benefits.holidayrelief.com Open in urlscan Pro
2606:4700:3037::ac43:d32a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://benefits.holidayrelief.com/
Effective URL:
https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
Submission: On January 25 via manual (January 25th 2024, 9:14:50 am UTC) from VN — Scanned from US

Summary HTTP 34 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3037::ac43:d32a, located in United States and belongs to CLOUDFLARENET, US. The main domain is benefits.holidayrelief.com.
TLS certificate: Issued by GTS CA 1P5 on December 14th 2023. Valid for: 3 months.

This is the only time benefits.holidayrelief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 14	2606:4700:303... 2606:4700:3037::ac43:d32a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e4:... 2606:4700:e4::ac40:a225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
34	8

14 2606:4700:3037::ac43:d32a (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

benefits.holidayrelief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.55.126.207 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.holidayrelief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e4::ac40:a225 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-architecto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-architecto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	holidayrelief.com 4 redirects benefits.holidayrelief.com beacon.holidayrelief.com	363 KB
5	trk-architecto.com trk-architecto.com — Cisco Umbrella Rank: 61375 event.trk-architecto.com — Cisco Umbrella Rank: 135932	3 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 154	423 B
4	gstatic.com fonts.gstatic.com	91 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	163 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	252 B
34	7

	Domain	Requested by
14	benefits.holidayrelief.com	3 redirects benefits.holidayrelief.com
6	beacon.holidayrelief.com	1 redirects benefits.holidayrelief.com
4	event.trk-architecto.com	trk-architecto.com
4	analytics.google.com	www.googletagmanager.com
4	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	benefits.holidayrelief.com www.googletagmanager.com
2	fonts.googleapis.com	benefits.holidayrelief.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	trk-architecto.com	benefits.holidayrelief.com
34	9

This site contains links to these domains. Also see Links.

Domain
www.holidayrelief.com
holidayrelief.com

Subject Issuer	Validity	Valid
holidayrelief.com GTS CA 1P5	`2023-12-14` - `2024-03-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
trk-architecto.com Cloudflare Inc ECC CA-3	`2024-01-13` - `2024-12-31`	a year	crt.sh
beacon.holidayrelief.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
Frame ID: CB02C4CD1073777B93B206959D31A076
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Holiday Relief

Page URL History Show full URLs

http://benefits.holidayrelief.com/ HTTP 301
https://beacon.holidayrelief.com/g2/4dc8907a-2273-45bb-9e1f-6d39ab381d3b HTTP 302
https://benefits.holidayrelief.com/e/18?&requestid=aN1axnmq8-&destinationid=277850184 HTTP 301
http://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184 HTTP 301
https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

34
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

8
IPs

1
Countries

621 kB
Transfer

2021 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.holidayrelief.com/terms/
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.holidayrelief.com/terms/#arbitration
Title: Arbitration

Search URL Search Domain Scan URL

URL: https://www.holidayrelief.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://holidayrelief.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://holidayrelief.com/mobile_terms
Title: Mobile Terms of Use

Search URL Search Domain Scan URL

URL: https://holidayrelief.com/privacy#ca-privacy-rights
Title: CA Privacy Rights

Search URL Search Domain Scan URL

URL: https://holidayrelief.com/do-not-sell
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://holidayrelief.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://holidayrelief.com/mobile_privacy
Title: Mobile Privacy Policy

Search URL Search Domain Scan URL

URL: https://holidayrelief.com/unsubscribe
Title: Opt Out

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://benefits.holidayrelief.com/ HTTP 301
https://beacon.holidayrelief.com/g2/4dc8907a-2273-45bb-9e1f-6d39ab381d3b HTTP 302
https://benefits.holidayrelief.com/e/18?&requestid=aN1axnmq8-&destinationid=277850184 HTTP 301
http://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184 HTTP 301
https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
benefits.holidayrelief.com/e/18/
Redirect Chain

http://benefits.holidayrelief.com/
https://beacon.holidayrelief.com/g2/4dc8907a-2273-45bb-9e1f-6d39ab381d3b
https://benefits.holidayrelief.com/e/18?&requestid=aN1axnmq8-&destinationid=277850184
http://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

9 KB
3 KB

52ms
50ms

Document
text/html

2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91fa33b6a97661b37ac655ca14b8e2fc27ff45284ab031e7736517599bde0657

