benefits.deliveryassociatesonline.org Open in urlscan Pro
167.71.180.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dlivry.info/x/a6G32B6E103IIR
Effective URL:
https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
Submission: On March 07 via manual (March 7th 2022, 4:53:45 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 41 HTTP transactions. The main IP is 167.71.180.156, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is benefits.deliveryassociatesonline.org.
TLS certificate: Issued by R3 on January 10th 2022. Valid for: 3 months.

This is the only time benefits.deliveryassociatesonline.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.135.127.60 64.135.127.60	13645 (BROADBANDONE) (BROADBANDONE)
9	167.71.180.156 167.71.180.156	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
9	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3030::ac43:c831	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	162.243.189.2 162.243.189.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
41	13

1 64.135.127.60 (North Miami Beach, United States) 1 redirects

ASN13645 (BROADBANDONE, US)

dlivry.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 167.71.180.156 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

benefits.deliveryassociatesonline.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hostandpost.rputools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:c831 (United States)

ASN13335 (CLOUDFLARENET, US)

push.smpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.smpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.deliveryassociatesonline.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.243.189.2 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nyc3.digitaloceanspaces.com

support-benefits.nyc3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

thanos-assets.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

support-benefits.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	deliveryassociatesonline.org benefits.deliveryassociatesonline.org beacon.deliveryassociatesonline.org	930 KB
7	digitaloceanspaces.com support-benefits.nyc3.digitaloceanspaces.com — Cisco Umbrella Rank: 785516 thanos-assets.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 585810 support-benefits.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 568304	367 KB
6	rputools.com hostandpost.rputools.com — Cisco Umbrella Rank: 626706	987 B
5	smpush.com push.smpush.com — Cisco Umbrella Rank: 154647 event.smpush.com — Cisco Umbrella Rank: 117036	3 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1590 ka-f.fontawesome.com — Cisco Umbrella Rank: 2959	23 KB
2	gstatic.com fonts.gstatic.com	45 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	378 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	63 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	dlivry.info 1 redirects dlivry.info	222 B
41	10

	Domain	Requested by
9	benefits.deliveryassociatesonline.org	benefits.deliveryassociatesonline.org
6	hostandpost.rputools.com	benefits.deliveryassociatesonline.org
5	support-benefits.nyc3.digitaloceanspaces.com	benefits.deliveryassociatesonline.org
4	event.smpush.com	push.smpush.com
3	beacon.deliveryassociatesonline.org	benefits.deliveryassociatesonline.org
3	ka-f.fontawesome.com	kit.fontawesome.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com
1	support-benefits.nyc3.cdn.digitaloceanspaces.com	benefits.deliveryassociatesonline.org
1	thanos-assets.nyc3.cdn.digitaloceanspaces.com	benefits.deliveryassociatesonline.org
1	push.smpush.com	benefits.deliveryassociatesonline.org
1	www.googletagmanager.com	benefits.deliveryassociatesonline.org
1	kit.fontawesome.com	benefits.deliveryassociatesonline.org
1	fonts.googleapis.com	benefits.deliveryassociatesonline.org
1	dlivry.info	1 redirects
41	15

This site contains links to these domains. Also see Links.

Domain
www.deliveryassociatesonline.org

Subject Issuer	Validity	Valid
benefits.deliveryassociatesonline.org R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh
beacon.deliveryassociatesonline.org R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.nyc3.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-22` - `2022-05-23`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
Frame ID: 5019BC7009301FC2269F18050F6927C6
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Delivery Associate Onlinemap_icon

Page URL History Show full URLs

https://dlivry.info/x/a6G32B6E103IIR HTTP 302
https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

41
Requests

98 %
HTTPS

54 %
IPv6

10
Domains

15
Subdomains

13
IPs

2
Countries

1435 kB
Transfer

1672 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.deliveryassociatesonline.org/mobile-terms-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.deliveryassociatesonline.org/mobile-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.deliveryassociatesonline.org/contact/
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dlivry.info/x/a6G32B6E103IIR HTTP 302
https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
benefits.deliveryassociatesonline.org/l/3/
Redirect Chain

https://dlivry.info/x/a6G32B6E103IIR
https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww

7 KB
3 KB

317ms
100ms

Document
text/html

167.71.180.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.71.180.156 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e2cdbded398c2c700569604c1f9cd2dbd8538aca66b6cc4e642cc86aba715687

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Mon, 07 Mar 2022 16:53:38 GMT
Content-Type: text/html
Last-Modified: Thu, 24 Feb 2022 11:05:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62176667-1d0d"
Content-Encoding: gzip

Redirect headers

cache-control: no-cache
content-length: 0
date: Mon, 07 Mar 2022 16:53:37 GMT
location: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
pragma: no-cache
server: Cowboy

