePLg3EA9y51NUbJq+FkK1WI6DykqchEQIJ7U1JBZDKvMFwPezbaElQ==

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16984957270130.9542738134601625&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16984957270130.9542738134601625&invert_field_sensitivity=false

8 KB
4 KB

304ms
250ms

Script
application/javascript

2600:9000:2090:aa00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16984957270130.9542738134601625&invert_field_sensitivity=false
Requested by: Host: usbenefitsguide.com
URL: https://usbenefitsguide.com/
Protocol: H2
Server: 2600:9000:2090:aa00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
x-amz-version-id: n.x2mSCmL4llw_0RUugnV3Kjti06QGpX
content-encoding: gzip
last-modified: Tue, 24 Oct 2023 20:13:54 GMT
server: AmazonS3
via: 1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
etag: W/"e11406d1e7ba652ddbe0623e1207c210"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: 5LJT2VyLmbqU4Tk1iO1hgUtqHiszl3WbOg4p7BuHL2ZRA9cVMRAfxw==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16984957270130.9542738134601625&invert_field_sensitivity=false
date: Sat, 28 Oct 2023 12:22:07 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
659 B 389ms
165ms XHR
text/plain 3.216.35.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=9c94bed2-bb56-4a44-a399-0847421dafa2&_=793940592

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/25810b47-cb7f-163a-f9fa-3b5abd120572.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.216.35.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-35-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4136f1c757e242a119e65d3a451586c11d7b524fdd1053a14ed60317e4c2691f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A005787AED9F441799C6C088F833D22E&RedC=c.clarity.ms&MXFR=2D901A4FC604670A32EC09F7C20469D3
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A005787AED9F441799C6C088F833D22E&MUID=25C1478CF82C64BA1CF55434F9FE65BD

42 B
443 B

27ms
27ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A005787AED9F441799C6C088F833D22E&MUID=25C1478CF82C64BA1CF55434F9FE65BD
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 12:22:07 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 28 Oct 2023 12:22:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1CA501D5C04E4BFFBAC13E0E519C9E52 Ref B: FRAEDGE2021 Ref C: 2023-10-28T12:22:07Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A005787AED9F441799C6C088F833D22E&MUID=25C1478CF82C64BA1CF55434F9FE65BD
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 313ms
106ms XHR
application/json 3.233.53.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16984957270130.9542738134601625&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.53.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-53-79.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: b9950e3eacfb4c6ac36e5afeb3526318c7a5dc1edcdc86c98ced04c8f680bb79

Request headers

Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 click Show response
www.c6cmgvtrk.com/sdk/ 22 B
186 B 125ms
125ms Fetch
application/json 34.107.249.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.c6cmgvtrk.com/sdk/click?effp=f93050b49e3dfe368603e2b533e28629&sec_ch_ua_platform=&sec_ch_ua_platform_version=&_ef_transaction_id=&oid=79&affid=2150&__cc=&async=json&uid=&sub1=&sub2=&sub3=&source_id=
Requested by: Host: www.c6cmgvtrk.com
URL: https://www.c6cmgvtrk.com/scripts/sdk/everflow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.15 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.249.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa36f7b55e498e48e34e35e18ada3035fc59a6f1c4e48ae702097cb08ada6689

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:07 GMT
via: 1.1 google
server: nginx
accept-ch: Sec-Ch-Ua-Platform-Version
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://usbenefitsguide.com
access-control-allow-credentials: true
x-eflow-request-id: d5c0235f-ded5-4651-b195-ab93bfbbe6e7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
299 B 104ms
104ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://usbenefitsguide.com
Date: Sat, 28 Oct 2023 12:22:08 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 trustedform-1.9.4.js Show response
cdn.trustedform.com/ 84 KB
33 KB 16ms
16ms Script
application/javascript 2600:9000:2090:aa00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16984957270130.9542738134601625&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:aa00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: vZkJoCVHqUcd1NSwL3t4t0hlnURendTS
content-encoding: gzip
via: 1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
date: Sat, 28 Oct 2023 12:21:49 GMT
last-modified: Fri, 20 Oct 2023 19:26:22 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 21
etag: W/"f46641519eee44fe450f02ae72e64a74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RHbcJCARGav6URofykvfVTgTvuo495LcbjDqjycByxrJhKKDzewufw==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/169eaa0849545fba9c6a2be6509f90241c3b109b/ 0
159 B 107ms
106ms XHR
text/plain 3.233.53.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/169eaa0849545fba9c6a2be6509f90241c3b109b/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.53.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-53-79.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 28 Oct 2023 12:22:08 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H3 200 logo.png
usbenefitsguide.com/images/ 17 KB
17 KB 29ms
28ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbenefitsguide.com/images/logo.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67e94c2e3ad38c1d959a001ec7dfd102789c925b4e0281eb3bd1b8b8fa471fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 15:06:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fduqupa5LxaMiYMZr88lgTe9wj2vP7O3eM3FX%2BWLMv67vZA9ZR1J9ZoVNuKA0DIe5uluvc0atYQhOUFBJmsRFsm%2FMQgcJrJsjWus7aTv0czk%2Bmf3QCO%2FpuIf%2BHz%2FOwvFM%2BOE4zSETkFpKyvvO8nT7CDr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81d3247d0d519bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17288

