plus.financialassistance.io Open in urlscan Pro
2a05:d014:58f:6201::64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.familybenefitassistnews.com/a/2318/click/7285/2976226/1cc6350e68a77af5f3b52a76cb3e3503cd1b948c/5221ba5ca4955a1bc90462a08a84d...
Effective URL:
https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&su...
Submission: On March 09 via manual (March 9th 2024, 5:24:50 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 2a05:d014:58f:6201::64, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is plus.financialassistance.io.
TLS certificate: Issued by R3 on March 5th 2024. Valid for: 3 months.

This is the only time plus.financialassistance.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2606:4700:20:... 2606:4700:20::ac43:449a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a05:d014:58f... 2a05:d014:58f:6201::64	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d014:58f... 2a05:d014:58f:6200::64	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3bb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.162.32.226 54.162.32.226	14618 (AMAZON-AES) (AMAZON-AES)
11	4

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.familybenefitassistnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:449a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

global-submit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a05:d014:58f:6201::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

plus.financialassistance.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:58f:6200::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

netlify-rum.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3bb5 (United States)

ASN13335 (CLOUDFLARENET, US)

app.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.162.32.226 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-32-226.compute-1.amazonaws.com

us.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	financialassistance.io plus.financialassistance.io	21 KB
3	posthog.com app.posthog.com — Cisco Umbrella Rank: 9325 us.i.posthog.com — Cisco Umbrella Rank: 9789	40 KB
1	netlify.app netlify-rum.netlify.app — Cisco Umbrella Rank: 19727	4 KB
1	global-submit.com 1 redirects global-submit.com	857 B
1	familybenefitassistnews.com 1 redirects links.familybenefitassistnews.com	818 B
11	5

	Domain	Requested by
7	plus.financialassistance.io	plus.financialassistance.io
2	us.i.posthog.com	app.posthog.com
1	app.posthog.com	plus.financialassistance.io
1	netlify-rum.netlify.app	plus.financialassistance.io
1	global-submit.com	1 redirects
1	links.familybenefitassistnews.com	1 redirects
11	6

This site contains links to these domains. Also see Links.

Domain
www.andd56trk.com
optconsumerprivacy.com

Subject Issuer	Validity	Valid
*.americansavingsapps.com R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-15` - `2025-02-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
*.i.posthog.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
Frame ID: 4D48BEE1972C0CAE885BC6942F1D89C8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.familybenefitassistnews.com/a/2318/click/7285/2976226/1cc6350e68a77af5f3b52a76cb3e3503cd1b948c/5221ba5ca... HTTP 302
https://global-submit.com/o/xNHUX/5rMjr?email=mhg0696@gmail.com&first_name=Moses&last_name=Glasper&sub... HTTP 302
https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008... Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Page Statistics

11
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

66 kB
Transfer

239 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.andd56trk.com/cmp/5657H/8H98JBQ/?source_id=13200325&email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
Title: No

Search URL Search Domain Scan URL

URL: https://www.andd56trk.com/cmp/5657H/8G3LDW7/?source_id=13200325&email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
Title: Medicare

Search URL Search Domain Scan URL

URL: https://www.andd56trk.com/cmp/5657H/8G4T9WN/?source_id=13200325&email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
Title: Medicaid

Search URL Search Domain Scan URL

URL: https://optconsumerprivacy.com/?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
Title: CCPA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.familybenefitassistnews.com/a/2318/click/7285/2976226/1cc6350e68a77af5f3b52a76cb3e3503cd1b948c/5221ba5ca4955a1bc90462a08a84d6e78827e0f1 HTTP 302
https://global-submit.com/o/xNHUX/5rMjr?email=mhg0696@gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308 HTTP 302
https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 32arp Show response
plus.financialassistance.io/
Redirect Chain

https://links.familybenefitassistnews.com/a/2318/click/7285/2976226/1cc6350e68a77af5f3b52a76cb3e3503cd1b948c/5221ba5ca4955a1bc90462a08a84d6e78827e0f1
https://global-submit.com/o/xNHUX/5rMjr?email=mhg0696@gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308

12 KB
4 KB

170ms
7ms

Document
text/html

2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

62cfc11d0b7308b61d18e9830ee3a1c5a1679b11c622e6f2d722605e765fb637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22176
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-length: 3807
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 17:24:46 GMT
etag: "f87c222951ca983b227148b668dfa580-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HRJ3XTG8RRWR3Y88B0T4CV6M

