myspecialbenefits.com Open in urlscan Pro
2606:4700:3032::ac43:cd7b  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response myspecialbenefits.com/	14 KB 4 KB	295ms 257ms	Document text/html	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://myspecialbenefits.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 4d294e4115e45b26f8123f615f3a055f40c1b0dc016ac8547f9f3f81da894e04 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control max-age=2678400 cf-cache-status MISS cf-ray 8810e677eacfbb74-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 09 May 2024 10:10:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XgBWEYv7jtKNpi6ofEUkui2I0by45gAgZfbR3CnmvTU4GpyVFyyAGRW%2B18SaqXQgg%2Bue8M5DE9IVGXP0nuv7BuQn90IFya3IFttiICecm%2F3Qu67fBDDIjnd1XIuWuyTI41cUSaoNTHtSf6E6%2BvNjmSwcC18%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by Express
GET H3	200	style.css myspecialbenefits.com/styles/	7 KB 3 KB	330ms 329ms	Stylesheet text/css	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://myspecialbenefits.com/styles/style.css Requested by Host: myspecialbenefits.com URL: https://myspecialbenefits.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6a5dbe4499283fbbc20547e6d14e4fe86a8a29b075558e0af36e566e1a78414b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:32 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1cec-5M0Rhs2HQVgPUOzZD09vqW4IdI4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5G%2FiH2nWtNOQeKwwlKi3XH1Mzh6LsutfYAkydsbJVl324lYf%2BZlHr9YSNqPaFpgYyxlnVnzOWgkRCp3py3LLT3iY3GXfLP0TJolQdwKVbQ9QxVxRiWQsqpYhGWAXRCAF4FQ08B0O5lCGf6zPzCGyxeXYFc%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=2678400 cf-ray 8810e6799d0dbb74-FRA alt-svc h3=":443"; ma=86400
GET H3	200	profile.png myspecialbenefits.com/images/	19 KB 19 KB	430ms 429ms	Image image/png	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://myspecialbenefits.com/images/profile.png Requested by Host: myspecialbenefits.com URL: https://myspecialbenefits.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 028bf096de9208f1199b5f3c61b17f34cfe6284fd58018a1c9765d5f82d0fc36 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:32 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"4b5d-ubf+cR7rvAk2B68XiXycHMgv7ik" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GMvpWAzxWWF1hMz%2Fy12ZNt%2BNWYJnao2cLqGihpZN7sMs2NL2fQdQdHtw%2B6%2B6ZxN8qlwhVNv%2F1R5Uz4BWC4ctTiSHnDSvpDOWf6AvQ%2BW5zo8A3YK1%2B2hH3hM4WXd%2FZHAznuET2fLrxl3YJqd0Wti4o4iQAfg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 8810e6799d0fbb74-FRA alt-svc h3=":443"; ma=86400 content-length 19293
GET H3	200	email-decode.min.js Show response myspecialbenefits.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	16ms 15ms	Script application/javascript	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://myspecialbenefits.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: myspecialbenefits.com URL: https://myspecialbenefits.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:32 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 03 May 2024 18:04:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66352722-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lgqM5%2FrJGxAcGMNzEEj5wuhkvGN2%2FFdHGtM71XLqTUxel3V5%2F2yX%2FQNL0ZY%2BdWj%2BPPv%2BzpccITOVnLCFWexs94ODk1Te%2FXXa6T8iADWNKaorUtctRaGY7pAKKgUMxay115YaJl5YSoUatfgU9QTjTgA6uM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 8810e6799d10bb74-FRA expires Sat, 11 May 2024 10:10:32 GMT
GET H3	200	rocket-loader.min.js Show response myspecialbenefits.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	13ms 12ms	Script application/javascript	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://myspecialbenefits.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: myspecialbenefits.com URL: https://myspecialbenefits.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:32 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 03 May 2024 18:04:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66352722-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YvpGPTPMh7s8YS7ku92vvozn%2FRS9BLCz2vnz670CRUiMruQnh4cb%2BSXXBKOAbxBOhYQUrJ1YS1fZO1t6TmuQzMVn%2BEyfXsy2bMmjoJnXAp61zGKeVeadWZx1K2lmZwhdiYTa5MUpkUHBn%2BtxDmxCQNkM4I4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 8810e679bd31bb74-FRA expires Sat, 11 May 2024 10:10:32 GMT
