urlscan.io logo urlscan.io
SecurityTrails logo

boostersbenefitscard.com Open in urlscan Pro
2606:4700:3035::ac43:8cef  Public Scan

Go To Rescan Add Verdict Report
URL: https://boostersbenefitscard.com/
Submission: On March 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::ac43:8cef, located in United States and belongs to CLOUDFLARENET, US. The main domain is boostersbenefitscard.com.
TLS certificate: Issued by GTS CA 1P5 on March 4th 2024. Valid for: 3 months.
This is the only time boostersbenefitscard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3035::ac43:8cef (United States)

ASN13335 (CLOUDFLARENET, US)
boostersbenefitscard.com
1    2606:4700:3032::6815:9fd (United States)

ASN13335 (CLOUDFLARENET, US)
worker-polished-shadow-8999.jordan-64e.workers.dev
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    44.208.36.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-36-166.compute-1.amazonaws.com
wgtrk.com
1    2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
1    2600:9000:24f0:e000:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-js.ringba.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
3 wgtrk.com
wgtrk.com
40 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
69 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 368
32 KB
2 boostersbenefitscard.com
boostersbenefitscard.com
6 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
185 B
1 ringba.com
b-js.ringba.com — Cisco Umbrella Rank: 143773
15 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3334
19 KB
1 workers.dev
worker-polished-shadow-8999.jordan-64e.workers.dev
3 KB
15 9
Domain Requested by
3 wgtrk.com boostersbenefitscard.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net boostersbenefitscard.com
connect.facebook.net
2 boostersbenefitscard.com boostersbenefitscard.com
1 www.facebook.com boostersbenefitscard.com
1 b-js.ringba.com boostersbenefitscard.com
1 cdn.mxpnl.com boostersbenefitscard.com
1 ajax.googleapis.com boostersbenefitscard.com
1 fonts.googleapis.com boostersbenefitscard.com
1 worker-polished-shadow-8999.jordan-64e.workers.dev boostersbenefitscard.com
15 10

This site contains no links.

Subject Issuer Validity Valid
boostersbenefitscard.com
GTS CA 1P5		 2024-03-04 -
2024-06-02		 3 months crt.sh
jordan-64e.workers.dev
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
wgtrk.com
R3		 2024-02-17 -
2024-05-17		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
*.ringba.com
Amazon RSA 2048 M03		 2023-11-27 -
2024-12-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-14 -
2024-03-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://boostersbenefitscard.com/
Frame ID: A52388384F917672BAAEC5A254EA0F06
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