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 138ms
53ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Requested by

Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cde73a5f7f3e74bbca676d74139e9142a83fde2c57b0abfb4bad3eb2c7b35527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 16:53:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 16:53:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 16:53:38 GMT

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 11 KB
4 KB 74ms
31ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/268a7048dd.js

Requested by

Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:38 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6e84d9318d6292b4-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fs16Kq0snF7JT8MzknSi

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
63 KB 140ms
55ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5T6QHTBBK4

Requested by

Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34190aa02aaba81f5d73e7a24a30d9e905c4e6ae24b4348427231069fe23d7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64473
x-xss-protection: 0
expires: Mon, 07 Mar 2022 16:53:38 GMT

GET
H/1.1 200
OK bundle.565e1e79bb190501420d.css
benefits.deliveryassociatesonline.org/l/3/ 32 KB
7 KB 99ms
98ms Stylesheet
text/css 167.71.180.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.deliveryassociatesonline.org/l/3/bundle.565e1e79bb190501420d.css?t=1645700679256
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.71.180.156 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2148ff587c86f5226275e65e7c143e0df18d773fefe76799771fcf3609b723be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 11:05:11 GMT
Server: nginx
ETag: W/"62176667-816f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 07 Mar 2023 16:53:38 GMT

GET
H/1.1 200
OK 7.4491e4e2.chunk.js Show response
benefits.deliveryassociatesonline.org/l/3/js/ 307 KB
307 KB 289ms
189ms Script
application/javascript 167.71.180.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.deliveryassociatesonline.org/l/3/js/7.4491e4e2.chunk.js
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.71.180.156 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f19096149c013afd5627d89d860ecbc372431ebb4d92b58c9a94dca42bd0887f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:38 GMT
Last-Modified: Thu, 24 Feb 2022 11:05:11 GMT
Server: nginx
ETag: "62176667-4cb39"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 314169
Expires: Tue, 07 Mar 2023 16:53:38 GMT

GET
H/1.1 200
OK app.388bae54.js Show response
benefits.deliveryassociatesonline.org/l/3/js/ 429 KB
429 KB 367ms
183ms Script
application/javascript 167.71.180.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.deliveryassociatesonline.org/l/3/js/app.388bae54.js
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.71.180.156 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4fdd0ed9d1decdc8387bda86f3b7c03e91c5e64c7a36d0499cb3cf1ee09e729a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/l/3/?wid=76c8bfe8-6888-4531-b270-c38ad1cad679&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:38 GMT
Last-Modified: Thu, 24 Feb 2022 11:05:11 GMT
Server: nginx
ETag: "62176667-6b3a1"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 439201
Expires: Tue, 07 Mar 2023 16:53:38 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 74ms
40ms Fetch
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:38 GMT
via: 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWvJJgZI8kQnopzJeIRmJrfTn3W%2F1MCQESWzlAiflMT8BVu7vHfCBoszHGWBXHnaoqKNC4zxNQO1UyyQabA86RkQmtXoy4rsMC0HT29%2B0B9WQ%2B3Q9ykHagZj%2Bi1dZtTD%2Fw86NmVqPR7af56idB2LZKMv3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6e84d931fb4b5c85-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cRhtjFbTf6TohGixkirZBxqYkvI6wFQevWaNV2NP6jIbm-mxlHkxMQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 70ms
36ms Fetch
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:38 GMT
via: 1.1 3542cbb3a5773810405fca7ba271be44.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNSFX5miS1EsabvoMGjMJu6bGaZGvg5CnILMNE7%2F0Vi0yQ%2BFuMzAg094Spk0aDl8ydc2CzplzV3pfzxrGqJMdxhgGIRjMTI%2B2dstuUCpI6j1i7e%2B2qINlhhIyUFdhDcCcGbOLpCGSchPl%2Fmv1qhKrU1gOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6e84d931fb545c85-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: q9AL_Y-F3x_HgdWZjgXFCIUWxHf35X7fjQLMB0dvOsw8vDh4Tiqv0w==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 88ms
54ms Fetch
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:38 GMT
via: 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7pUbrFwacwOd68gpV0lSPWThiBgKuw1jF1PWaVJivacTmqbDLsjESmoHDcoaUKnQdCP%2BfsTp9rdr%2F%2Bzy3zQxD%2B4rLROSluzX5g1wzgpJqiWvUdFV%2BusreGd%2BMNxj7QhSmOOmBJBaAP7aoJ3%2Bk1OP4D0JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6e84d931fb515c85-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: nnxx8HVX1Mo9mGXai8uCGYrqLLeYG5uHEzZw6Jk8G-RY2zIDLMOFdA==

