urlscan.io logo urlscan.io
SecurityTrails logo

benefits.legalactionfinder.com Open in urlscan Pro
134.209.162.246  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.quik2stle.cloud/dd320/b836c0a
Effective URL: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Submission: On May 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 134.209.162.246, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is benefits.legalactionfinder.com.
TLS certificate: Issued by R3 on March 11th 2021. Valid for: 3 months.
This is the only time benefits.legalactionfinder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 64.44.134.99 20278 (NEXEON)
1 46.105.239.175 16276 (OVH)
9 134.209.162.246 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:e0:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 45.55.126.207 14061 (DIGITALOC...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 205.185.216.10 20446 (HIGHWINDS3)
26 12
2    64.44.134.99 (United States)

ASN20278 (NEXEON, US)
www.quik2stle.cloud
1    46.105.239.175 (France)

ASN16276 (OVH, FR)
PTR: srv424.baton-twirling.club
bedoid.com
9    134.209.162.246 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
benefits.legalactionfinder.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700:e0::ac40:6511 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
beacon.legalactionfinder.com
2    2606:4700:3032::ac43:d598 (United States)

ASN13335 (CLOUDFLARENET, US)
api.benefit-relief.com
1    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
support-benefits.nyc3.cdn.digitaloceanspaces.com
Domain Requested by
9 benefits.legalactionfinder.com bedoid.com
benefits.legalactionfinder.com
3 fonts.gstatic.com fonts.googleapis.com
3 ka-f.fontawesome.com kit.fontawesome.com
2 api.benefit-relief.com benefits.legalactionfinder.com
2 www.google-analytics.com www.googletagmanager.com
2 www.quik2stle.cloud 1 redirects
1 support-benefits.nyc3.cdn.digitaloceanspaces.com
1 beacon.legalactionfinder.com benefits.legalactionfinder.com
1 www.googletagmanager.com benefits.legalactionfinder.com
1 kit.fontawesome.com benefits.legalactionfinder.com
1 fonts.googleapis.com benefits.legalactionfinder.com
1 bedoid.com www.quik2stle.cloud
26 12

This site contains no links.

Subject Issuer Validity Valid
bedoid.com
Go Daddy Secure Certificate Authority - G2		 2020-10-15 -
2021-10-15		 a year crt.sh
benefits.legalactionfinder.com
R3		 2021-03-11 -
2021-06-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-13 -
2021-10-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
beacon.legalactionfinder.com
R3		 2021-04-28 -
2021-07-27		 3 months crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Frame ID: 08BC555DE88A34EF3B77316564A16E57
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.quik2stle.cloud/dd320/b836c0a HTTP 302
    http://www.quik2stle.cloud/index.php?path=dd320/b836c0a Page URL
  2. https://bedoid.com/ffd9e8820f89263800/501Ver// Page URL
  3. https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Page Statistics

26
Requests

96 %
HTTPS

58 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

1025 kB
Transfer

1221 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.quik2stle.cloud/dd320/b836c0a HTTP 302
    http://www.quik2stle.cloud/index.php?path=dd320/b836c0a Page URL
  2. https://bedoid.com/ffd9e8820f89263800/501Ver// Page URL
  3. https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.quik2stle.cloud/dd320/b836c0a HTTP 302
  • http://www.quik2stle.cloud/index.php?path=dd320/b836c0a

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.php
www.quik2stle.cloud/
Redirect Chain
  • http://www.quik2stle.cloud/dd320/b836c0a
  • http://www.quik2stle.cloud/index.php?path=dd320/b836c0a
112 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.quik2stle.cloud/index.php?path=dd320/b836c0a
Protocol
HTTP/1.1
Server
64.44.134.99 , United States, ASN20278 (NEXEON, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
8c9721bd5d023a49ed21228ad793e3382de9ffc37a4308d81de789f33b3fe521

Request headers

Host
www.quik2stle.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:15:50 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Content-Length
112
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 02 May 2021 07:15:50 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location
http://www.quik2stle.cloud/index.php?path=dd320/b836c0a
Content-Length
239
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Cookie set /
bedoid.com/ffd9e8820f89263800/501Ver// 		149 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bedoid.com/ffd9e8820f89263800/501Ver//
Requested by
Host: www.quik2stle.cloud
URL: http://www.quik2stle.cloud/index.php?path=dd320/b836c0a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.105.239.175 , France, ASN16276 (OVH, FR),
Reverse DNS
srv424.baton-twirling.club
Software
Apache /
Resource Hash