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 861cc2ac483d65db-FRA
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 17:24:46 GMT
location: https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710005086&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=SZCaPMwscR2pIY9%2FxVTKsgdXeLDhXLY72ih%2Fbxj6eJA%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710005086&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=SZCaPMwscR2pIY9%2FxVTKsgdXeLDhXLY72ih%2Fbxj6eJA%3D
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 6d5f8dd2-9074-46d7-9641-2f6bc174c322
x-runtime: 0.049783
x-xss-protection: 0

GET
H2 200 32arp.css
plus.financialassistance.io/ 90 KB
15 KB 238ms
238ms Stylesheet
text/css 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.financialassistance.io/32arp.css

Requested by

Host: plus.financialassistance.io
URL: https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

799e2355856f70bc7877dc89c4278ab47d6112a995b69289fa4bd83b729a2315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id: 01HRJ3XTGK5Y1GTKB667Z9NT9E
date: Sat, 09 Mar 2024 17:24:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "4fb754956c0ebdc3817f279326f4ed35-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 index.js Show response
plus.financialassistance.io/assets/posthog/ 455 B
570 B 9ms
9ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.financialassistance.io/assets/posthog/index.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

dcb4ab814a5b5f7dac4faa9c2015312d7f272fe5b5c2d43acf35280b6eb1d924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
Origin: https://plus.financialassistance.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id: 01HRJ3XTGKCF8643H46T18YHHH
date: Sat, 09 Mar 2024 17:24:46 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 22176
cache-status: "Netlify Edge"; hit
etag: "fc04fb8cf50e2304256ce0cd05adeda1-ssl"
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 455

GET
H2 200 netlify-rum.js Show response
netlify-rum.netlify.app/ 11 KB
4 KB 42ms
7ms Script
application/javascript 2a05:d014:58f:6200::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netlify-rum.netlify.app/netlify-rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

257ef1b7dd06f88a465e5badb58c57b62cf678d7618ecc2929aa3b428e848122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plus.financialassistance.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id: 01HRJ3XTJ708WSDXCJE5YA7JFK
date: Sat, 09 Mar 2024 17:24:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 65041
cache-status: "Netlify Edge"; hit
etag: "920128a05f6ecf111e0920b419925cc1-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 4025

GET
H2 200 array.js Show response
app.posthog.com/static/ 124 KB
39 KB 388ms
50ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/static/array.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7cfc203e1cf10136bcd5227fea6350b0b07f70efe0cedcfbbddc65d9f1a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plus.financialassistance.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 17:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3
referrer-policy: same-origin
last-modified: Fri, 08 Mar 2024 19:48:19 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"65eb6b83-1ee4e"
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 861cc2b3d839373a-FRA

GET
H2 200 FeatureFlagModule.js Show response
plus.financialassistance.io/assets/posthog/ 565 B
653 B 12ms
12ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.financialassistance.io/assets/posthog/FeatureFlagModule.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

61acc3c3931f7393cf81b23150f795758506054873afe81a822b8593ded7e82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://plus.financialassistance.io/assets/posthog/index.js
Origin: https://plus.financialassistance.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id: 01HRJ3XTRV5A8CT688H3EXKG8D
date: Sat, 09 Mar 2024 17:24:47 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 22175
cache-status: "Netlify Edge"; hit
etag: "889d0bbf61c393f0b48649088547b632-ssl"
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 565

GET
H2 200 ImpressionsTrackerModule.js Show response
plus.financialassistance.io/assets/posthog/ 1 KB
630 B 13ms
12ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.financialassistance.io/assets/posthog/ImpressionsTrackerModule.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

96739885144cb0a038d1bd1c726ba7427b4d43922e12ef0f29f94841031c7fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://plus.financialassistance.io/assets/posthog/index.js
Origin: https://plus.financialassistance.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id: 01HRJ3XTRVYNEDBAF6XQQS40TZ
date: Sat, 09 Mar 2024 17:24:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 22175
cache-status: "Netlify Edge"; hit
etag: "1f377002f17ac7bbf17d988a15064130-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 539

GET
H2 200 ClickTrackerModule.js Show response
plus.financialassistance.io/assets/posthog/ 588 B
703 B 11ms
11ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.financialassistance.io/assets/posthog/ClickTrackerModule.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ceb0bf84427fcb14174ce9e5c471a9b92b755ff16cec382d71c6e0e14e124be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://plus.financialassistance.io/assets/posthog/index.js
Origin: https://plus.financialassistance.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id: 01HRJ3XTRVZ2YKGHNYJ8SS5PD1
date: Sat, 09 Mar 2024 17:24:47 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 22175
cache-status: "Netlify Edge"; hit
etag: "5e9d47cbc1e97f491dba34ffb6f6cde0-ssl"
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 588