POST
H2 204 collect
www.google-analytics.com/g/ 0
361 B 136ms
43ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5T6QHTBBK4&gtm=2oe320&_p=375709456&_z=ccd.B&cid=1135313265.1646672018&ul=en-us&sr=1600x1200&_s=1&sid=1646672018&sct=1&seg=0&dl=https%3A%2F%2Fbenefits.deliveryassociatesonline.org%2Fl%2F3%2F%3Fwid%3D76c8bfe8-6888-4531-b270-c38ad1cad679%26affid%3D71ZT%26s1%3Dnull%26s2%3Da6g32b6e103iir%26s3%3Ddaww&dt=Delivery%20Associate%20Online&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5T6QHTBBK4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 16:53:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.deliveryassociatesonline.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l8emw37gkr Show response
push.smpush.com/scripts/push/script/ 7 KB
3 KB 1084ms
957ms Script
application/javascript 2606:4700:3030::ac43:c831
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.deliveryassociatesonline.org

Requested by

Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/app.388bae54.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a93ef2e6cf4a7953958679d92c514b29942946f54bee7c80b4961efa36480dc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Mar 2022 16:53:39 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUSX888lfWxWNwNHlaNkHxWI0tQHFQStY%2FGHigSQ0It4gox4POhMtnV1nufHbgrYH575NN0fGVzjPq4lNqvjyIet6KciLcZs2VNzJLQRoLeBBIe%2FwEsTOPq7nB7W5HiWDmHuWYnXgUdxrZzJSpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: max-age=14400, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 6e84d9370dbd9b70-FRA
expires: 0

GET
H2 200 summary Show response
beacon.deliveryassociatesonline.org/geo/ 121 B
570 B 428ms
110ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.deliveryassociatesonline.org/geo/summary

Requested by

Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/7.4491e4e2.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f2b543cb66ddd44f2afa7979d1e3345efdf5f5e890c4b6757812af570bd0b2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.deliveryassociatesonline.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:38 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
strict-transport-security: max-age=2592000
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2 200 76c8bfe8-6888-4531-b270-c38ad1cad679 Show response
beacon.deliveryassociatesonline.org/t/ 10 KB
3 KB 446ms
129ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.deliveryassociatesonline.org/t/76c8bfe8-6888-4531-b270-c38ad1cad679?affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&wid=76c8bfe8-6888-4531-b270-c38ad1cad679

Requested by

Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/7.4491e4e2.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

abedaf431910bcb0d97df79619ec10bb8286be80b082d38ed7ad0a29db5b7fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.deliveryassociatesonline.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:38 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
strict-transport-security: max-age=2592000
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H/1.1 200
OK 0.51974ceb.chunk.js Show response
benefits.deliveryassociatesonline.org/l/3/js/ 39 KB
40 KB 96ms
96ms Script
application/javascript 167.71.180.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.deliveryassociatesonline.org/l/3/js/0.51974ceb.chunk.js
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/app.388bae54.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.71.180.156 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e9fb7bf8e67b56779e114c4837a9dff46fecaab0d351b006d09382fb0393238

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/l/3/?affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&wid=76c8bfe8-6888-4531-b270-c38ad1cad679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:39 GMT
Last-Modified: Thu, 24 Feb 2022 11:05:11 GMT
Server: nginx
ETag: "62176667-9ce6"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40166
Expires: Tue, 07 Mar 2023 16:53:39 GMT

GET
H/1.1 200
OK 1.f50842af.chunk.js Show response
benefits.deliveryassociatesonline.org/l/3/js/ 15 KB
15 KB 98ms
97ms Script
application/javascript 167.71.180.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.deliveryassociatesonline.org/l/3/js/1.f50842af.chunk.js
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/app.388bae54.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.71.180.156 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f2e8e61d98f0266157e4f91fe10fbdd05fdc5ddc7a836559ae86b485b7689de3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/l/3/?affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&wid=76c8bfe8-6888-4531-b270-c38ad1cad679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:39 GMT
Last-Modified: Thu, 24 Feb 2022 11:05:11 GMT
Server: nginx
ETag: "62176667-3afa"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15098
Expires: Tue, 07 Mar 2023 16:53:39 GMT

GET
H/1.1 200
OK 2.bundle.2b0d903866879c32eb61.css
benefits.deliveryassociatesonline.org/l/3/ 16 KB
4 KB 108ms
107ms Stylesheet
text/css 167.71.180.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.deliveryassociatesonline.org/l/3/2.bundle.2b0d903866879c32eb61.css?t=1645700679256
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/app.388bae54.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.71.180.156 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f78681ef82ddd9d42a81674ccd37fda2c7925629fb93dc211acf73a5f718c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/l/3/?affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&wid=76c8bfe8-6888-4531-b270-c38ad1cad679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 11:05:11 GMT
Server: nginx
ETag: W/"62176667-3e4d"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 07 Mar 2023 16:53:39 GMT