Request headers

Host
bedoid.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://www.quik2stle.cloud/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Referer
http://www.quik2stle.cloud/

Response headers

Date
Sun, 02 May 2021 07:15:50 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
149
Server
Apache
Set-Cookie
uid16819=1042710794-20210502021550-4ffc6e10a4d68f8681cbad1dd1fc1af3-; domain=; expires=Mon, 03-May-2021 08:15:50 GMT; path=/; SameSite=None; Secure
Primary Request /
benefits.legalactionfinder.com/l/2/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Requested by
Host: bedoid.com
URL: https://bedoid.com/ffd9e8820f89263800/501Ver//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
134.209.162.246 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
52eb009671e642a13fda65e3f2ede4be1807286587fbfd5f6e61789cf73b2194

Request headers

Host
benefits.legalactionfinder.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://bedoid.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Referer
https://bedoid.com/

Response headers

Server
nginx
Date
Sun, 02 May 2021 07:16:03 GMT
Content-Type
text/html
Last-Modified
Mon, 22 Mar 2021 17:04:45 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"6058ce2d-25fe"
Content-Encoding
gzip
css
fonts.googleapis.com/ 		5 KB
735 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5c336543068fe4bfbd6cc01688a07c7d377e61238fc8d584b9f250e29696cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Sun, 02 May 2021 07:15:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 02 May 2021 07:15:51 GMT
268a7048dd.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/268a7048dd.js
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b7c0130b8e42bd11b9724859ff153b54d352bc424e909de9ff5334313c33d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 02 May 2021 07:15:51 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; preload
cf-request-id
09cd880e380000dfd36aa5c000000001
x-request-id
FnZZ203kwSlQ1AQnW-LB
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
648f75f6b9c8dfd3-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
js
www.googletagmanager.com/gtag/ 		117 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VEWJ1C78X1
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e8f13e33cd559da421898c5ab4c2630d8f3ceae5e7279eb7a2ff5f62e5eeca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 02 May 2021 07:15:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46129
x-xss-protection
0
expires
Sun, 02 May 2021 07:15:51 GMT
bundle.319f40674860b31a3c4f.css
benefits.legalactionfinder.com/l/2/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefits.legalactionfinder.com/l/2/bundle.319f40674860b31a3c4f.css?t=1616432670382
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
134.209.162.246 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0353dc6908d7c995036096045c1fd6a06f5d1cc0ea633ce90d7f85605db2e268

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
benefits.legalactionfinder.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Connection
keep-alive
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:16:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Mar 2021 17:04:45 GMT
Server
nginx
ETag
W/"6058ce2d-786c"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 02 May 2022 07:16:03 GMT
logo.png
benefits.legalactionfinder.com/l/2/public/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefits.legalactionfinder.com/l/2/public/logo.png?v=etytuytiu
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
134.209.162.246 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
80a15f8c3dec732f606920d0a697da8d412741b8a859b1d90ef5423ab3daf37b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
benefits.legalactionfinder.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Connection
keep-alive
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:16:03 GMT
Last-Modified
Mon, 22 Mar 2021 17:04:44 GMT
Server
nginx
ETag
"6058ce2c-94f"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2383
Expires
Mon, 02 May 2022 07:16:03 GMT
4.a1b516f0.chunk.js
benefits.legalactionfinder.com/l/2/js/ 		295 KB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.legalactionfinder.com/l/2/js/4.a1b516f0.chunk.js
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
134.209.162.246 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
65558d9d5e2c3d74f530bcd524fafd173c4300eca3b67fae24519a880d6ecce0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
benefits.legalactionfinder.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Connection
keep-alive
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:16:03 GMT
Last-Modified
Mon, 22 Mar 2021 17:04:44 GMT
Server
nginx
ETag
"6058ce2c-49b9d"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
301981
Expires
Mon, 02 May 2022 07:16:03 GMT
app.0581bbad.js
benefits.legalactionfinder.com/l/2/js/ 		286 KB
286 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.legalactionfinder.com/l/2/js/app.0581bbad.js
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
134.209.162.246 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
769f95011e1596cf2f9202a5b50293e94345b51cb54c1f460f7f1bd765cc9601