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84af68635dbd4bc9-BUF
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Thu, 25 Jan 2024 09:14:45 GMT
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFtrz2KR8i5g385Qxo3YJwwxLgfX7P3zTqV3jMW7QSte1MgYThDJnChraGnND%2FyLrWTsjfEWgD8wcf5OOT13j1QZQ2uGvKfylzjzKzNV%2FU6GiGG8EX51mFJrfurEjRlV%2BAgjJ%2B%2BqARuv0w6%2BA0YU6W8S73M787Wtuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84af68630c464bcf-BUF
Connection: keep-alive
Content-Length: 0
Date: Thu, 25 Jan 2024 09:14:45 GMT
Location: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fe%2Bpql0w%2BsFk%2F2SxrTxMI56lvXiNksBqoTI1g%2BxZsegOM20B92JKBz9WSGf%2FFiolQ%2FPVyAZe7JIPRoH1FUe9RFpynHB6obqCeka49cUnqutm%2B6ztkjgWniYIrQ7TDSHVjGpvs%2BvC1srEZwgCaYNi1mgennhGgYcOsw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
894 B 103ms
40ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a781901393bd19811bef7ec44fe3715212110370a565ce384ff8a902de5eaf3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 09:00:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 09:14:45 GMT

GET
H2 200 bundle.bc33756c21ef8bd24e70.css
benefits.holidayrelief.com/e/18/ 89 KB
18 KB 59ms
56ms Stylesheet
text/css 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.holidayrelief.com/e/18/bundle.bc33756c21ef8bd24e70.css?t=1701280418708

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12323df0e320529462712878edef7520eebe5cd1eb11358383f3021fe537a104

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65677acc-1621f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3PuY53IsrN11MY5e4WjRZRtDeHGy9Qd9VQYp8T0gXjWoQvhPTpHHBuiBgtG6VXf7wgWbS%2FgNM15PGzLYTKisNmcgvgRC3NYtoJOL3xv7N%2FM2uw7MXhLyw%2FX0seAerV98yNxUvBSlTo3DnDqABo%2BZGGXEbeC81CQ4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 84af6863bde74bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Sun, 12 Jan 2025 03:01:05 GMT

GET
H2 200 logo.svg
benefits.holidayrelief.com/e/18/public/hr/logo/ 15 KB
4 KB 90ms
87ms Image
image/svg+xml 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.holidayrelief.com/e/18/public/hr/logo/logo.svg

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756704f8449f0a9e5743bf87c4dcb39484b9e3fe125042e5bb4b7837a9e09fc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65677acc-3de9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FMktcFDq1KdR7BGhPJu7IeT8ElQeD9S86SO3%2F251xhzeQDUIfEVVb6kAZBsd7AcaozdONeUBWDAhLRp9F2DtLCDQyXG7SGrc%2BwZLhmj9xi6n1hgq2ciEDdHJJFOvSpL8nBMdhvfQJPw9s7ntZbvbdKNd06V6gqWmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 84af6863bde94bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 flag.ico
benefits.holidayrelief.com/e/18/public/ 4 KB
5 KB 53ms
51ms Image
image/x-icon 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.holidayrelief.com/e/18/public/flag.ico

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad423f205db8b52146c1f364809242fe10f68dfb1650574650b5c907a80948c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65677acc-11b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHy3cHJ33EhLoRntcTUKSCxqhqBFYEX7TB0F14x8xuTVVoJIFBMzwKDJmtfTvhEcGnuN3y4WF258iibujtGLyDmhCJwtYU4gEdUwzZzKiqHv%2FjubNBgz1SYDmWsdbXyGQDviZpGBV9Hk%2Fpyd4RZ91xkUnC6UU3uxDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=31536000
cf-ray: 84af6863bdeb4bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Nov 2024 07:03:23 GMT

GET
H3 200 greencheck.svg
benefits.holidayrelief.com/e/18/public/common/component/ 841 B
1011 B 50ms
50ms Image
image/svg+xml 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.holidayrelief.com/e/18/public/common/component/greencheck.svg