GET H3	200	reset.css myspecialbenefits.com/styles/	995 B 898 B	285ms 285ms	Stylesheet text/css	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://myspecialbenefits.com/styles/reset.css Requested by Host: myspecialbenefits.com URL: https://myspecialbenefits.com/styles/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c26d69b6a651d26fe6694bb9fff1bc2ac19ccb3d0e3179116e647eba7136d529 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/styles/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:33 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"3e3-GPspmNDvjeaVmG10QdTbh8TCtQY" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6I4McnDcc%2FwFJIl7R5EAMosCGgVH1jz0sFGkphwo0%2FeWnedpO7FopNRdiUa5GEoa1ZCwsjBjRGj1NPGocMmR59L%2B%2B%2FvIB6dFOSvsnfF2%2FLii%2BBPHqxv%2FSHI3b18nusIl%2FzZcd0%2B24K3vsI4fHRu%2F1%2BiiNk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=2678400 cf-ray 8810e67bafa0bb74-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bg-pattern-2.jpg myspecialbenefits.com/images/	9 KB 10 KB	282ms 281ms	Image image/jpeg	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://myspecialbenefits.com/images/bg-pattern-2.jpg Requested by Host: myspecialbenefits.com URL: https://myspecialbenefits.com/styles/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 91997848612cca7f16ab81b55ae7f925e255abb79d1ae0a87128c4d133c71e39 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/styles/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:33 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"24e7-qNgXc9869fjEFmmzKyUcHtXzwBo" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7GyHlNmt8zA4u%2FJkHQIwBU8TK0cZGcFhW412ojBOeUN0X%2BTnI%2FqpS213JFLkU4sJXJnFDPoOB5j8OfRQ3Ql%2FMj3UMC87X0MHG8YnJomhAdQni52NwFfXsSrtRY2tad8tnJkMd3z71SmbGYdwGcgxToatuQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 8810e67d79cbbb74-FRA alt-svc h3=":443"; ma=86400 content-length 9447
GET H2	200	a57816b4-6c59-f397-7853-7e14e45d3e1b.js Show response create.lidstatic.com/campaign/	121 KB 38 KB	360ms 320ms	Script text/javascript	2606:4700:10::6816:26b6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString Requested by Host: myspecialbenefits.com URL: https://myspecialbenefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9947cbb5ca79a84719954ea34e03988bb27ea30bb57d9cb4ff3783c84564d0a5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:33 GMT x-amz-version-id 0TYZIhZnCiJDj1Gzr_aWxHS1MWCxaYWH content-encoding gzip cf-cache-status REVALIDATED x-amz-request-id NTRTACRYQBM8SXSS x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 xM9Fhvhm9DODwRHMvXERLFp4Y05nLqZvN0Av6hOy0/NTY82dF0DCqbl7whRdB+cbQ0DyF/qdTxE= last-modified Thu, 18 Jan 2024 02:21:13 GMT server cloudflare etag W/"bc138804ddd94411bd78fba4df4e96b0" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=1800 cf-ray 8810e67f8ceb2c45-FRA
GET H3	200	favicon.ico myspecialbenefits.com/	17 KB 3 KB	350ms 349ms	Other image/x-icon	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://myspecialbenefits.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 4ef023169eb0974839c6e07b86d6561aa9e25cfef4fe37b0de8faa4c8aa264e4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:33 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"423e-3mmaRDYr4Pen5BPir+syKjV2gp8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s169FUn2iX0voRn5Xg%2FU7Rkg9WPUlT7RLOw44NO8hpY9eB2z2dhhZjoNKikIyUTt4wtEzvEsh1%2BWKZohZOL3KqmQ9lvjBfskL4wl6sBIKILThm%2B5RNY%2BuaN9g9OdNG7j%2B2KNPqAdyyTCukm0FxwREEXVkmk%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon access-control-allow-origin * cache-control max-age=2678400 cf-ray 8810e67f5c20bb74-FRA alt-svc h3=":443"; ma=86400
POST H2	200	GenerateToken Show response create.leadid.com/2.12.1/	36 B 659 B	642ms 145ms	XHR text/plain	3.231.174.146 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=818c0cf7-0fe4-4621-bde4-8be9ceb14b2f&_=817430881 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.231.174.146 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-174-146.compute-1.amazonaws.com Software nginx / Resource Hash 550fae32dd329e2ea84e559138fb04845dc4cb3e0fd67bf2423f0550e27565d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 09 May 2024 10:10:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	agent.png myspecialbenefits.com/images/	7 KB 8 KB	313ms 313ms	Image image/png	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://myspecialbenefits.com/images/agent.png