GET
H/1.1 200
OK 2.6e1fa77a.chunk.js Show response
benefits.deliveryassociatesonline.org/l/3/js/ 63 KB
64 KB 197ms
101ms Script
application/javascript 167.71.180.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.deliveryassociatesonline.org/l/3/js/2.6e1fa77a.chunk.js
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/app.388bae54.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.71.180.156 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f05f313a094544db728f32ba064ed85a93e0decb889db1e32cd18042ac2d8783

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/l/3/?affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&wid=76c8bfe8-6888-4531-b270-c38ad1cad679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:39 GMT
Last-Modified: Thu, 24 Feb 2022 11:05:11 GMT
Server: nginx
ETag: "62176667-fd0f"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64783
Expires: Tue, 07 Mar 2023 16:53:39 GMT

GET
H2 200 76c8bfe8-6888-4531-b270-c38ad1cad679 Show response
beacon.deliveryassociatesonline.org/t/ 10 KB
3 KB 134ms
134ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/7.4491e4e2.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

abedaf431910bcb0d97df79619ec10bb8286be80b082d38ed7ad0a29db5b7fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.deliveryassociatesonline.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
strict-transport-security: max-age=2592000
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H/1.1 200
OK background.jpg
benefits.deliveryassociatesonline.org/l/3/public/ 54 KB
54 KB 93ms
93ms Image
image/jpeg 167.71.180.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://benefits.deliveryassociatesonline.org/l/3/public/background.jpg
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/bundle.565e1e79bb190501420d.css?t=1645700679256
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.71.180.156 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 17da68c77bbd31d52720b81bc0b37d31c9efd38c7bd8d81a15a42fbd63a84ca6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/l/3/bundle.565e1e79bb190501420d.css?t=1645700679256
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:39 GMT
Last-Modified: Thu, 24 Feb 2022 11:05:11 GMT
Server: nginx
ETag: "62176667-d861"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55393
Expires: Tue, 07 Mar 2023 16:53:39 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 22 KB
22 KB 174ms
77ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.deliveryassociatesonline.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:48:01 GMT
x-content-type-options: nosniff
age: 421538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 19:48:01 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 134ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Poppins:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.deliveryassociatesonline.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 422541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:31:18 GMT

GET
H/1.1 200
OK kwt72rcjn_1606164131481_420x200.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 34 KB
34 KB 388ms
188ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/kwt72rcjn_1606164131481_420x200.jpg

Requested by

Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/?affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&wid=76c8bfe8-6888-4531-b270-c38ad1cad679

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

01533f2f0634d14d21f9986a54b44fff7acac14df9586a68f56d81c0ba5cc826

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
last-modified: Mon, 23 Nov 2020 20:42:12 GMT
x-amz-request-id: tx0000000000000169af29a-0062263893-2be38d33-nyc3c
etag: "b5cda0a74c21ad74c2f2c1f937f70446"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/jpeg
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 34494

GET
H/1.1 200
OK 6jxnch5qh_1606162713822_420x200.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 23 KB
23 KB 391ms
191ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/6jxnch5qh_1606162713822_420x200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

fa19212bd9ead632bf886ed1c00c615f6a4174f5444f80f77ccc0f65019b8a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
last-modified: Mon, 23 Nov 2020 20:18:33 GMT
x-amz-request-id: tx000000000000016a49941-0062263893-2be473bb-nyc3c
etag: "bd684285c3008beccb3c458d5c8f6dea"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/jpeg
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 23077

GET
H/1.1 200
OK 0cb2e0855b1e31da93433a018fd49ef3imgpsh_fullsize_anim%20(2).jpg
thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/ 82 KB
83 KB 576ms
500ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thanos-assets.nyc3.cdn.digitaloceanspaces.com/tenants/7/0cb2e0855b1e31da93433a018fd49ef3imgpsh_fullsize_anim%20(2).jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

18c2073d10c98bf8ab5da14e0bc54aee2b2433323035031fa69ab78a36b249f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:40 GMT
Connection: Keep-Alive
Last-Modified: Fri, 21 Jan 2022 17:20:54 GMT
x-amz-request-id: tx000000000000016a49a17-0062263894-2be473bb-nyc3c
etag: "7fd9f0a3971fe6d0548670737811a4d8"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1646672019.dop005.am5.t,1646672019.cds261.am5.shn,1646672019.dop005.am5.t,1646672020.cds133.am5.pr
Content-Type: image/jpeg
Cache-Control: max-age=600
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 84198