GET
H3 200 loading.gif
usbenefitsguide.com/images/ 3 KB
3 KB 29ms
28ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbenefitsguide.com/images/loading.gif
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c40f0d154764279c7cdd9aa67692eee2193324b90f8d4f638ecd31489d553b1d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 15:06:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntED%2FHW0ahjuC0jLvL%2BMNKkE9K%2B67gBBQIHA0HqmxTX6EkrwWRxBCYCbN3Qh65KZokHNPYMiSpzaGFkAuVCSTgtRhCSkyeEQjKqeymi4VT5goTXxCaMD1ZS4ws1W0vkLRi4d3bkWZvq2Z%2BYW1sJ%2Bbg99"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81d3247d0d539bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3083

GET
H3 200 logo1.png
usbenefitsguide.com/images/ 2 MB
2 MB 31ms
31ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbenefitsguide.com/images/logo1.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99b17ac15aa7122b80c8d19879505e9d5d8081624261029d43d72df4020c2c63

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://usbenefitsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 15:06:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1097
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvC2b0Rkk14o874v5GWRazxlLAtp%2FREbmjQFKfygpvVCdVjQNX4%2F0cdScoEtzKLnxHmDqPOoImCIPjGpC9KqlFGFZuP0tGEekNYKol63NUErcFf%2BMR2Pf9eDn3nFKm3lL7BcQSjlFB1XA%2FgR56vJPLfo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81d3247d0d559bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1666884

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 204 events
api.trustedform.com/certs/169eaa0849545fba9c6a2be6509f90241c3b109b/ 0
159 B 106ms
106ms Ping
text/plain 3.233.53.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/169eaa0849545fba9c6a2be6509f90241c3b109b/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.53.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-53-79.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 28 Oct 2023 12:22:08 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame C403 3 KB
2 KB 83ms
13ms Document
text/html 108.156.61.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=25810B47-CB7F-163A-F9FA-3B5ABD120572&lac=78F5B404-AC1F-C2AC-4091-C714C8413DA5

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/25810b47-cb7f-163a-f9fa-3b5abd120572.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.61.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-61-171.ams1.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usbenefitsguide.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 23683
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 28 Oct 2023 05:47:25 GMT
ETag: W/"653c2b77-dbb"
Last-Modified: Fri, 27 Oct 2023 21:28:23 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 e345c29560592087623dbe75e8d765d6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: XJ3cdVlk0VnZ5XjrLz60kt78lEu86uAvve_tIplLwB1bwmvrhY8Qrg==
X-Amz-Cf-Pop: AMS1-P2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
622 B 109ms
109ms XHR
text/plain 3.216.35.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=9c94bed2-bb56-4a44-a399-0847421dafa2&token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&_=793940593

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/25810b47-cb7f-163a-f9fa-3b5abd120572.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.216.35.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-35-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 145ms
144ms XHR
text/plain 3.216.35.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=9c94bed2-bb56-4a44-a399-0847421dafa2&token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&_=793940594