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfef805811bea823d8ebe91881212bb6435c14dd92e36d071d7daa6a8897d30d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65677acc-349"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFinFLuIolPXNCYNPJc0SnIT%2FHZoFJSHRxm8J1EAnrrqyvKKZUNIIv9EYKhjzzeqKoh5d4aUS9f%2BXd6J0DO860E0Uok8LGw1RzSPwwEh%2BhwW%2BrS6HVFVBSMc9aOoCG8ICSkyA4xHXEsIXNbYALoCms2DtFWg%2FlFazw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 84af686409956aed-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 12.441cbc23.chunk.js Show response
benefits.holidayrelief.com/e/18/js/ 390 KB
126 KB 51ms
51ms Script
application/javascript 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.holidayrelief.com/e/18/js/12.441cbc23.chunk.js

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03ca55ba634559db8ae4b798b51322e8923a2bc365239a28d564e27065060da5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 573327
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
server: cloudflare
etag: W/"65677acc-616b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCsGBY%2F6lwXErJHD1PSLqiB1Igihp5su1Wrip5LT9Y3xchxKLjWvFyzRO7u6d4RC07VuPDnsPkxTFBIEGCIILA6nJLSBNMB%2Bu17qLCipwzxADC6vdtK%2BXDwHbR3GVO8YsFHvCWfH1F397Yb%2BhhEfMJZlov%2Br7pmyiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 84af6864499e6aed-BUF
expires: Thu, 28 Nov 2024 17:54:51 GMT

GET
H3 200 app.e823bb61.js Show response
benefits.holidayrelief.com/e/18/js/ 853 KB
144 KB 123ms
121ms Script
application/javascript 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.holidayrelief.com/e/18/js/app.e823bb61.js

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

093d1411bac51b713494495588bea9b47ca143d7ee9f85b5db866d99cab88ac7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189943
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
server: cloudflare
etag: W/"65677acc-d54c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUUhIAJBZ5fZt%2Fg9BXa3e8jDl8cdsFqmFhaqcIO7hv1RIHXznaqnpSDQxHBzOSogiG8OMPW6%2FleE2MJIaGUETwcSrpbOru42Mrhh6DC2we6y0ZBQFFKPcVzlP59IuOHeUhRh8CkMyXM7JM5Sl5foiv14QSs%2BSwOkeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 84af686469a56aed-BUF
expires: Sat, 30 Nov 2024 07:24:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
74 KB 105ms
40ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JWNGWK

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?&requestid=aN1axnmq8-&destinationid=277850184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53bbd61891e2533d144fee32eab49b5266990e5ac2e6bd0017accdc4de68bb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75439
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 09:14:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
513 B 43ms
40ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/bundle.bc33756c21ef8bd24e70.css?t=1701280418708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 08:38:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 09:14:45 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 91ms
29ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.holidayrelief.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:31:41 GMT
x-content-type-options: nosniff
age: 564184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:31:41 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 132ms
70ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.holidayrelief.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:31:33 GMT
x-content-type-options: nosniff
age: 564192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:31:33 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 120ms
58ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.holidayrelief.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:11:23 GMT
x-content-type-options: nosniff
age: 565402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:11:23 GMT

GET
H2 200 l8emw37gkr Show response
trk-architecto.com/scripts/push/script/ 7 KB
3 KB 111ms
34ms Script
application/javascript 2606:4700:e4::ac40:a225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-architecto.com/scripts/push/script/l8emw37gkr?url=benefits.holidayrelief.com

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/js/app.e823bb61.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce10ceefe4869c5b24c20e1c2d6261f63c5507f65135355a6bb8b027b50ca342

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:46 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5660
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Jan 2024 07:40:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtZS2ebhiRteBLTZa8sf1JAzGZ8pA7CBvyHcw3pPncY%2F8ha0T9mou1dphJrqVeAOhWh4%2BH4SqjtG41q%2Fkh6%2FsdSc1pq%2Fd9jsz0Xp72uAiW9UB%2Bz0qVAtrWmiiLaAKUQbi89CMZYdFUq3wFRatpES%2FrU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 84af68665dc51760-EWR
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 49ms
49ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MPFJT45DT0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWNGWK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

166dd9c02eec8175597f24990fe90b104c44da4e629e4098b2f145558e534af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91145
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 09:14:46 GMT

GET
H2 200 summary Show response
beacon.holidayrelief.com/geo/ 126 B
580 B 98ms
35ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.holidayrelief.com/geo/summary