GET
H/1.1 200
OK ujiziik6y_1609779978528_BidenCare_420x200.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 22 KB
23 KB 394ms
194ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/ujiziik6y_1609779978528_BidenCare_420x200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

4e4844ebefd7184383506ff86a89901aa0784e9f255e3da7f89d3b0f3d9331c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
last-modified: Mon, 04 Jan 2021 17:06:20 GMT
x-amz-request-id: tx0000000000000169faf1d-0062263893-2be2b299-nyc3c
etag: "95d0f71dfc040a6fe4fa7632a982f5e7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/jpeg
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 22790

GET
H/1.1 200
OK 6y7nsjejw_1607097276401_Charmin_420x200.jpg
support-benefits.nyc3.digitaloceanspaces.com/banner/ 35 KB
35 KB 393ms
193ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/banner/6y7nsjejw_1607097276401_Charmin_420x200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

8dc46ad51dee3717bc4dc15e822c57dde2f76f29394b190814274503d7361227

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
last-modified: Fri, 04 Dec 2020 15:54:37 GMT
x-amz-request-id: tx000000000000016a91332-0062263893-2be26abb-nyc3c
etag: "fadd1d73cfd20f0e2086033d39cbeceb"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/jpeg
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 35758

GET
H/1.1 200
OK 01exz0gn8_1624368082705_GetItFree-Lowes_420x200.jpg
support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/ 110 KB
111 KB 83ms
22ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.cdn.digitaloceanspaces.com/banner/01exz0gn8_1624368082705_GetItFree-Lowes_420x200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

aaac93bce07c174b609648837d20650e20db76ef4782bc1be621bc1d396f5659

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 16:53:39 GMT
Connection: Keep-Alive
Last-Modified: Tue, 22 Jun 2021 13:21:22 GMT
x-amz-request-id: tx000000000000012e76b59-006224a24e-2be2b299-nyc3c
etag: "62bf4af18e27af1f8a4cb1cf4bc9b809"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1646672019.dop111.am5.t,1646672019.cds203.am5.shn,1646672019.dop111.am5.t,1646672019.cds267.am5.c
Content-Type: image/jpeg
Cache-Control: max-age=500795
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 112552

GET
H/1.1 200
OK 6zk0t9r79_1560524044714_AHR_HHI_580x323.jpg
support-benefits.nyc3.digitaloceanspaces.com/ahr/ 58 KB
58 KB 408ms
205ms Image
image/jpeg 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-benefits.nyc3.digitaloceanspaces.com/ahr/6zk0t9r79_1560524044714_AHR_HHI_580x323.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

46fde54f614bc3980ce321a08f8fe42fa25568a2985e7b498165be19ab43f97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benefits.deliveryassociatesonline.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
last-modified: Fri, 14 Jun 2019 14:54:04 GMT
x-amz-request-id: tx000000000000016a49947-0062263893-2be473bb-nyc3c
etag: "114d4e0d0fc80886941fa1df8b366302"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/jpeg
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 59396