POST
H2 200 s2wpx Show response
plus.financialassistance.io/.netlify/functions/ 48 B
161 B 368ms
367ms Fetch
text/plain 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.financialassistance.io/.netlify/functions/s2wpx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a6b6f16a2bed93ba55a59b12eeaef4a06f565445743f2dc4aabb50523b70a635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://plus.financialassistance.io/32arp?email=mhg0696%40gmail.com&first_name=Moses&last_name=Glasper&sub1=2008&sub2=xNHUX-5rMjr&sub3=PZ-MP-FBS-01_1268_20240308
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

x-nf-request-id: 01HRJ3XTS9BSF1VXRHKB49F3KH
date: Sat, 09 Mar 2024 17:24:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000
netlify-vary: query
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: no-cache

POST
H/1.1 200
OK / Show response
us.i.posthog.com/e/ 13 B
588 B 893ms
538ms XHR
application/json 54.162.32.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/e/?ip=1&_=1710005087403&ver=1.111.1

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.32.226 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-32-226.compute-1.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://plus.financialassistance.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Mar 2024 17:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://plus.financialassistance.io
transfer-encoding: chunked
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
access-control-allow-headers: X-Requested-With,Content-Type

POST
H/1.1 200
OK / Show response
us.i.posthog.com/decide/ 574 B
897 B 464ms
109ms XHR
application/json 54.162.32.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/decide/?v=3&ip=1&_=1710005087405&ver=1.111.1

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.32.226 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-32-226.compute-1.amazonaws.com

Software

envoy /

Resource Hash

2c084403bf1668da6f2558c951d1a9dad742b4889d78c849bd10ad4001e744f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://plus.financialassistance.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Mar 2024 17:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://plus.financialassistance.io
transfer-encoding: chunked
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
access-control-allow-headers: X-Requested-With,Content-Type

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| posthog function| passUrlParamsToLinks function| sendDataToNetlifyFunction

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			links.familybenefitassistnews.com/	1970-01-20 19:07:17	Name: _session_id Value: 2a5c61e48fd35adb9eaa922f0f0bc88e
			.financialassistance.io/	1970-01-21 03:45:41	Name: ph_phc_FhqVZ6IGpeGTflcAT1zn6umTj1UNJXoYC7EB3qd1GlG_posthog Value: %7B%22distinct_id%22%3A%22018e243e-eca7-79bc-b205-d4b36a39bfce%22%2C%22%24sesid%22%3A%5B1710005087402%2C%22018e243e-ecaa-7920-8a14-422780689bd3%22%2C1710005087402%5D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.posthog.com
global-submit.com
links.familybenefitassistnews.com
netlify-rum.netlify.app
plus.financialassistance.io
us.i.posthog.com
2606:4700:10::6816:3bb5
2606:4700:20::ac43:449a
2a05:d014:58f:6200::64
2a05:d014:58f:6201::64
35.238.129.105
54.162.32.226
09b7cfc203e1cf10136bcd5227fea6350b0b07f70efe0cedcfbbddc65d9f1a92
257ef1b7dd06f88a465e5badb58c57b62cf678d7618ecc2929aa3b428e848122
2c084403bf1668da6f2558c951d1a9dad742b4889d78c849bd10ad4001e744f5
61acc3c3931f7393cf81b23150f795758506054873afe81a822b8593ded7e82d
62cfc11d0b7308b61d18e9830ee3a1c5a1679b11c622e6f2d722605e765fb637
799e2355856f70bc7877dc89c4278ab47d6112a995b69289fa4bd83b729a2315
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
96739885144cb0a038d1bd1c726ba7427b4d43922e12ef0f29f94841031c7fee
a6b6f16a2bed93ba55a59b12eeaef4a06f565445743f2dc4aabb50523b70a635
ceb0bf84427fcb14174ce9e5c471a9b92b755ff16cec382d71c6e0e14e124be0
dcb4ab814a5b5f7dac4faa9c2015312d7f272fe5b5c2d43acf35280b6eb1d924

plus.financialassistance.io Open in urlscan Pro 2a05:d014:58f:6201::64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

67 %IPv6

5 Domains

6 Subdomains

4 IPs

2 Countries

66 kBTransfer

239 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

plus.financialassistance.io Open in urlscan Pro
2a05:d014:58f:6201::64 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

66 kB
Transfer

239 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions