benefits.legalactionfinder.com Open in urlscan Pro
164.90.140.247 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://steinibergs.site/bpp/QCjLdc
Effective URL:
https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Submission: On October 12 via manual (October 12th 2021, 8:03:52 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 30 HTTP transactions. The main IP is 164.90.140.247, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is benefits.legalactionfinder.com.
TLS certificate: Issued by R3 on September 10th 2021. Valid for: 3 months.

This is the only time benefits.legalactionfinder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.30.32.45 192.30.32.45	3842 (RAMNODE) (RAMNODE)
1	209.159.146.166 209.159.146.166	19318 (IS-AS-1) (IS-AS-1)
10	164.90.140.247 164.90.140.247	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	104.18.22.52 104.18.22.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
3	104.21.81.131 104.21.81.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
5	104.21.76.201 104.21.76.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.21.35.45 104.21.35.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
30	12

1 192.30.32.45 (United States) 1 redirects

ASN3842 (RAMNODE, US)
PTR: 192-30-32-45.cloud.ramnode.com

steinibergs.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.159.146.166 (United States)

ASN19318 (IS-AS-1, US)
PTR: smdnode20qq21.com

laudypauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 164.90.140.247 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

benefits.legalactionfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.52 (None, )

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.81.131 (None, )

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.76.201 (None, )

ASN13335 (CLOUDFLARENET, US)

push.smpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.smpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.legalactionfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.35.45 (None, )

ASN13335 (CLOUDFLARENET, US)

api.benefit-relief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

support-benefits.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	legalactionfinder.com benefits.legalactionfinder.com beacon.legalactionfinder.com	949 KB
5	smpush.com push.smpush.com event.smpush.com	3 KB
4	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	23 KB
3	gstatic.com fonts.gstatic.com	68 KB
2	benefit-relief.com api.benefit-relief.com	4 KB
1	digitaloceanspaces.com support-benefits.nyc3.cdn.digitaloceanspaces.com	29 KB
1	google-analytics.com www.google-analytics.com	378 B
1	googletagmanager.com www.googletagmanager.com	49 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	laudypauty.com laudypauty.com	440 B
1	steinibergs.site 1 redirects steinibergs.site	274 B
30	11

	Domain	Requested by
10	benefits.legalactionfinder.com	laudypauty.com benefits.legalactionfinder.com
4	event.smpush.com	push.smpush.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	api.benefit-relief.com	benefits.legalactionfinder.com
1	support-benefits.nyc3.cdn.digitaloceanspaces.com
1	beacon.legalactionfinder.com	benefits.legalactionfinder.com
1	push.smpush.com	benefits.legalactionfinder.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	benefits.legalactionfinder.com
1	kit.fontawesome.com	benefits.legalactionfinder.com
1	fonts.googleapis.com	benefits.legalactionfinder.com
1	laudypauty.com
1	steinibergs.site	1 redirects
30	14

This site contains links to these domains. Also see Links.

Domain
legalactionfinder.com

Subject Issuer	Validity	Valid
www.laudypauty.com Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
benefits.legalactionfinder.com R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
beacon.legalactionfinder.com R3	`2021-08-26` - `2021-11-24`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Frame ID: 70B7DD074E2B42A396C218710AE704AE
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Legal Action Findermap_icon

Page URL History Show full URLs

http://steinibergs.site/bpp/QCjLdc HTTP 307
https://laudypauty.com/100cc12f9a7525d3800/bpp Page URL
https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

12
IPs

2
Countries

1127 kB
Transfer

1331 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://legalactionfinder.com/terms.php
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalactionfinder.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalactionfinder.com/donotsell.php
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://legalactionfinder.com/unsubscribe.php
Title: Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://steinibergs.site/bpp/QCjLdc HTTP 307
https://laudypauty.com/100cc12f9a7525d3800/bpp Page URL
https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://steinibergs.site/bpp/QCjLdc HTTP 307
https://laudypauty.com/100cc12f9a7525d3800/bpp

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set bpp
laudypauty.com/100cc12f9a7525d3800/
Redirect Chain

http://steinibergs.site/bpp/QCjLdc
https://laudypauty.com/100cc12f9a7525d3800/bpp

146 B
440 B

642ms
379ms

Document
text/html

209.159.146.166
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://laudypauty.com/100cc12f9a7525d3800/bpp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.159.146.166 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: smdnode20qq21.com
Software: Apache /
Resource Hash