OPTIONS
H2 200 pending
hostandpost.rputools.com/api/queue/ 0
0 167ms
121ms Preflight
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&domain=benefits.deliveryassociatesonline.org&age=&day=monday&hour=16&utchour=16&utcday=monday&uuid=9c210e07-0b32-4ba8-b2d1-440e12eacd43&folder=l3/&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&zip=60326&dzip=60326&state=HE&dstate=HE&statename=Hesse&dstatename=Hesse&ip=185.213.155.165&country=DE&email_signup_url=&cid=8ff476b8-cf7c-4795-9574-55dc89af629b&trackingUrl=http://hardship-recovery.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://benefits.deliveryassociatesonline.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type, session_id
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BcgJLYQ6nd%2BR0ST%2FkQ5K0Ix0kCIOobUBZ1hlSXDCUF0oOJAtJEY1BmKCFDZf5so3ueEh6D9jIjjR8JiLnms6CI1HO83KEV9LiX1PuwBKGfhkhiL3BaBWFH6Sy2zQACh6%2B%2BGDCrEqsAHXrAUfLN3vWvVojY0hQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e84d93bcfd26945-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 pending
hostandpost.rputools.com/api/queue/ 0
0 168ms
128ms Preflight
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&domain=benefits.deliveryassociatesonline.org&age=&day=monday&hour=16&utchour=16&utcday=monday&uuid=9c210e07-0b32-4ba8-b2d1-440e12eacd43&folder=l3/&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&zip=60326&dzip=60326&state=HE&dstate=HE&statename=Hesse&dstatename=Hesse&ip=185.213.155.165&country=DE&email_signup_url=&cid=bae7cb31-9530-4112-81a6-35e83506f62d&trackingUrl=http://hardship-recovery.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://benefits.deliveryassociatesonline.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type, session_id
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XDC8NfiJEeAe38nE8JDA5GfzyfHU6VhhNfO%2BB9GrnX5IZa6KYsjEGB9Nkcf%2F05uJT0kQP%2BHZK1Y8KlEyfHjXKfkxLExZW8w7ql%2FmovDnhr98Lar3gRp4Bk6quSoCpCK76yJAZsGePTs43KWebnPnCWBg7R8Rp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e84d93bcfd36945-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pending Show response
hostandpost.rputools.com/api/queue/ 19 B
329 B 288ms
287ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&domain=benefits.deliveryassociatesonline.org&age=&day=monday&hour=16&utchour=16&utcday=monday&uuid=9c210e07-0b32-4ba8-b2d1-440e12eacd43&folder=l3/&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&zip=60326&dzip=60326&state=HE&dstate=HE&statename=Hesse&dstatename=Hesse&ip=185.213.155.165&country=DE&email_signup_url=&cid=8ff476b8-cf7c-4795-9574-55dc89af629b&trackingUrl=http://hardship-recovery.com
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/7.4491e4e2.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.deliveryassociatesonline.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Mon, 07 Mar 2022 16:53:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJX%2F%2F6hjl%2F%2Bsqr4%2Bsvt%2FkIWx62cVTJUb3yCjZLySQ3qbE%2F%2B145TLgw7O0htt6t1O5%2BcONaeNGzHKdIWxdQC%2BU5%2BlAOGtECW%2FgAcCzXcJdE8AYib9BFG3jG91F97bOXJ1ZPN2Txjt%2BzzEAty8jyqgiKC4kEyhtZM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e84d93c89306945-FRA
access-control-allow-headers: Content-Type, session_id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pending Show response
hostandpost.rputools.com/api/queue/ 19 B
318 B 277ms
276ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&domain=benefits.deliveryassociatesonline.org&age=&day=monday&hour=16&utchour=16&utcday=monday&uuid=9c210e07-0b32-4ba8-b2d1-440e12eacd43&folder=l3/&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&zip=60326&dzip=60326&state=HE&dstate=HE&statename=Hesse&dstatename=Hesse&ip=185.213.155.165&country=DE&email_signup_url=&cid=bae7cb31-9530-4112-81a6-35e83506f62d&trackingUrl=http://hardship-recovery.com
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/7.4491e4e2.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.deliveryassociatesonline.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Mon, 07 Mar 2022 16:53:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKXvudHbNAxid4DwwTKR4BGB6xdvPaFVJdwQlKnSW2tB8%2FGRl5Cs8%2FtBJSf5Ca6eSwsGXZz0hZqHxGw68gY3fvN8cbS2gDDbiXVbGrD9kIdbyIIJu9iPyHdAgZxO%2BaINmZVync%2Bv%2BZ8WnK2dRRj5jBbguWRUuoo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e84d93c893d6945-FRA
access-control-allow-headers: Content-Type, session_id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pending Show response
hostandpost.rputools.com/api/queue/ 19 B
340 B 282ms
281ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&domain=benefits.deliveryassociatesonline.org&age=&day=monday&hour=16&utchour=16&utcday=monday&uuid=9c210e07-0b32-4ba8-b2d1-440e12eacd43&folder=l3/&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&zip=60326&dzip=60326&state=HE&dstate=HE&statename=Hesse&dstatename=Hesse&ip=185.213.155.165&country=DE&email_signup_url=&cid=eeea2710-c26e-4f2b-86bc-405159b19336&trackingUrl=http://hardship-recovery.com
Requested by: Host: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/l/3/js/7.4491e4e2.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://benefits.deliveryassociatesonline.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Mon, 07 Mar 2022 16:53:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFcUZ8YDa1am3L6VUpbsx2EGM%2FL6OeBorUvcuiJhnuyDptZMbrVu8NoOQXlRghueXinkJ%2BmP6vvjqZmuVZjrMx7PsFs5u9rs0ZmiOheikFhC9zaGQHzYNdIj%2B%2BYxgSouf5IMRoJ3Uq%2B7FjUHM0cGIevVCclXzAU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e84d93c892f6945-FRA
access-control-allow-headers: Content-Type, session_id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 pending
hostandpost.rputools.com/api/queue/ 0
0 158ms
120ms Preflight
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostandpost.rputools.com/api/queue/pending?campaign_id=523&affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&wid=76c8bfe8-6888-4531-b270-c38ad1cad679&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&domain=benefits.deliveryassociatesonline.org&age=&day=monday&hour=16&utchour=16&utcday=monday&uuid=9c210e07-0b32-4ba8-b2d1-440e12eacd43&folder=l3/&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&zip=60326&dzip=60326&state=HE&dstate=HE&statename=Hesse&dstatename=Hesse&ip=185.213.155.165&country=DE&email_signup_url=&cid=eeea2710-c26e-4f2b-86bc-405159b19336&trackingUrl=http://hardship-recovery.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://benefits.deliveryassociatesonline.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 16:53:39 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type, session_id
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNI3EUZKxUFuazkmBXl3Q11yR%2B20elxuXjHCJGykRDCrlUovjpuPFQPsrH3PW46vABxRYgUmwIH22DACDLnTU65lOHZ1PnmVALAe5bYiwdUmcSZou6ldy0JYFIXS%2FrZHPXeQxQzijudoZwKlvV%2BbetqCm7NtBEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e84d93bcfd46945-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET service-worker.js
benefits.deliveryassociatesonline.org/ 0
0