24 Hours Remain to Claim Thousands In Health Subsidies For Free Today.

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

10
Subdomains

10
IPs

1
Countries

199 kB
Transfer

518 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
boostersbenefitscard.com/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://boostersbenefitscard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4a47be24b72365c44bf31fb777b048db1d52af539dc459a6aeabe8bf7fa7f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Length
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85fe72834b5174a4-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Mar 2024 01:07:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOaCgZHNbbvdmTD4dJmAN6spz7ug3KZMX7OlmmValCyMM6foYuBF9mi9U0O%2FFjN9nVXuNqXmlZ7WvLrNXeLv%2Fdo%2FifGtAPU05pisDUrJHc1%2BAJg%2FRxkfS244kPbZ6O9PYd3wTakI77SkfZJUmZtEsXJFE3Jyz%2Fw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
/
worker-polished-shadow-8999.jordan-64e.workers.dev/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worker-polished-shadow-8999.jordan-64e.workers.dev/?api_key=c1bc8978475345ca28577df846adc9b9&pub_id=&pid=1&vid=1&tags=%5B%7B%22type%22%3A%22User%22%2C%22s1%22%3A%22%22%7D%2C%7B%22type%22%3A%22User%22%2C%22kkclid%22%3A1218842337%7D%2C%7B%22type%22%3A%22User%22%2C%22landingPageId%22%3A%22cbnq1%22%7D%5D&sl=https%3A%2F%2Fboostersbenefitscard.com%2F47b7c8562a8eadfe05a6679cd.php%3Fclid%3D1218842337%26l%3D195464%26v%3D%26e%3D53614%26d%3D0%26o%3D26820%26lid%3D0&referer=https%3A%2F%2Fboostersbenefitscard.com%2F&cid=
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:9fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11ced653c895f7ae2499559422d4914d59c1e193f9a6aba4e44167f66af31e19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:07:10 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs9mnlsSWlATIYBMiSDZcetFCFYdqP9pQfDxa6aOE%2B00ooKZtI1TKoqjmk%2FsgE1%2BGTx1H5eWvtgJ4h1MBhZia4O8DfHyTXbUx4SEL01OJZYPpC4fFyQ9hiXkOA0uxz2C3%2FgQr9IQ7ni3aZ7wZ73SVy1DelHnAmvuMClsG1bbizE8NRMTe9d%2FO90HzTahIOU%2BAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
85fe72855e68da23-MIA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		3 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d1f1e0f426c442c7d176b48ff58edd3dbb9ecb304a7f71ad3ad8e8a184791b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 01:07:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 00:05:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 01:07:10 GMT
style.css
wgtrk.com/cdn/site/combined_lander-v2/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wgtrk.com/cdn/site/combined_lander-v2/css/style.css
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.208.36.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-36-166.compute-1.amazonaws.com
Software
Apache /
Resource Hash
45938cd837223e53d2a307fdd6cbbae2f0b574ba6c2fe7f9e33744c27812925f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 01:07:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2024 20:03:30 GMT
Server
Apache
ETag
"2380-612ef560f3dfd-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2406
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 12:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Mar 2025 12:56:43 GMT
81303
boostersbenefitscard.com/%E2%80%9Dhttps://i.liadm.com/s/ 		3 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://boostersbenefitscard.com/%E2%80%9Dhttps://i.liadm.com/s/81303?locationId=Hb1liOSDTyfx
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDrFz3i8Dlkq15VxNmtqRKz3dpk1I%2BuQlI%2Bz0JEBqojSWJmb0kz64BS0ZEJQvG5cUUGn4WhZuhWaz4rtEIXng%2FAGrdgVK%2BV87pvUfk8h%2B2KncS%2BOgtT1aozgY3dNpssw%2BBGG9Sf%2B1xDga2kddc%2FXi6tSYFG65FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cf-ray
85fe7284be9174a4-MIA
alt-svc
h3=":443"; ma=86400
sleepy-joe.webp
wgtrk.com/cdn/site/combined_lander-v2/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wgtrk.com/cdn/site/combined_lander-v2/img/sleepy-joe.webp
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.208.36.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-36-166.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e12748500844b87e758a6d32e565946e3b4957593956c1668315e9b45c5e8acd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 01:07:10 GMT
Last-Modified
Tue, 05 Mar 2024 20:03:30 GMT
Server
Apache
ETag
"8686-612ef560fbafc"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
34438
main.js
wgtrk.com/cdn/site/combined_lander-v2/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wgtrk.com/cdn/site/combined_lander-v2/js/main.js
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.208.36.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-36-166.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4d6400d741b6ddc55c3223688903fba24048fa3075a67bf9d026d1407a8d26e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 01:07:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2024 21:15:34 GMT
Server
Apache
ETag
"2e62-612f057cf6a1b-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3043
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 00:57:58 GMT
content-encoding
gzip
age
552
x-guploader-uploadid
ABPtcPrg7rjkk3mbLHckc3x01AymCjIiyPMKBvcB32IaMS678Oe_p3xHMqRz6VC_ebtqtiBB4cc0aqVPMw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18490
last-modified
Tue, 06 Feb 2024 00:09:36 GMT
server
UploadServer
etag
"eb0675a8749ea5d76345796217db928f"
vary
Accept-Encoding
x-goog-generation
1707178176338436
x-goog-hash
crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18490
accept-ranges
bytes
expires
Wed, 06 Mar 2024 01:07:58 GMT
CA677ddc7ccfa640a79e440f8b77f089ff
b-js.ringba.com/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-js.ringba.com/CA677ddc7ccfa640a79e440f8b77f089ff
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:e000:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
21f9c9d7b954cf8f10c4c3206de065bbbf0ef997cff253fd74da4e22f8d1ded3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-runtime
41.0000
date
Wed, 06 Mar 2024 01:07:10 GMT
via
1.1 c824f42276c55792245504036b5383fa.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
JFK50-P3
x-powered-by
ASP.NET
access-control-max-age
300
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-length
15145
x-amz-cf-id
LeOMfpO5pSbwlfElda2fHFMUgsbO9Vymx3nt-I8j9hu7qzCIZA7NhA==
expires
Wed, 06 Mar 2024 01:12:10 GMT
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/?kkclid=1218842337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 06 Mar 2024 01:07:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
la59MhXSjCv1ALn8xBLYcus/uJeHbKI/P1fngmmazVbMqDF4ybQQepsxmpbv3993qz6iExjLf9gvXn8+7yAEcA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://boostersbenefitscard.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:08:01 GMT
x-content-type-options
nosniff
age
575949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 09:08:01 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://boostersbenefitscard.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:51:59 GMT
x-content-type-options
nosniff
age
576911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 08:51:59 GMT
793681048994119
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/793681048994119?v=2.9.148&r=stable&domain=boostersbenefitscard.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b67ece4eb23a3a974943a5e1b09d56adcd4c06aa613a6b4edeb81f78aa4f2a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 06 Mar 2024 01:07:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
XW0wofhOGYyXh3mBpIEA0hBnoETZ3UMZZjsk70ANBACqfn2+LDPaed05uydncfO79EdS7XJ5gu3AItklSYwNFg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=793681048994119&ev=PageView&dl=https%3A%2F%2Fboostersbenefitscard.com%2F%3Fkkclid%3D1218842337&rl=&if=false&ts=1709687230977&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709687230976.2126458071&ler=empty&cdl=API_unavailable&it=1709687230821&coo=false&rqm=GET
Requested by
Host: boostersbenefitscard.com
URL: https://boostersbenefitscard.com/?kkclid=1218842337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boostersbenefitscard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 06 Mar 2024 01:07:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| appWorkerUtils object| appWorkerSettings object| appWorkerGeolocation function| _getPubId string| cdnUrl string| step1link object| mixpanel function| $ function| jQuery function| kk_ringba function| fbq function| _fbq object| _rgba_tags object| ringba_known_numbers object| _rgba object| ringba