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
benefits.legalactionfinder.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Connection
keep-alive
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:16:03 GMT
Last-Modified
Mon, 22 Mar 2021 17:04:44 GMT
Server
nginx
ETag
"6058ce2c-478af"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
293039
Expires
Mon, 02 May 2022 07:16:03 GMT
collect
www.google-analytics.com/g/ 		0
82 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VEWJ1C78X1&gtm=2oe4l3&_p=1958560888&sr=1600x1200&ul=en-us&cid=1132926661.1619939752&_s=1&dl=https%3A%2F%2Fbenefits.legalactionfinder.com%2Fl%2F2%2F%3Fssid%3D377%26s1%3D471962%26s2%3D1042710794%26s3%3D501Ver&dr=https%3A%2F%2Fbedoid.com%2F&dt=Legal%20Action%20Finder&sid=1619939751&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VEWJ1C78X1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 02 May 2021 07:15:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://benefits.legalactionfinder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6511 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 02 May 2021 07:15:51 GMT
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
754169
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09cd880e940000178abcb38000000001
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U2uE774%2Br%2BsiVsW9S2tdwjUFcS%2Bq5RVJ3ReYw8aP1XmNv7HUdLs9hId1d%2BAEyqjaaIowOE97MB5mPS0PXLfq75i1m%2FsMRuj%2BuVHsWRs5N2XOjowhjadG0RGMXhRPlouTIg%3D%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA56-C2
cf-ray
648f75f75a27178a-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
qwP-_M_ECyREvgGTf5W6mmRRwxlDBGBjTbVcvY3bmwzZ-ssYM5ypeg==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6511 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 02 May 2021 07:15:51 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
754169
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09cd880e940000178af913d000000001
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rTp%2FyHSWA9RoVldLF2FIh6ICAIrEbCQVpPOCPx%2FE8ks2UNfgW6OzZ8XkjgySVWgmTzuUASLD6LMA2F7T0pG7NPb67ODrgx9M%2FGnVEPSYKOV0Czvs%2BPxTSez14JfEVxFWnw%3D%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA56-C2
cf-ray
648f75f75a29178a-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
WDrbPsKdG7xVksFg_WJYMo_ZvSTuutN_J8Afkb6JArZjwLHfqqNKbw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6511 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 02 May 2021 07:15:51 GMT
via
1.1 6f6de2de0e03603ac1b58353376153d3.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
754169
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09cd880e950000178a2126b000000001
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XFJFC%2FvwyOtVN%2FiunSD%2B4V3QO1Q%2Ble31wFXre45uwbTXS81ZNmESEBZ8m3Na00EgeD7hfZ60A5YEif64vJnVBeDgLvMvsapWv%2BPCGFNvmTM%2FPqVVIjmcuVKkz9%2BUUf5L1w%3D%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA56-C2
cf-ray
648f75f75a2b178a-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
xHz0aIVmcnUwaQqKlO9xnbhmGS1-WxIbWsLgwzc9ggiDIccfQUYBIA==
banner.png
benefits.legalactionfinder.com/l/2/public/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benefits.legalactionfinder.com/l/2/public/banner.png
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
134.209.162.246 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
74572f8daaf2baacd3b19367e15adf6dd7ea968371bf360bd8186fc32942e0f6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
benefits.legalactionfinder.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
Cookie
_ga_VEWJ1C78X1=GS1.1.1619939751.1.0.1619939751.0; _ga=GA1.1.1132926661.1619939752
Connection
keep-alive
Referer
https://benefits.legalactionfinder.com/l/2/?ssid=377&s1=471962&s2=1042710794&s3=501Ver
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:16:03 GMT
Last-Modified
Mon, 22 Mar 2021 17:04:44 GMT
Server
nginx
ETag
"6058ce2c-2bc2f"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
179247
Expires
Mon, 02 May 2022 07:16:03 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://benefits.legalactionfinder.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 13:30:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:25 GMT
server
sffe
age
236694
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Fri, 29 Apr 2022 13:30:57 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://benefits.legalactionfinder.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 15:43:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
228715
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Fri, 29 Apr 2022 15:43:56 GMT
0.0f658c18.chunk.js
benefits.legalactionfinder.com/l/2/js/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.legalactionfinder.com/l/2/js/0.0f658c18.chunk.js
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.0581bbad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
134.209.162.246 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
70660400bed32e03f4f9038a6371302dd515c5236c6eb9bc5c63f093b2869148