Request headers

Host: laudypauty.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 12 Oct 2021 20:03:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 146
Server: Apache
Set-Cookie: uid15731=1100562855-20211012150346-12d121a094ab9adbf3ac8069e0701bbe-; domain=; expires=Wed, 13-Oct-2021 21:03:46 GMT; path=/; SameSite=None; Secure

Redirect headers

Server: nginx/1.21.1
Date: Tue, 12 Oct 2021 20:03:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 149
Connection: keep-alive
X-Powered-By: Express
Location: https://laudypauty.com/100cc12f9a7525d3800/bpp
Vary: Accept

GET
H/1.1 200
OK Primary Request / Show response
benefits.legalactionfinder.com/l/2/ 9 KB
3 KB 274ms
87ms Document
text/html 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Requested by: Host: laudypauty.com
URL: https://laudypauty.com/100cc12f9a7525d3800/bpp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a11057dabde9377622ba2cfdbd4f1732d5a9c6cfd1e076c53917e557daf4c18d

Request headers

Host: benefits.legalactionfinder.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://laudypauty.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://laudypauty.com/

Response headers

Server: nginx
Date: Tue, 12 Oct 2021 20:03:47 GMT
Content-Type: text/html
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613b02ca-25f7"
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 69ms
27ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

2a245d5316ce74ea8dea80f99838916f6d44d7724c7ba0d7fd2fffc9adda308c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 20:03:47 GMT
server: ESF
date: Tue, 12 Oct 2021 20:03:47 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 12 Oct 2021 20:03:47 GMT

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 11 KB
4 KB 38ms
20ms Script
text/javascript 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/268a7048dd.js

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2c541caebe0c03f12aaf91164c76174b26ceb91df7a64db114ddca4f50bfa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 20:03:47 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 5
strict-transport-security: max-age=31536000; preload
x-request-id: FqeL8C_qU3sogMoAILcC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 69d2eefd1e3a5bf5-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 56ms
33ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VEWJ1C78X1

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3908af568e6b74c8d7996e934f8a218f0e9339aed6fab592d86e21e46389fecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 20:03:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49855
x-xss-protection: 0
expires: Tue, 12 Oct 2021 20:03:47 GMT

GET
H/1.1 200
OK bundle.e23361064da1946097c6.css
benefits.legalactionfinder.com/l/2/ 29 KB
7 KB 87ms
86ms Stylesheet
text/css 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/bundle.e23361064da1946097c6.css?t=1629392969074
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c9e8dd51837bb64416c5f2cfef627fa087a584ce1c32e6a9b1de188d89b97b28

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Server: nginx
ETag: W/"613b02ca-75f1"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 12 Oct 2022 20:03:47 GMT

GET
H/1.1 200
OK logo.png
benefits.legalactionfinder.com/l/2/public/ 2 KB
3 KB 259ms
86ms Image
image/png 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefits.legalactionfinder.com/l/2/public/logo.png?v=etytuytiu
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 80a15f8c3dec732f606920d0a697da8d412741b8a859b1d90ef5423ab3daf37b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:47 GMT
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Server: nginx
ETag: "613b02ca-94f"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2383
Expires: Wed, 12 Oct 2022 20:03:47 GMT

GET
H/1.1 200
OK 7.575f80fd.chunk.js Show response
benefits.legalactionfinder.com/l/2/js/ 266 KB
266 KB 187ms
170ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/7.575f80fd.chunk.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f59300bf0133b9b9cbe1c364384b193cbbc63e6e9ccad6e102606f3c456f0a4a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:47 GMT
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Server: nginx
ETag: "613b02ca-4287f"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272511
Expires: Wed, 12 Oct 2022 20:03:47 GMT

GET
H/1.1 200
OK app.27309071.js Show response
benefits.legalactionfinder.com/l/2/js/ 356 KB
356 KB 345ms
172ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/app.27309071.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7268c96bc3affa536e4f78f98768cac256cef2d648be1b3232f174e25c48b754