Requested by Host: myspecialbenefits.com URL: https://myspecialbenefits.com/styles/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 206af2dddf24163b69a46a3a243ad3568073daf0ffb2fc0d4e9a591210b19248 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/styles/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:34 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1d79-E6nYopTuPXZGSO/5uARBGh1oPiI" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRWvkgc%2F0NByJpriOqEHxEUEJKEbscqBF77cd9UMVJdiRCjWoEWv7KEHy%2FcPAoFdtEUzJAO4N9Z91lsPvgeVYsdndLGe1c0klgFF1vy7g9m5B1HlFr6P8cHK30hacGxprPSeSXF37bJRKGxzq40tJ6KhWhY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 8810e683795bbb74-FRA alt-svc h3=":443"; ma=86400 content-length 7545
GET H/1.1	200 OK	iframe.html d2m2wsoho8qq12.cloudfront.net/ Frame 8DBE	0 0	31ms 8ms	Document text/html	13.32.23.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.32.23.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-225.fra56.r.cloudfront.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://myspecialbenefits.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Headers * Access-Control-Allow-Origin * Age 14499 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 09 May 2024 06:09:01 GMT Etag W/"65a0715c-dbb" Last-Modified Thu, 11 Jan 2024 22:53:16 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked Via 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront) X-Amz-Cf-Id HV4jon-Y9e9fe-PKt0AvFfKXVg_pjQCvSbh9zTFsCKa97X2ASzcGOw== X-Amz-Cf-Pop FRA56-C2 X-Cache Hit from cloudfront
POST H2	200	SaveDom Show response create.leadid.com/2.12.1/	0 622 B	97ms 97ms	XHR text/plain	3.231.174.146 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=818c0cf7-0fe4-4621-bde4-8be9ceb14b2f&token=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238&_=817430882 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.231.174.146 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-174-146.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 09 May 2024 10:10:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	CA701edcfda750434cbdf14b7ceddcabf1 Show response b-js.ringba.com/	18 KB 18 KB	269ms 209ms	Script text/html	2600:9000:2490:e400:4:1957:6500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b-js.ringba.com/CA701edcfda750434cbdf14b7ceddcabf1 Requested by Host: myspecialbenefits.com URL: https://myspecialbenefits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:e400:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 668f6a1577be63dba8b45a5f794375ba41bfdda7218c69a9fdc17739f0688d34 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-runtime 0.0000 date Thu, 09 May 2024 10:10:33 GMT via 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront) server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-amz-cf-pop FRA56-P6 x-powered-by ASP.NET access-control-max-age 300 x-cache Miss from cloudfront content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public content-length 18525 x-amz-cf-id 3SJLyN2Yfz8nCaOzLwAos8zaoEFOhR1WiL3D4Mc5-e9Gjq7ul87eRg== expires Thu, 09 May 2024 10:15:34 GMT
GET H3	200	favicon.ico myspecialbenefits.com/	17 KB 0	0ms 0ms	Other image/x-icon	2606:4700:3032::ac43:cd7b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://myspecialbenefits.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:cd7b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 4ef023169eb0974839c6e07b86d6561aa9e25cfef4fe37b0de8faa4c8aa264e4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 10:10:33 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"423e-3mmaRDYr4Pen5BPir+syKjV2gp8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s169FUn2iX0voRn5Xg%2FU7Rkg9WPUlT7RLOw44NO8hpY9eB2z2dhhZjoNKikIyUTt4wtEzvEsh1%2BWKZohZOL3KqmQ9lvjBfskL4wl6sBIKILThm%2B5RNY%2BuaN9g9OdNG7j%2B2KNPqAdyyTCukm0FxwREEXVkmk%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon access-control-allow-origin * cache-control max-age=2678400 cf-ray 8810e67f5c20bb74-FRA alt-svc h3=":443"; ma=86400