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
benefits.legalactionfinder.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://benefits.legalactionfinder.com/l/2/?s1=471962&s2=1042710794&s3=501Ver&ssid=377
Connection
keep-alive
Referer
https://benefits.legalactionfinder.com/l/2/?s1=471962&s2=1042710794&s3=501Ver&ssid=377
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:16:03 GMT
Last-Modified
Mon, 22 Mar 2021 17:04:44 GMT
Server
nginx
ETag
"6058ce2c-a06f"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41071
Expires
Mon, 02 May 2022 07:16:03 GMT
1.bundle.4c755faaaecc7f0d2905.css
benefits.legalactionfinder.com/l/2/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://benefits.legalactionfinder.com/l/2/1.bundle.4c755faaaecc7f0d2905.css?t=1616432670382
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.0581bbad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
134.209.162.246 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ead27f1a7c286e58cf47b5aaf75e027a5710d245c01c3380b3b69a769b1ab2dd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
benefits.legalactionfinder.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://benefits.legalactionfinder.com/l/2/?s1=471962&s2=1042710794&s3=501Ver&ssid=377
Connection
keep-alive
Referer
https://benefits.legalactionfinder.com/l/2/?s1=471962&s2=1042710794&s3=501Ver&ssid=377
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:16:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Mar 2021 17:04:45 GMT
Server
nginx
ETag
W/"6058ce2d-2c06"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 02 May 2022 07:16:03 GMT
1.9bf1e91b.chunk.js
benefits.legalactionfinder.com/l/2/js/ 		66 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefits.legalactionfinder.com/l/2/js/1.9bf1e91b.chunk.js
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.0581bbad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
134.209.162.246 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9987ff97e798f46bbba4be7ee359553379dd6c8ad5bb9d3595b775ead05d2ed0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
benefits.legalactionfinder.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://benefits.legalactionfinder.com/l/2/?s1=471962&s2=1042710794&s3=501Ver&ssid=377
Connection
keep-alive
Referer
https://benefits.legalactionfinder.com/l/2/?s1=471962&s2=1042710794&s3=501Ver&ssid=377
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:16:03 GMT
Last-Modified
Mon, 22 Mar 2021 17:04:44 GMT
Server
nginx
ETag
"6058ce2c-108e4"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67812
Expires
Mon, 02 May 2022 07:16:03 GMT
summary
beacon.legalactionfinder.com/geo/ 		119 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.legalactionfinder.com/geo/summary
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/4.a1b516f0.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b3956bc7643669d859d25b463f171762a66987fdc2e28e89fc2c699d96dabba7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 02 May 2021 07:15:51 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
strict-transport-security
max-age=2592000
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
graphql
api.benefit-relief.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.benefit-relief.com/graphql
Protocol
H2
Server
2606:4700:3032::ac43:d598 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://benefits.legalactionfinder.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
cors

Response headers

date
Sun, 02 May 2021 07:15:52 GMT
access-control-allow-origin
*
access-control-request-method
HEAD, GET, POST
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, Content-Type, Content-Length
x-graphql-event-stream
/_postgraphile/stream
cf-cache-status
DYNAMIC
cf-request-id
09cd88116e00004ec7df115000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RwTHPgLnL5uWUaXAn2a1CvyEn9dDLMHbx0xgS%2B7xiLr%2BeMNoDLHhuRycsjxPTF41jwGiPg5z8Vz56eLjZYLnLTZwDn0YeZ8rcvmP9kVDIkW8f8KZ2haMR9wpKujOBKmjwLiY"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
648f75fbeb294ec7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
graphql
api.benefit-relief.com/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.benefit-relief.com/graphql
Requested by
Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/4.a1b516f0.chunk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d598 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c698ffa2b1de076598e33e25eef9597503f8a03db5115ad8db1e2231583ba7