POST
H3 200 z0grpzodx9
event.smpush.com/register/event_log/ 0
0 402ms
385ms Fetch 2606:4700:3030::ac43:c831
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.smpush.com/register/event_log/z0grpzodx9

Requested by

Host: push.smpush.com
URL: https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.deliveryassociatesonline.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.deliveryassociatesonline.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 07 Mar 2022 16:53:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biJ%2FHJeJTwzD8ErCUj%2BlTGjwBDkRU%2FCBWs8EHgBP8bnuk9CDIs9HlPhh0rlzA%2FFe24rnWpWOk71UvrnCIvvtAcB%2B1kKKesEZEcJkSIOkbC9jvC2v%2Fhc81WGm5v3as4aeE0T8OdmTHdDMRss1UfBi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://benefits.deliveryassociatesonline.org
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 6e84d9482d016927-FRA
x-pushplatformapp-params

OPTIONS
H2 200 z0grpzodx9
event.smpush.com/register/event_log/ 0
0 400ms
371ms Preflight 2606:4700:3030::ac43:c831
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.smpush.com/register/event_log/z0grpzodx9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://benefits.deliveryassociatesonline.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 16:53:41 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://benefits.deliveryassociatesonline.org
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxbVKj9bV5I0dafhC92VNdHL2Bd0zNBIN7vCX4IKswbPEUSORIDwEBaKgPsvQnbogJGtyS9xmI%2B5CdHFH5y0c%2FI1e0KsVSe9KX9M4ZJrcm3R95K8bQauDrF6GNeY7Gf6zkFFF2p%2F%2Bzx9GMaHdsqT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e84d945cd75699b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 z0grpzodx9
event.smpush.com/register/event_log/ 0
0 384ms
384ms Fetch 2606:4700:3030::ac43:c831
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.smpush.com/register/event_log/z0grpzodx9

Requested by

Host: push.smpush.com
URL: https://push.smpush.com/scripts/push/script/l8emw37gkr?url=benefits.deliveryassociatesonline.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.deliveryassociatesonline.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 07 Mar 2022 16:53:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A96HOvpPkxZzHkTdxCfhre77cgXsCjD7zkxtlMEZpc1%2BJ82DasvJHdsXVu9fNZ%2BvbtnbAAm3nH8GBsfd8VcsSLQbifBxKfPRd3aBN0i0IU%2BJ62QIoyUW7Z8JyApmRt93NWPS56og2joacze7MYQh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://benefits.deliveryassociatesonline.org
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 6e84d9489dc06927-FRA
x-pushplatformapp-params

OPTIONS
H2 200 z0grpzodx9
event.smpush.com/register/event_log/ 0
0 476ms
450ms Preflight 2606:4700:3030::ac43:c831
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.smpush.com/register/event_log/z0grpzodx9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://benefits.deliveryassociatesonline.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 16:53:41 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://benefits.deliveryassociatesonline.org
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N49I8%2FUq1pqGRrapncpsyG8levhnq4hYAxrDIpoc%2BqzhzgjEzojeNM1hITxpJU3g%2Fi7kWkbxVh%2BUumuhEKsxbZko%2FNAfmaoQkldvEMMhh9spMz0T%2BxKF0WykUxWvBi20WlBy%2Fo4vSaVkD3lzzsTs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e84d945cd7c699b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 122ms
61ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5T6QHTBBK4&gtm=2oe320&_p=375709456&_z=ccd.B&cid=1135313265.1646672018&ul=en-us&sr=1600x1200&sid=1646672018&sct=1&seg=0&dl=https%3A%2F%2Fbenefits.deliveryassociatesonline.org%2Fl%2F3%2F%3Faffid%3D71ZT%26s1%3Dnull%26s2%3Da6g32b6e103iir%26s3%3Ddaww%26session_id%3Daf9164e0-970c-44db-9dd1-22f15d2b567a%26wid%3D76c8bfe8-6888-4531-b270-c38ad1cad679&dt=Delivery%20Associate%20Online&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5T6QHTBBK4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://benefits.deliveryassociatesonline.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 16:53:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://benefits.deliveryassociatesonline.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: benefits.deliveryassociatesonline.org
URL: https://benefits.deliveryassociatesonline.org/service-worker.js