2 Cookies

Domain/Path Name / Value
.boostersbenefitscard.com/ Name: mp_2c6bcfbbb40cb7fae2628bb918050781_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18e114cd0b7326-030eb8a7288317-14313374-1d4c00-18e114cd0b7326%22%2C%22%24device_id%22%3A%20%2218e114cd0b7326-030eb8a7288317-14313374-1d4c00-18e114cd0b7326%22%2C%22baseUrl%22%3A%20%22https%3A%2F%2Fboostersbenefitscard.com%2F%22%2C%22landingpageid%22%3A%20%22cbnq1%22%2C%22utm_kkclid%22%3A%20%221218842337%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.boostersbenefitscard.com/ Name: _fbp
Value: fb.1.1709687230976.2126458071

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/793681048994119?v=2.9.148&r=stable&domain=boostersbenefitscard.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b-js.ringba.com
boostersbenefitscard.com
cdn.mxpnl.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
wgtrk.com
worker-polished-shadow-8999.jordan-64e.workers.dev
www.facebook.com
2600:1901:0:bc29::
2600:9000:24f0:e000:4:1957:6500:93a1
2606:4700:3032::6815:9fd
2606:4700:3035::ac43:8cef
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:822::200a
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
44.208.36.166
11ced653c895f7ae2499559422d4914d59c1e193f9a6aba4e44167f66af31e19
1f4a47be24b72365c44bf31fb777b048db1d52af539dc459a6aeabe8bf7fa7f2
21f9c9d7b954cf8f10c4c3206de065bbbf0ef997cff253fd74da4e22f8d1ded3
45938cd837223e53d2a307fdd6cbbae2f0b574ba6c2fe7f9e33744c27812925f
4d1f1e0f426c442c7d176b48ff58edd3dbb9ecb304a7f71ad3ad8e8a184791b1
4d6400d741b6ddc55c3223688903fba24048fa3075a67bf9d026d1407a8d26e5
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5b67ece4eb23a3a974943a5e1b09d56adcd4c06aa613a6b4edeb81f78aa4f2a4
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
e12748500844b87e758a6d32e565946e3b4957593956c1668315e9b45c5e8acd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e