Request headers

Accept
application/json, text/plain, */*
Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 02 May 2021 07:15:52 GMT
access-control-request-method
HEAD, GET, POST
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
648f75fcaa041f25-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YdeGFZ2cP49MTnBC08ijighVi%2Fox0OfmDa81%2Fy%2B3Gd2%2Fl6hWqqayNKdyN0Hv2C8%2BXzgwFzWBlGCfpqxYgS2vlfkNxY1zVSFCOBM%2FIvCl7p9xby0XHec7kg03cfDW5t6prbL%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-graphql-event-stream
/_postgraphile/stream
content-encoding
br
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, Content-Type, Content-Length
cf-request-id
09cd8811e500001f256229b000000001
zvw17oyjk_1611762556078_Lawsuit_Winning_Round_Up_300x225.jpg
support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/zvw17oyjk_1611762556078_Lawsuit_Winning_Round_Up_300x225.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d76d0edb91bc45b2b98a6da1d4aa0b6f6dee013926bdd26aa18dc57432d2bc9f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 02 May 2021 07:15:52 GMT
Last-Modified
Wed, 27 Jan 2021 15:49:16 GMT
x-amz-request-id
tx00000000000000490bc30-006087322b-4d93f15-nyc3a
etag
"014a3bd4ea33d635ae79868dca00892f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
X-HW
1619939752.dop027.ml1.t,1619939752.cds033.ml1.shn,1619939752.dop027.ml1.t,1619939752.cds222.ml1.c
Content-Type
image/jpeg
Cache-Control
max-age=137987
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29303
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://benefits.legalactionfinder.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 23:16:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
201549
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13732
x-xss-protection
0
expires
Fri, 29 Apr 2022 23:16:43 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VEWJ1C78X1&gtm=2oe4l3&_p=1958560888&sr=1600x1200&ul=en-us&cid=1132926661.1619939752&dl=https%3A%2F%2Fbenefits.legalactionfinder.com%2Fl%2F2%2F%3Fs1%3D471962%26s2%3D1042710794%26s3%3D501Ver%26ssid%3D377&dr=https%3A%2F%2Fbedoid.com%2F&dt=Legal%20Action%20Finder&sid=1619939751&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VEWJ1C78X1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benefits.legalactionfinder.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 02 May 2021 07:15:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://benefits.legalactionfinder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| FontAwesomeKitConfig object| webpackJsonp function| _ object| regeneratorRuntime function| onYouTubeIframeAPIReady

1 Cookies

Domain/Path Name / Value
.legalactionfinder.com/ Name: _ga_VEWJ1C78X1
Value: GS1.1.1619939751.1.0.1619939752.0

2 Console Messages

Source Level URL
Text
console-api log URL: https://benefits.legalactionfinder.com/l/2/js/4.a1b516f0.chunk.js(Line 13)
Message:
i18next: languageChanged en
console-api log URL: https://benefits.legalactionfinder.com/l/2/js/4.a1b516f0.chunk.js(Line 13)
Message:
i18next: initialized [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.benefit-relief.com
beacon.legalactionfinder.com
bedoid.com
benefits.legalactionfinder.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
support-benefits.nyc3.cdn.digitaloceanspaces.com
www.google-analytics.com
www.googletagmanager.com
www.quik2stle.cloud
134.209.162.246
205.185.216.10
2606:4700:3032::ac43:d598
2606:4700::6812:1734
2606:4700:e0::ac40:6511
2a00:1450:4001:811::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
45.55.126.207
46.105.239.175
64.44.134.99
0353dc6908d7c995036096045c1fd6a06f5d1cc0ea633ce90d7f85605db2e268
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
14c698ffa2b1de076598e33e25eef9597503f8a03db5115ad8db1e2231583ba7
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
4e8f13e33cd559da421898c5ab4c2630d8f3ceae5e7279eb7a2ff5f62e5eeca4
52eb009671e642a13fda65e3f2ede4be1807286587fbfd5f6e61789cf73b2194
65558d9d5e2c3d74f530bcd524fafd173c4300eca3b67fae24519a880d6ecce0
67b7c0130b8e42bd11b9724859ff153b54d352bc424e909de9ff5334313c33d4
70660400bed32e03f4f9038a6371302dd515c5236c6eb9bc5c63f093b2869148
74572f8daaf2baacd3b19367e15adf6dd7ea968371bf360bd8186fc32942e0f6
769f95011e1596cf2f9202a5b50293e94345b51cb54c1f460f7f1bd765cc9601
80a15f8c3dec732f606920d0a697da8d412741b8a859b1d90ef5423ab3daf37b
8c9721bd5d023a49ed21228ad793e3382de9ffc37a4308d81de789f33b3fe521
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9987ff97e798f46bbba4be7ee359553379dd6c8ad5bb9d3595b775ead05d2ed0
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
b3956bc7643669d859d25b463f171762a66987fdc2e28e89fc2c699d96dabba7
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
d5c336543068fe4bfbd6cc01688a07c7d377e61238fc8d584b9f250e29696cca
d76d0edb91bc45b2b98a6da1d4aa0b6f6dee013926bdd26aa18dc57432d2bc9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead27f1a7c286e58cf47b5aaf75e027a5710d245c01c3380b3b69a769b1ab2dd