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.deliveryassociatesonline.org/	1970-01-20 18:55:44	Name: _ga Value: GA1.1.1135313265.1646672018
			.deliveryassociatesonline.org/	1970-01-20 18:55:44	Name: _ga_5T6QHTBBK4 Value: GS1.1.1646672018.1.1.1646672020.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://benefits.deliveryassociatesonline.org/l/3/?affid=71ZT&s1=null&s2=a6g32b6e103iir&s3=daww&session_id=af9164e0-970c-44db-9dd1-22f15d2b567a&wid=76c8bfe8-6888-4531-b270-c38ad1cad679#!/hst Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.deliveryassociatesonline.org
benefits.deliveryassociatesonline.org
dlivry.info
event.smpush.com
fonts.googleapis.com
fonts.gstatic.com
hostandpost.rputools.com
ka-f.fontawesome.com
kit.fontawesome.com
push.smpush.com
support-benefits.nyc3.cdn.digitaloceanspaces.com
support-benefits.nyc3.digitaloceanspaces.com
thanos-assets.nyc3.cdn.digitaloceanspaces.com
www.google-analytics.com
www.googletagmanager.com
benefits.deliveryassociatesonline.org
162.243.189.2
167.71.180.156
205.185.216.10
205.185.216.42
2606:4700:3030::ac43:c831
2606:4700::6812:1634
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2008
2a06:98c1:3121::7
45.55.126.207
64.135.127.60
01533f2f0634d14d21f9986a54b44fff7acac14df9586a68f56d81c0ba5cc826
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
17da68c77bbd31d52720b81bc0b37d31c9efd38c7bd8d81a15a42fbd63a84ca6
18c2073d10c98bf8ab5da14e0bc54aee2b2433323035031fa69ab78a36b249f6
2148ff587c86f5226275e65e7c143e0df18d773fefe76799771fcf3609b723be
2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366
34190aa02aaba81f5d73e7a24a30d9e905c4e6ae24b4348427231069fe23d7ba
46fde54f614bc3980ce321a08f8fe42fa25568a2985e7b498165be19ab43f97c
4e4844ebefd7184383506ff86a89901aa0784e9f255e3da7f89d3b0f3d9331c2
4fdd0ed9d1decdc8387bda86f3b7c03e91c5e64c7a36d0499cb3cf1ee09e729a
68e26b8b9bb82ac6bb487da621b57c91d86a334e163e543ae61e9a1cfeebb9d2
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8dc46ad51dee3717bc4dc15e822c57dde2f76f29394b190814274503d7361227
8e9fb7bf8e67b56779e114c4837a9dff46fecaab0d351b006d09382fb0393238
a93ef2e6cf4a7953958679d92c514b29942946f54bee7c80b4961efa36480dc6
aaac93bce07c174b609648837d20650e20db76ef4782bc1be621bc1d396f5659
abedaf431910bcb0d97df79619ec10bb8286be80b082d38ed7ad0a29db5b7fde
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cde73a5f7f3e74bbca676d74139e9142a83fde2c57b0abfb4bad3eb2c7b35527
e2cdbded398c2c700569604c1f9cd2dbd8538aca66b6cc4e642cc86aba715687
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f05f313a094544db728f32ba064ed85a93e0decb889db1e32cd18042ac2d8783
f19096149c013afd5627d89d860ecbc372431ebb4d92b58c9a94dca42bd0887f
f2b543cb66ddd44f2afa7979d1e3345efdf5f5e890c4b6757812af570bd0b2a6
f2e8e61d98f0266157e4f91fe10fbdd05fdc5ddc7a836559ae86b485b7689de3
f7f78681ef82ddd9d42a81674ccd37fda2c7925629fb93dc211acf73a5f718c9
fa19212bd9ead632bf886ed1c00c615f6a4174f5444f80f77ccc0f65019b8a9f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

benefits.deliveryassociatesonline.org Open in urlscan Pro 167.71.180.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

54 %IPv6

10 Domains

15 Subdomains

13 IPs

2 Countries

1435 kBTransfer

1672 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

benefits.deliveryassociatesonline.org Open in urlscan Pro
167.71.180.156 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

54 %
IPv6

10
Domains

15
Subdomains

13
IPs

2
Countries

1435 kB
Transfer

1672 kB
Size

2
Cookies

41 HTTP transactions
0 data transactions