POST H2	200	Snap Show response create.leadid.com/2.12.1/	0 621 B	284ms 191ms	XHR text/plain	3.231.174.146 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.12.1/Snap?msn=3&pid=818c0cf7-0fe4-4621-bde4-8be9ceb14b2f&token=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238&_=817430883 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.231.174.146 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-174-146.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 09 May 2024 10:10:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H/1.1	200 OK	gnbulk Show response display.ringba.com/v2/nis/	398 B 790 B	392ms 97ms	XHR application/json	54.211.107.236 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://display.ringba.com/v2/nis/gnbulk Requested by Host: b-js.ringba.com URL: https://b-js.ringba.com/CA701edcfda750434cbdf14b7ceddcabf1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.211.107.236 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-211-107-236.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash af0ef7d41f592732205cfa7ea45787934d6c656f08c28c0767b8488cca6036b5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type text/plain Response headers Pragma no-cache Date Thu, 09 May 2024 10:10:34 GMT X-Runtime 0.0030 Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Access-Control-Max-Age 300 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://myspecialbenefits.com Cache-Control no-cache Connection keep-alive Content-Length 398 Expires -1
POST H2	200	Snap Show response create.leadid.com/2.12.1/	0 622 B	99ms 98ms	XHR text/plain	3.231.174.146 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.12.1/Snap?msn=4&pid=818c0cf7-0fe4-4621-bde4-8be9ceb14b2f&token=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238&_=817430884 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.231.174.146 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-174-146.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://myspecialbenefits.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 09 May 2024 10:10:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST		Snap create.leadid.com/2.12.1/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

create.leadid.com

URL

https://create.leadid.com/2.12.1/Snap?msn=5&pid=818c0cf7-0fe4-4621-bde4-8be9ceb14b2f&token=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238&_=817430885

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR function| cta_btn_сlick function| getQueryParams function| addToQueryString function| showNextBlock boolean| __cfRLUnblockHandlers object| LeadiDconfig object| LeadiD object| defaultStyleFrame object| ringba_known_numbers object| _rgba object| ringba object| _rgba_tags

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			myspecialbenefits.com/	1969-12-31 23:59:59	Name: leadid_token-F252983F-4BD1-0DD8-CD81-F4700AF60B66-A57816B4-6C59-F397-7853-7E14E45D3E1B Value: EAA7DEE7-A51B-083D-4924-9DCBF2FE8238
			.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: CjUiRIhRi2r/PqUnC30iGwAAAADNH4nYM5xEC73GPy30l/nL
			.trueleadid.com/	1970-01-21 05:12:23	Name: visid_incap_3051494 Value: b6u4lWsCSCS1eHzjzm42WxqhPGYAAAAAQUIPAAAAAADgUJp9lfLkjs7BgpEKxxh+
			.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_108_3051494 Value: 3r+If2MYFyabJC3NhLF/ARqhPGYAAAAAV0xYtyOh/012G5LTCvar/A==
			.deviceid.trueleadid.com/	1970-01-21 06:03:29	Name: uuid Value: 90713b6f60344707b3a2db8b35a455f2

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myspecialbenefits.com/?leadid=EAA7DEE7-A51B-083D-4924-9DCBF2FE8238 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-js.ringba.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
display.ringba.com
myspecialbenefits.com
create.leadid.com
13.32.23.225
2600:9000:2490:e400:4:1957:6500:93a1
2606:4700:10::6816:26b6
2606:4700:3032::ac43:cd7b
3.231.174.146
54.211.107.236
028bf096de9208f1199b5f3c61b17f34cfe6284fd58018a1c9765d5f82d0fc36
206af2dddf24163b69a46a3a243ad3568073daf0ffb2fc0d4e9a591210b19248
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4d294e4115e45b26f8123f615f3a055f40c1b0dc016ac8547f9f3f81da894e04
4ef023169eb0974839c6e07b86d6561aa9e25cfef4fe37b0de8faa4c8aa264e4
550fae32dd329e2ea84e559138fb04845dc4cb3e0fd67bf2423f0550e27565d4
668f6a1577be63dba8b45a5f794375ba41bfdda7218c69a9fdc17739f0688d34
6a5dbe4499283fbbc20547e6d14e4fe86a8a29b075558e0af36e566e1a78414b
91997848612cca7f16ab81b55ae7f925e255abb79d1ae0a87128c4d133c71e39
9947cbb5ca79a84719954ea34e03988bb27ea30bb57d9cb4ff3783c84564d0a5
af0ef7d41f592732205cfa7ea45787934d6c656f08c28c0767b8488cca6036b5
c26d69b6a651d26fe6694bb9fff1bc2ac19ccb3d0e3179116e647eba7136d529
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855