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/25810b47-cb7f-163a-f9fa-3b5abd120572.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.216.35.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-35-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 1A10 4 KB
2 KB 372ms
105ms Document
text/html 3.209.34.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=25810B47-CB7F-163A-F9FA-3B5ABD120572&lac=78F5B404-AC1F-C2AC-4091-C714C8413DA5
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=25810B47-CB7F-163A-F9FA-3B5ABD120572&lac=78F5B404-AC1F-C2AC-4091-C714C8413DA5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.34.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-34-145.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Sat, 28 Oct 2023 12:22:08 GMT
etag: W/"651c88fc-1049"
expires: Sun, 29 Oct 2023 12:22:08 GMT
last-modified: Tue, 03 Oct 2023 21:34:52 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 318ms
110ms XHR
text/plain 3.216.35.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=9c94bed2-bb56-4a44-a399-0847421dafa2&token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&_=793940595

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/25810b47-cb7f-163a-f9fa-3b5abd120572.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.216.35.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-35-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 1A10 0
626 B 315ms
106ms Script
text/javascript 3.216.35.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=78F5B404-AC1F-C2AC-4091-C714C8413DA5&lck=25810B47-CB7F-163A-F9FA-3B5ABD120572&methods=48&token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&uuid=7d68bac6486742db97a84cabf978b5e3

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=F3F5978E-C45F-AE74-A5B1-91F36A0CB27E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=25810B47-CB7F-163A-F9FA-3B5ABD120572&lac=78F5B404-AC1F-C2AC-4091-C714C8413DA5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.216.35.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-35-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:22:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/169eaa0849545fba9c6a2be6509f90241c3b109b/ 0
159 B 106ms
106ms XHR
text/plain 3.233.53.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/169eaa0849545fba9c6a2be6509f90241c3b109b/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.53.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-53-79.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 28 Oct 2023 12:22:09 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
299 B 101ms
100ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://usbenefitsguide.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://usbenefitsguide.com
Date: Sat, 28 Oct 2023 12:22:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ipqscdn.com
URL: https://www.ipqscdn.com/api/usdisabilitypartners.com/z1gt1tIEh8Vwv3ZwVVNeX1I6DZI4ox2lMAkXTTNL1HWMfhcHfzSq5hzf1h6mQeL3CDnmTS1B2MUbBFQb6khRLFkjMoy39EFpxYPCsDCoyNOdhyegZ53ahT877EN61vW0ZazMGdJr1OT1J0tCqPNFqRqkF1G46QZUcU6E0MC9lHBARQWEDWJ4vDDZ0LCz5qYPK6VY5yCIYhChK3ATCxk0dM9UwL5wGf1LzK7BWXnKVec5D4xgeTMRniXt4fZK6Ewi/learn.js