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/js/12.441cbc23.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a74d3dced9ca80d8e53b3e844c879f4636877a91b980c0d73695246c1266c334

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.holidayrelief.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2 200 a7c885f7-6b44-4f42-8c33-2e225b339373 Show response
beacon.holidayrelief.com/g/ 117 B
586 B 98ms
36ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.holidayrelief.com/g/a7c885f7-6b44-4f42-8c33-2e225b339373?destinationid=277850184&requestid=aN1axnmq8-

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/js/12.441cbc23.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

37b45402a24baf7e73f5a3b2b57a43a6682bdc258edcfeae51f5361296611fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.holidayrelief.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H3 200 pop-up-wait-image.png
benefits.holidayrelief.com/e/18/public/common/popup/ 43 KB
44 KB 37ms
36ms Image
image/png 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.holidayrelief.com/e/18/public/common/popup/pop-up-wait-image.png

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?destinationid=277850184&ld=1&requestid=aN1axnmq8-&session_id=13b85765-bd0c-4d66-8f88-c0cce2fe48c2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd7677c79e440019ce16e0d7dfa3db2101430b83dac7824b2bc4b07d4e2f6a30

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/?destinationid=277850184&ld=1&requestid=aN1axnmq8-&session_id=13b85765-bd0c-4d66-8f88-c0cce2fe48c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:46 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173668
alt-svc: h3=":443"; ma=86400
content-length: 44463
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
server: cloudflare
etag: "65677acc-adaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckgcU4V%2B%2B9xYgiPTqGX%2FR2Wl06hDsExeVsMG55%2FSId9aogbvGE5ffD81cxB%2FqwiMgD0gBXRHdoVn%2FUn3JwI3sFk25rUdoE%2B4kXEr%2B2pBQZUMZBwLFajphMdiMV3CycvcPaCPXKB9L6TwkQdyhItvwBEQ%2F52lzO3Wow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84af6865fa0a6aed-BUF
expires: Fri, 29 Nov 2024 10:24:51 GMT

GET
H3 200 close-icon-pop-up.svg
benefits.holidayrelief.com/e/18/public/common/popup/ 739 B
897 B 51ms
50ms Image
image/svg+xml 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.holidayrelief.com/e/18/public/common/popup/close-icon-pop-up.svg

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/?destinationid=277850184&ld=1&requestid=aN1axnmq8-&session_id=13b85765-bd0c-4d66-8f88-c0cce2fe48c2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad5bc096489c13f52628e86e963983741b0fe88b7a5a1fec8d59566321a835e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/?destinationid=277850184&ld=1&requestid=aN1axnmq8-&session_id=13b85765-bd0c-4d66-8f88-c0cce2fe48c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:46 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65677acc-2e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T72Mh0AkcE8kFaMHuYHNhMl9OJq03TZCGsy0G7ElWg4FL496JHG1jAwOZeFTD4uA0o8uV6kZ4QnDAl4s1qe71Zc2T0EIOV7C9gV7vrPFBWVXguzPfFqy3kc6nysWQVqmZqg60SRfaouSazOgBIMmbdatSw8PLIyabQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 84af6865fa0b6aed-BUF
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 98ms
38ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MPFJT45DT0&gtm=45je41m0v892932906&_p=1706174085807&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1550011047.1706174086&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706174086&sct=1&seg=0&dl=https%3A%2F%2Fbenefits.holidayrelief.com%2Fe%2F18%2F%3Fdestinationid%3D277850184%26ld%3D1%26requestid%3DaN1axnmq8-%26session_id%3D13b85765-bd0c-4d66-8f88-c0cce2fe48c2&dt=Holiday%20Relief&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=991
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPFJT45DT0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:14:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.holidayrelief.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 100ms
39ms Ping
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MPFJT45DT0&cid=1550011047.1706174086&gtm=45je41m0v892932906&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPFJT45DT0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:14:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.holidayrelief.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 87ms
39ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MPFJT45DT0&gtm=45je41m0v892932906&_p=1706174085807&gcd=11l1l1l1l1&dma=0&cid=1550011047.1706174086&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1706174086&sct=1&seg=0&dl=https%3A%2F%2Fbenefits.holidayrelief.com%2Fe%2F18%2F%3Fdestinationid%3D277850184%26ld%3D1%26requestid%3DaN1axnmq8-%26session_id%3D13b85765-bd0c-4d66-8f88-c0cce2fe48c2&dt=Holiday%20Relief&en=sequence_start&_ee=1&ep.module=enrollment&ep.destinationid=277850184&ep.affid=false&_et=3&tfd=1002
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPFJT45DT0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:14:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.holidayrelief.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 80c0990c-a37d-4e9d-a1cd-e42df70c997a Show response
beacon.holidayrelief.com/s/ 33 KB
6 KB 42ms
42ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.holidayrelief.com/s/80c0990c-a37d-4e9d-a1cd-e42df70c997a?requestid=XIzaNYm-61&destinationid=3970347516&destinationid=277850184&requestid=aN1axnmq8-

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/js/12.441cbc23.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b5a2b988c0d474ed9fb56345122e8b1c07d33c577f7c5b44182907bdab4657c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.holidayrelief.com/
X-Requested-With: /e/18/?destinationid=277850184&ld=1&requestid=aN1axnmq8-&session_id=13b85765-bd0c-4d66-8f88-c0cce2fe48c2
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

OPTIONS
H2 200 80c0990c-a37d-4e9d-a1cd-e42df70c997a
beacon.holidayrelief.com/s/ 0
0 33ms
33ms Preflight 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.holidayrelief.com/s/80c0990c-a37d-4e9d-a1cd-e42df70c997a?requestid=XIzaNYm-61&destinationid=3970347516&destinationid=277850184&requestid=aN1axnmq8-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://benefits.holidayrelief.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
access-control-allow-origin: *
content-length: 0
date: Thu, 25 Jan 2024 09:14:45 GMT
server: Kestrel
strict-transport-security: max-age=2592000

POST
H2 204 collect
analytics.google.com/g/ 0
261 B 75ms
38ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MPFJT45DT0&gtm=45je41m0v892932906&_p=1706174085807&gcd=11l1l1l1l1&dma=0&cid=1550011047.1706174086&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1706174086&sct=1&seg=0&dl=https%3A%2F%2Fbenefits.holidayrelief.com%2Fe%2F18%2F%3Fdestinationid%3D277850184%26ld%3D1%26requestid%3DaN1axnmq8-%26session_id%3D13b85765-bd0c-4d66-8f88-c0cce2fe48c2&dt=Holiday%20Relief&en=scroll&epn.percent_scrolled=90&_et=4&tfd=1013
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPFJT45DT0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:14:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.holidayrelief.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 flag.ico
benefits.holidayrelief.com/e/18/public/ 4 KB
5 KB 40ms
39ms Image
image/x-icon 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.holidayrelief.com/e/18/public/flag.ico

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/js/app.e823bb61.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad423f205db8b52146c1f364809242fe10f68dfb1650574650b5c907a80948c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/?destinationid=277850184&ld=1&requestid=aN1axnmq8-&session_id=13b85765-bd0c-4d66-8f88-c0cce2fe48c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:46 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
server: cloudflare
etag: W/"65677acc-11b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irjNHytDm8q51MpQ28H%2BCjIrknOXlFffMlXJbDnHoc3pXgbzm%2FIM0J3Hjs3%2Bt7MLAWoM9%2B8XlCuHDjvRuCSaQG2WxGKMrjFZcCFCYxk9YJjJEG3xDJsVpwp3fUOoq6rNathDfDnegHwQzT5oyadqCtnlwJc9BLyXEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=31536000
cf-ray: 84af68674a686aed-BUF
expires: Sat, 30 Nov 2024 07:03:23 GMT

GET
H3 200 arrow-down.png
benefits.holidayrelief.com/e/18/public/ 3 KB
4 KB 37ms
36ms Image
image/png 2606:4700:3037::ac43:d32a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.holidayrelief.com/e/18/public/arrow-down.png

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/bundle.bc33756c21ef8bd24e70.css?t=1701280418708

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d32a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f41f6c1e7a7c5e15d61a1e5602d25ffd73b51a3027c83a9ff5ae7eccfae2bd5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benefits.holidayrelief.com/e/18/bundle.bc33756c21ef8bd24e70.css?t=1701280418708
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:46 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4179783
alt-svc: h3=":443"; ma=86400
content-length: 3373
last-modified: Wed, 29 Nov 2023 17:54:20 GMT
server: cloudflare
etag: "65677acc-d2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3f64tHcRpJeb55MkC6mVLS5d%2BnbNo3F6UVwDwscHrA8a9HiL9mkjOIIFryqY0babobNVkHjapSfFHjwaQnVY75F3nMKcmCVx6dOY1EvrbgaZP5PKitYub4DwfQNEo7GD7p8XxKVdGugvOaOhH4LwZd%2B%2BYl3xvxc24Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84af68677a726aed-BUF
expires: Sat, 30 Nov 2024 09:56:10 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 30ms
29ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.holidayrelief.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:34:08 GMT
x-content-type-options: nosniff
age: 564038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:34:08 GMT

GET
H2 200 158229d0-4596-4b84-b0d4-660a6e6953d1 Show response
beacon.holidayrelief.com/c/ 1 KB
1 KB 36ms
35ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.holidayrelief.com/c/158229d0-4596-4b84-b0d4-660a6e6953d1

Requested by

Host: benefits.holidayrelief.com
URL: https://benefits.holidayrelief.com/e/18/js/12.441cbc23.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

35cb54af20e98dbf955df72512b5ed908da43a970e2d180b2502344632c47d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.holidayrelief.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:14:45 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

OPTIONS
H2 200 lmdzpzwgky
event.trk-architecto.com/register/event_log/ 0
0 145ms
61ms Preflight 2606:4700:e4::ac40:a225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-architecto.com/register/event_log/lmdzpzwgky

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://benefits.holidayrelief.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84af68689f6442b9-EWR
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Thu, 25 Jan 2024 09:14:46 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMhQfp4b5PwiQpVNHlx5oPmnPKj3N%2BFFOkjeZB5Cqw9G7RZFq92LDTkQVUY3GHBhyhW05ZZ7U%2FMcY5w%2F1k5rHF7B%2BZuOAkIXDmcrOULsp7SliaWWovdJCW7ulBO8PgOmEzzpHZa8M5zypsaBXQKgvxCLKdBtzSs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 lmdzpzwgky
event.trk-architecto.com/register/event_log/ 0
0 42ms
41ms Fetch 2606:4700:e4::ac40:a225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-architecto.com/register/event_log/lmdzpzwgky

Requested by

Host: trk-architecto.com
URL: https://trk-architecto.com/scripts/push/script/l8emw37gkr?url=benefits.holidayrelief.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.holidayrelief.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Thu, 25 Jan 2024 09:14:46 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywsKdDyEujgBHKJnrVD6M5Y7pFIrtjC3D0PQwTO19MHjp0PgZWnuYJParU4X%2BdJdwuPMt1jK8%2BIBCFlGNM%2BUdhNLiWx7sNQNHLFtQ1uQ9EG0ejWXWm%2BVbC%2FDXIrsyX3J5a2rvfrARhiR7eyLKVTsV7wv7wPBnKM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 84af6868ffa442b9-EWR
x-pushplatformapp-params

OPTIONS
H2 200 lmdzpzwgky
event.trk-architecto.com/register/event_log/ 0
0 150ms
67ms Preflight 2606:4700:e4::ac40:a225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-architecto.com/register/event_log/lmdzpzwgky

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://benefits.holidayrelief.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84af68689f6542b9-EWR
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Thu, 25 Jan 2024 09:14:46 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnPziFmqC%2FvFBgdzgJsntopF6b4KxwbrkTHM8rDr%2BI0%2Bd6gBkZsYCUvQ6gGYXaQRK99jTpj%2Fys8Fp1dQnW51NsAqUSh7%2FA1X%2B2YzZM0ce9ate5xjEEGa4ezUIolVpAACco%2FIjt2lIiDYMjCNeYc4kILlh9ndN4U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 lmdzpzwgky
event.trk-architecto.com/register/event_log/ 0
0 43ms
43ms Fetch 2606:4700:e4::ac40:a225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-architecto.com/register/event_log/lmdzpzwgky