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:47 GMT
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Server: nginx
ETag: "613b02ca-58f28"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 364328
Expires: Wed, 12 Oct 2022 20:03:47 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 76ms
41ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 20:03:47 GMT
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuk0TqQR9Y6h8a%2F56lb69yY7CouhK7bVwkE5G8Enzvzm9YSTlnUBEl3sRre134xWXtJBH1QYPPZPVAO3Z4w46v3lsHDo5grw%2FQ7DQkeZp6XFUyo8HBLBu8fe%2F5pb2DW8CsbXY3sJxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 69d2eefd89914126-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9pNcW-KQFbruslEpv6R8ZKxmBPjGuYgTftAfvzio0PDNdxr9rKxjQA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 75ms
40ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 20:03:47 GMT
via: 1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRyK5bQmopxXpkFnxrcq8TlrvGJd5Qo%2FETEgjmN6MMARxkqZzMAiiWtrF%2FLfFLbFo2Yq%2FXC%2FD8k82ZKgcTuGFoxEAOwXi4ZQecKX4NB4AMhBAgIZAeskH48Q5MB4yKvFbjVKZb5NfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 69d2eefd89924126-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: J4dduqTNnfjL4d-p4uOYUlr4XimU1tqfSuH6yWGgaMW5ZYr0S6BH7w==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 75ms
40ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 20:03:47 GMT
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNVkdwbu7wialtT3DNqTZc1twoOfXWzGaJfcoqDenUsRZ3Sqg8pPckyqE4XTC3Sh68xMnlAl0aYCQDuarawOObxucQir%2FFswi%2BDL%2BU9bqeMov4FowE66b592FFnl234r77k%2BRGtXrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 69d2eefd89934126-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: gx7oi8qOcylD7MngEW5S4UkIe-SNowOt2wrOe_8rupU-wEfQ0T6rgQ==

GET
H/1.1 200
OK banner.png
benefits.legalactionfinder.com/l/2/public/ 175 KB
175 KB 328ms
174ms Image
image/png 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefits.legalactionfinder.com/l/2/public/banner.png
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 74572f8daaf2baacd3b19367e15adf6dd7ea968371bf360bd8186fc32942e0f6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?ssid=269&s1=473707&s2=1100562855&s3=bpp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:47 GMT
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Server: nginx
ETag: "613b02ca-2bc2f"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179247
Expires: Wed, 12 Oct 2022 20:03:47 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 31ms
7ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 57039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 04:13:08 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 37ms
14ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 221041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 06:39:46 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
378 B 36ms
13ms Ping
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VEWJ1C78X1&gtm=2oeab0&_p=484988497&sr=1600x1200&ul=en-us&cid=437533688.1634069028&_s=1&dl=https%3A%2F%2Fbenefits.legalactionfinder.com%2Fl%2F2%2F%3Fssid%3D269%26s1%3D473707%26s2%3D1100562855%26s3%3Dbpp&dr=https%3A%2F%2Flaudypauty.com%2F&dt=Legal%20Action%20Finder&sid=1634069027&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VEWJ1C78X1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f142.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 20:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.legalactionfinder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l8emw37gkr Show response
push.smpush.com/scripts/push/script/ 7 KB
3 KB 453ms
415ms Script
application/javascript 104.21.76.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.legalactionfinder.com

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.27309071.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.76.201 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa8bbd9c96a72ca0669412b6de1193ca698718a3515b625a5972ef84c262a910

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 20:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Oct 2021 20:03:48 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FiRgLw1miQ2zEwXmDeUs8uIWTdiCHfdozcN4eO1Wzx5i5Au4cdgFPKv92dOa0vTIxo8XiN8IY0GazFKO8DRfpc1GR%2FdV%2F4D5AZMUD1UWLsOV4S7joG4IMfzK%2FVZ3sD1ZAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: max-age=14400, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 69d2ef01db1e27b8-PRG
expires: 0

GET
H/1.1 200
OK 0.8e9697e7.chunk.js Show response
benefits.legalactionfinder.com/l/2/js/ 57 KB
57 KB 87ms
86ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/0.8e9697e7.chunk.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.27309071.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 898253d49b4c53f6491958b70aabeb1291572ceee6dd2a24679f4032c89035b6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?s1=473707&s2=1100562855&s3=bpp&session_id=4835439b-b2c4-40f2-b8ed-649aac81f7a0&ssid=269
Cookie: _ga_VEWJ1C78X1=GS1.1.1634069027.1.0.1634069027.0; _ga=GA1.1.437533688.1634069028
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?s1=473707&s2=1100562855&s3=bpp&session_id=4835439b-b2c4-40f2-b8ed-649aac81f7a0&ssid=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:48 GMT
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Server: nginx
ETag: "613b02ca-e391"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58257
Expires: Wed, 12 Oct 2022 20:03:48 GMT

GET
H/1.1 200
OK 1.62e87b2f.chunk.js Show response
benefits.legalactionfinder.com/l/2/js/ 14 KB
15 KB 88ms
87ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/1.62e87b2f.chunk.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.27309071.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e9b15dc514226e2d492af3036f086300f7d0291602ddf2bb8a884c60f08d7a63

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?s1=473707&s2=1100562855&s3=bpp&session_id=4835439b-b2c4-40f2-b8ed-649aac81f7a0&ssid=269
Cookie: _ga_VEWJ1C78X1=GS1.1.1634069027.1.0.1634069027.0; _ga=GA1.1.437533688.1634069028
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?s1=473707&s2=1100562855&s3=bpp&session_id=4835439b-b2c4-40f2-b8ed-649aac81f7a0&ssid=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:48 GMT
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Server: nginx
ETag: "613b02ca-39ec"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14828
Expires: Wed, 12 Oct 2022 20:03:48 GMT

GET
H/1.1 200
OK 2.bundle.53cb28d9483e6ec6870a.css
benefits.legalactionfinder.com/l/2/ 15 KB
4 KB 86ms
85ms Stylesheet
text/css 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/2.bundle.53cb28d9483e6ec6870a.css?t=1629392969074
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.27309071.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9448252fac74838f18790d1b4fc02ea57064877f2ffacb24b7c5807d38e867a8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://benefits.legalactionfinder.com/l/2/?s1=473707&s2=1100562855&s3=bpp&session_id=4835439b-b2c4-40f2-b8ed-649aac81f7a0&ssid=269
Cookie: _ga_VEWJ1C78X1=GS1.1.1634069027.1.0.1634069027.0; _ga=GA1.1.437533688.1634069028
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?s1=473707&s2=1100562855&s3=bpp&session_id=4835439b-b2c4-40f2-b8ed-649aac81f7a0&ssid=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Server: nginx
ETag: W/"613b02ca-3db2"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 12 Oct 2022 20:03:48 GMT

GET
H/1.1 200
OK 2.a3c6ab23.chunk.js Show response
benefits.legalactionfinder.com/l/2/js/ 61 KB
61 KB 174ms
174ms Script
application/javascript 164.90.140.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.legalactionfinder.com/l/2/js/2.a3c6ab23.chunk.js
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/app.27309071.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 164.90.140.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e22ceedfe71cec64cac042863046cfceff0f9bcc59d8e29f9aea81601b175e61

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://benefits.legalactionfinder.com/l/2/?s1=473707&s2=1100562855&s3=bpp&session_id=4835439b-b2c4-40f2-b8ed-649aac81f7a0&ssid=269
Cookie: _ga_VEWJ1C78X1=GS1.1.1634069027.1.0.1634069027.0; _ga=GA1.1.437533688.1634069028
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/l/2/?s1=473707&s2=1100562855&s3=bpp&session_id=4835439b-b2c4-40f2-b8ed-649aac81f7a0&ssid=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:48 GMT
Last-Modified: Fri, 10 Sep 2021 07:01:30 GMT
Server: nginx
ETag: "613b02ca-f3ba"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62394
Expires: Wed, 12 Oct 2022 20:03:48 GMT

GET
H2 200 summary Show response
beacon.legalactionfinder.com/geo/ 120 B
569 B 288ms
93ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.legalactionfinder.com/geo/summary

Requested by

Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/7.575f80fd.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0392029954272b4dd64bd2efb8e1bf0b44e9c541f9d9b84fa9cd8b128292ed90

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 20:03:47 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
strict-transport-security: max-age=2592000
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

POST
H2 200 graphql Show response
api.benefit-relief.com/ 14 KB
4 KB 171ms
170ms XHR
application/json 104.21.35.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.benefit-relief.com/graphql
Requested by: Host: benefits.legalactionfinder.com
URL: https://benefits.legalactionfinder.com/l/2/js/7.575f80fd.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.35.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c7b4c24fe30113e6fa8d5af20ea90fcee29de8c903575e0099a4e3df4d620

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 12 Oct 2021 20:03:48 GMT
access-control-request-method: HEAD, GET, POST
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69d2ef0469f74114-PRG
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN3gGhfwaxEuKmYVoGvm4ipkbLYXy3WYtU46AftHr2NBN9vw0ykpdZM1gkt0OYjI5g9jTy08vyF6PPHBUs8%2FVzgdL%2BvD%2B4CITv%2Bys2m2lTfXGzyavW4eut8%2BgfD4raUH2TnrLrUeDbMZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-graphql-event-stream: /_postgraphile/stream
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, Content-Type, Content-Length

OPTIONS
H2 200 graphql
api.benefit-relief.com/ 0
0 174ms
125ms Preflight 104.21.35.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.benefit-relief.com/graphql
Protocol: H2
Server: 104.21.35.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://benefits.legalactionfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 12 Oct 2021 20:03:48 GMT
access-control-allow-origin: *
access-control-request-method: HEAD, GET, POST
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, Content-Type, Content-Length
x-graphql-event-stream: /_postgraphile/stream
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdB4ljj0ZkPdenZWuZfd9z3BRg0qjzqF1yIoEKrqSdFy1P2dnMntwWrfpN80mYVUpFOg8nzKUsGwmyalE5ZiK2Y%2F1Yt%2Fm53aehtOyh%2B%2BgQY340iKC2QwzfSlhuNS%2BsmpHD%2FQoE51%2BEWB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69d2ef03a96e4114-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK zvw17oyjk_1611762556078_Lawsuit_Winning_Round_Up_300x225.jpg
support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/ 29 KB
29 KB 50ms
10ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/zvw17oyjk_1611762556078_Lawsuit_Winning_Round_Up_300x225.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d76d0edb91bc45b2b98a6da1d4aa0b6f6dee013926bdd26aa18dc57432d2bc9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.legalactionfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 20:03:48 GMT
Connection: Keep-Alive
Last-Modified: Wed, 27 Jan 2021 15:49:16 GMT
x-amz-request-id: tx00000000000006bf823be-0061635888-1800930a-nyc3c
etag: "014a3bd4ea33d635ae79868dca00892f"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1634069028.dop102.fr8.t,1634069028.cds155.fr8.shn,1634069028.dop102.fr8.t,1634069028.cds103.fr8.c
Content-Type: image/jpeg
Cache-Control: max-age=436452
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 29303

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 36ms
14ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.legalactionfinder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 16:36:33 GMT
x-content-type-options: nosniff
age: 271635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 09 Oct 2022 16:36:33 GMT

POST
H3 200 l8emwpvgkr
event.smpush.com/register/event_log/ 0
0 429ms
406ms Fetch 104.21.76.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.smpush.com/register/event_log/l8emwpvgkr

Requested by

Host: push.smpush.com
URL: https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.legalactionfinder.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.76.201 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 12 Oct 2021 20:03:50 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdq8qgRjyr0hvK5KTzohPwBia2mHYOzQDL3KhODWIyOEnZBy4STdeiKpczJxHFmjJfN6DD7tUzg9l76vPziGCaAjc3XpO%2F4Baf2cb3QvtukIhxaRIRqEUTCBlxWpV5oZSfnn"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://benefits.legalactionfinder.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 69d2ef0dca172774-PRG
x-pushplatformapp-params

OPTIONS
H2 200 l8emwpvgkr
event.smpush.com/register/event_log/ 0
0 445ms
401ms Preflight 104.21.76.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.smpush.com/register/event_log/l8emwpvgkr
Protocol: H2
Server: 104.21.76.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://benefits.legalactionfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 12 Oct 2021 20:03:50 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://benefits.legalactionfinder.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tms9mXZFyDJ0WzEGDwQU5%2BTfV8gsqcwzhDEIqEQi6%2B%2Fr%2FiE5RpeSu9gXXGQmbVNJTJdbX65npZIHKFUhmWWBB0oQftrq0ZLzR91axgHZRlRV46HEbdl1ITLSTaazcBnz4tPr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69d2ef0b1c814113-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 l8emwpvgkr
event.smpush.com/register/event_log/ 0
0 428ms
405ms Fetch 104.21.76.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.smpush.com/register/event_log/l8emwpvgkr

Requested by

Host: push.smpush.com
URL: https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.legalactionfinder.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.76.201 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.legalactionfinder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 12 Oct 2021 20:03:50 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkagQUT8lUWOU3bUF4bDIC%2FGwLeZxlTU8MrcOt8y28jqUgNdqxjtnqB3MS0zKVbL4GD0yT7%2BRk9frWYHGB06hjO6gVEidJbnGsUr2%2BCcD9DAVPp%2BqZy2GfcpX0yvOQ00lG3i"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://benefits.legalactionfinder.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 69d2ef0dca162774-PRG
x-pushplatformapp-params

OPTIONS
H2 200 l8emwpvgkr
event.smpush.com/register/event_log/ 0
0 444ms
401ms Preflight 104.21.76.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.smpush.com/register/event_log/l8emwpvgkr
Protocol: H2
Server: 104.21.76.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://benefits.legalactionfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 12 Oct 2021 20:03:50 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://benefits.legalactionfinder.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnjnoSczQdQgPHq4MwYOVqdGepkgFBcvhcTvdaJ228Dq5JChLaXFa%2BgsShD8KOtwglXYgqxT3KS26NDu5TIG1%2F4k6BV9E6endZ%2B%2FCVle4GUWI%2BTMu5wxMjYvBsI7auFjwLAK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69d2ef0b1c824113-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
laudypauty.com/	1970-01-19 21:55:59	Name: uid15731 Value: 1100562855-20211012150346-12d121a094ab9adbf3ac8069e0701bbe-
.legalactionfinder.com/	1970-01-20 15:25:41	Name: _ga Value: GA1.1.437533688.1634069028
.legalactionfinder.com/	1970-01-20 15:25:41	Name: _ga_VEWJ1C78X1 Value: GS1.1.1634069027.1.1.1634069029.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://benefits.legalactionfinder.com/l/2/?s1=473707&s2=1100562855&s3=bpp&session_id=4835439b-b2c4-40f2-b8ed-649aac81f7a0&ssid=269#!/hst Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.benefit-relief.com
beacon.legalactionfinder.com
benefits.legalactionfinder.com
event.smpush.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
laudypauty.com
push.smpush.com
steinibergs.site
support-benefits.nyc3.cdn.digitaloceanspaces.com
www.google-analytics.com
www.googletagmanager.com
104.18.22.52
104.21.35.45
104.21.76.201
104.21.81.131
142.250.184.202
142.250.184.232
142.250.185.131
164.90.140.247
172.217.16.142
192.30.32.45
205.185.216.10
209.159.146.166
45.55.126.207
0392029954272b4dd64bd2efb8e1bf0b44e9c541f9d9b84fa9cd8b128292ed90
2a245d5316ce74ea8dea80f99838916f6d44d7724c7ba0d7fd2fffc9adda308c
3908af568e6b74c8d7996e934f8a218f0e9339aed6fab592d86e21e46389fecc
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7268c96bc3affa536e4f78f98768cac256cef2d648be1b3232f174e25c48b754
74572f8daaf2baacd3b19367e15adf6dd7ea968371bf360bd8186fc32942e0f6
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
80a15f8c3dec732f606920d0a697da8d412741b8a859b1d90ef5423ab3daf37b
898253d49b4c53f6491958b70aabeb1291572ceee6dd2a24679f4032c89035b6
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9448252fac74838f18790d1b4fc02ea57064877f2ffacb24b7c5807d38e867a8
a11057dabde9377622ba2cfdbd4f1732d5a9c6cfd1e076c53917e557daf4c18d
b2c541caebe0c03f12aaf91164c76174b26ceb91df7a64db114ddca4f50bfa94
c11c7b4c24fe30113e6fa8d5af20ea90fcee29de8c903575e0099a4e3df4d620
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c9e8dd51837bb64416c5f2cfef627fa087a584ce1c32e6a9b1de188d89b97b28
d76d0edb91bc45b2b98a6da1d4aa0b6f6dee013926bdd26aa18dc57432d2bc9f
e22ceedfe71cec64cac042863046cfceff0f9bcc59d8e29f9aea81601b175e61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b15dc514226e2d492af3036f086300f7d0291602ddf2bb8a884c60f08d7a63
f59300bf0133b9b9cbe1c364384b193cbbc63e6e9ccad6e102606f3c456f0a4a
fa8bbd9c96a72ca0669412b6de1193ca698718a3515b625a5972ef84c262a910
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

benefits.legalactionfinder.com Open in urlscan Pro 164.90.140.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

0 %IPv6

11 Domains

14 Subdomains

12 IPs

2 Countries

1127 kBTransfer

1331 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

benefits.legalactionfinder.com Open in urlscan Pro
164.90.140.247 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

12
IPs

2
Countries

1127 kB
Transfer

1331 kB
Size

3
Cookies

30 HTTP transactions
0 data transactions