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 00:33:51	Name: CLID Value: 9dee4c62f2f54984b0eefc4c5052c33b.20231028.20241027
.usbenefitsguide.com/	1970-01-21 00:33:55	Name: _clck Value: r3c1u4\|2\|fg8\|0\|1396
.usbenefitsguide.com/	1970-01-20 15:49:45	Name: _clsk Value: rjzbzs\|1698495726904\|1\|1\|t.clarity.ms/collect
.bing.com/	1970-01-21 01:09:51	Name: MUID Value: 25C1478CF82C64BA1CF55434F9FE65BD
.c.bing.com/	1970-01-20 15:58:20	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:09:51	Name: SRM_B Value: 25C1478CF82C64BA1CF55434F9FE65BD
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:09:51	Name: MUID Value: 25C1478CF82C64BA1CF55434F9FE65BD
.c.clarity.ms/	1970-01-20 15:58:20	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:48:16	Name: ANONCHK Value: 0
usbenefitsguide.com/	1970-01-20 15:48:16	Name: leadid_token-78F5B404-AC1F-C2AC-4091-C714C8413DA5-25810B47-CB7F-163A-F9FA-3B5ABD120572 Value: F3F5978E-C45F-AE74-A5B1-91F36A0CB27E
.deviceid.trueleadid.com/	1970-01-21 01:24:15	Name: uuid Value: 7d68bac6486742db97a84cabf978b5e3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://usbenefitsguide.com/ Message: Access to script at 'https://www.ipqscdn.com/api/usdisabilitypartners.com/z1gt1tIEh8Vwv3ZwVVNeX1I6DZI4ox2lMAkXTTNL1HWMfhcHfzSq5hzf1h6mQeL3CDnmTS1B2MUbBFQb6khRLFkjMoy39EFpxYPCsDCoyNOdhyegZ53ahT877EN61vW0ZazMGdJr1OT1J0tCqPNFqRqkF1G46QZUcU6E0MC9lHBARQWEDWJ4vDDZ0LCz5qYPK6VY5yCIYhChK3ATCxk0dM9UwL5wGf1LzK7BWXnKVec5D4xgeTMRniXt4fZK6Ewi/learn.js' from origin 'https://usbenefitsguide.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ipqscdn.com/api/usdisabilitypartners.com/z1gt1tIEh8Vwv3ZwVVNeX1I6DZI4ox2lMAkXTTNL1HWMfhcHfzSq5hzf1h6mQeL3CDnmTS1B2MUbBFQb6khRLFkjMoy39EFpxYPCsDCoyNOdhyegZ53ahT877EN61vW0ZazMGdJr1OT1J0tCqPNFqRqkF1G46QZUcU6E0MC9lHBARQWEDWJ4vDDZ0LCz5qYPK6VY5yCIYhChK3ATCxk0dM9UwL5wGf1LzK7BWXnKVec5D4xgeTMRniXt4fZK6Ewi/learn.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
c.bing.com
c.clarity.ms
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
t.clarity.ms
usbenefitsguide.com
www.c6cmgvtrk.com
www.clarity.ms
www.ipqscdn.com
www.ipqscdn.com
108.156.61.171
20.114.189.70
2600:9000:2090:aa00:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:80b::200a
2a06:98c1:3121::3
3.209.34.145
3.216.35.27
3.233.53.79
34.107.249.15
68.219.88.97
068484bf81a4c86f4625aee662fbd064271bf241a2f1a69e939bfde347e57d01
1585f9f3b7014855ae7b91feb2d46edb9547eca3a618114416b16435f3dbb1cd
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
2424c521c4a2a9c06aef521b6243a7536ca1dcf07c1e9ee331149340e13373ce
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71
40a73f9cc8055200c45b765deb372aedd752ade2b8d29029c70ace0f9796ac01
4136f1c757e242a119e65d3a451586c11d7b524fdd1053a14ed60317e4c2691f
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
68fd4f93fd594cfe2f52d45fc379fe1d9d4ccc1e278aa823ccf2d50e51a0717d
703aecad36886f487008e7f2e49ad59132dd5349c19254a24a1d3be09a537656
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
787c0383d7c15159e5d1500a40f36959b2fd332c808e9b36cafc8b20bec0bed7
8d2639601fc8951a59ba2d78ddba8d60962837b209168cd5e9aac09206d02e43
95b722a5c204d0169ea7dc7c0901ad7759b133c287b9d1aab370ad9bccd24142
99b17ac15aa7122b80c8d19879505e9d5d8081624261029d43d72df4020c2c63
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0964f6bbd28f4168a0a9a5974b07b2bb1683d9979d1e033e05724b2990143e8
aa36f7b55e498e48e34e35e18ada3035fc59a6f1c4e48ae702097cb08ada6689
b9950e3eacfb4c6ac36e5afeb3526318c7a5dc1edcdc86c98ced04c8f680bb79
bba83ada2ef5ba3bc06ad550190774670fbf784a074e7be8e708eb4965e8b945
c40f0d154764279c7cdd9aa67692eee2193324b90f8d4f638ecd31489d553b1d
c9b71c5eaa38cdc096b9155d085559cbd569e299c476f5f649dea619afe869f6
d71a40a51453f59b986787469df1bb13138ecaad12e9991701d88984a9ae58bb
daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bcfcaa883f5f56dbbccaa39f4b627b55a80427b4ac2f87cbd3acb3353d95fc
ecf8695ddf3c70929ed031cf4054d6590cd0f334ecc19ecd91283b8a03ff12d4
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f67e94c2e3ad38c1d959a001ec7dfd102789c925b4e0281eb3bd1b8b8fa471fa
ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277

usbenefitsguide.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

93 %HTTPS

46 %IPv6

11 Domains

14 Subdomains

13 IPs

3 Countries

3662 kBTransfer

4247 kBSize

12 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

usbenefitsguide.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

93 %
HTTPS

46 %
IPv6

11
Domains

14
Subdomains

13
IPs

3
Countries

3662 kB
Transfer

4247 kB
Size

12
Cookies

43 HTTP transactions
1 data transactions