Requested by

Host: trk-architecto.com
URL: https://trk-architecto.com/scripts/push/script/l8emw37gkr?url=benefits.holidayrelief.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.holidayrelief.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Thu, 25 Jan 2024 09:14:46 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1OZLQHcnDexIw63KE4ZcIfX251F0QILilO0o%2B6owOipd2PKgmRSHE0u8SSYm9x8bxyxxc8mErp3qDNlQsKUENkRgiqBnsXjX1AbY8s1yOorXCj6%2BNQTXeCX2IEGO3N1IB7X1gZoTdxQ8pjno2g46DgiYpsMNug%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 84af68690fab42b9-EWR
x-pushplatformapp-params

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 40ms
39ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MPFJT45DT0&gtm=45je41m0v892932906&_p=1706174085807&gcd=11l1l1l1l1&dma=0&cid=1550011047.1706174086&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1706174086&sct=1&seg=0&dl=https%3A%2F%2Fbenefits.holidayrelief.com%2Fe%2F18%2F%3Fdestinationid%3D277850184%26ld%3D1%26requestid%3DaN1axnmq8-%26session_id%3D13b85765-bd0c-4d66-8f88-c0cce2fe48c2&dt=Holiday%20Relief&_s=4&tfd=2187
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPFJT45DT0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefits.holidayrelief.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:14:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.holidayrelief.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.holidayrelief.com/	1970-01-20 20:05:50	Name: _gcl_au Value: 1.1.2020037655.1706174086
.holidayrelief.com/	1970-01-21 03:32:14	Name: _ga Value: GA1.1.1550011047.1706174086
.holidayrelief.com/	1970-01-21 03:32:14	Name: _ga_MPFJT45DT0 Value: GS1.1.1706174086.1.1.1706174087.59.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://benefits.holidayrelief.com/e/18/0?destinationid=277850184&ld=1&requestid=aN1axnmq8-&session_id=13b85765-bd0c-4d66-8f88-c0cce2fe48c2 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
beacon.holidayrelief.com
benefits.holidayrelief.com
event.trk-architecto.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
trk-architecto.com
www.googletagmanager.com
2606:4700:3037::ac43:d32a
2606:4700:e4::ac40:a225
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c19::5f
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81d::200e
45.55.126.207
03ca55ba634559db8ae4b798b51322e8923a2bc365239a28d564e27065060da5
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
093d1411bac51b713494495588bea9b47ca143d7ee9f85b5db866d99cab88ac7
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
12323df0e320529462712878edef7520eebe5cd1eb11358383f3021fe537a104
166dd9c02eec8175597f24990fe90b104c44da4e629e4098b2f145558e534af0
35cb54af20e98dbf955df72512b5ed908da43a970e2d180b2502344632c47d67
37b45402a24baf7e73f5a3b2b57a43a6682bdc258edcfeae51f5361296611fb7
53bbd61891e2533d144fee32eab49b5266990e5ac2e6bd0017accdc4de68bb33
756704f8449f0a9e5743bf87c4dcb39484b9e3fe125042e5bb4b7837a9e09fc2
7f41f6c1e7a7c5e15d61a1e5602d25ffd73b51a3027c83a9ff5ae7eccfae2bd5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91fa33b6a97661b37ac655ca14b8e2fc27ff45284ab031e7736517599bde0657
9ad5bc096489c13f52628e86e963983741b0fe88b7a5a1fec8d59566321a835e
a74d3dced9ca80d8e53b3e844c879f4636877a91b980c0d73695246c1266c334
a781901393bd19811bef7ec44fe3715212110370a565ce384ff8a902de5eaf3e
ad423f205db8b52146c1f364809242fe10f68dfb1650574650b5c907a80948c6
b5a2b988c0d474ed9fb56345122e8b1c07d33c577f7c5b44182907bdab4657c9
bd7677c79e440019ce16e0d7dfa3db2101430b83dac7824b2bc4b07d4e2f6a30
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ce10ceefe4869c5b24c20e1c2d6261f63c5507f65135355a6bb8b027b50ca342
cfef805811bea823d8ebe91881212bb6435c14dd92e36d071d7daa6a8897d30d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

benefits.holidayrelief.com Open in urlscan Pro 2606:4700:3037::ac43:d32a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

88 %IPv6

7 Domains

9 Subdomains

8 IPs

1 Countries

621 kBTransfer

2021 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

benefits.holidayrelief.com Open in urlscan Pro
2606:4700:3037::ac43:d32a Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

8
IPs

1
Countries

621 kB
Transfer

2021 kB
Size

3
Cookies

34 HTTP transactions
0 data transactions