cf.mybenefitsclub.com Open in urlscan Pro
172.67.69.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mb3.io/y677qeoe
Effective URL:
https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_808...
Submission: On December 03 via manual (December 3rd 2024, 11:43:56 pm UTC) from US — Scanned from US

Summary HTTP 47 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 8 domains to perform 47 HTTP transactions. The main IP is 172.67.69.68, located in United States and belongs to CLOUDFLARENET, US. The main domain is cf.mybenefitsclub.com.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.

This is the only time cf.mybenefitsclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.205.27 172.67.205.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 30	172.67.69.68 172.67.69.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.167.95 142.251.167.95	15169 (GOOGLE) (GOOGLE)
1	142.250.31.95 142.250.31.95	15169 (GOOGLE) (GOOGLE)
1	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.167.69.75 3.167.69.75	16509 (AMAZON-02) (AMAZON-02)
1	142.251.167.156 142.251.167.156	15169 (GOOGLE) (GOOGLE)
1	142.251.167.105 142.251.167.105	15169 (GOOGLE) (GOOGLE)
1	104.18.2.36 104.18.2.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.167.69.77 3.167.69.77	16509 (AMAZON-02) (AMAZON-02)
1	3.167.69.53 3.167.69.53	16509 (AMAZON-02) (AMAZON-02)
4	54.80.56.168 54.80.56.168	14618 (AMAZON-AES) (AMAZON-AES)
1	3.213.230.233 3.213.230.233	14618 (AMAZON-AES) (AMAZON-AES)
3	50.17.127.255 50.17.127.255	14618 (AMAZON-AES) (AMAZON-AES)
47	13

1 172.67.205.27 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mb3.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 172.67.69.68 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cf.mybenefitsclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mybenefitsclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.69.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-75.iad61.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.36 (None, )

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.167.69.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-77.iad61.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.69.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-53.iad61.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.80.56.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-56-168.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.230.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-230-233.compute-1.amazonaws.com

fpc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.17.127.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-127-255.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	mybenefitsclub.com 1 redirects cf.mybenefitsclub.com mybenefitsclub.com	408 KB
12	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 8264 cdn.pushnami.com — Cisco Umbrella Rank: 17260 psp.pushnami.com — Cisco Umbrella Rank: 22795 fpc.pushnami.com — Cisco Umbrella Rank: 214013 trc.pushnami.com — Cisco Umbrella Rank: 8733	370 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 415	35 KB
1	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 15296	32 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	558 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	mb3.io 1 redirects mb3.io	704 B
47	8

	Domain	Requested by
29	cf.mybenefitsclub.com	1 redirects cf.mybenefitsclub.com ajax.googleapis.com static.cloudflareinsights.com
4	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
3	trc.pushnami.com	api.pushnami.com
2	cdn.pushnami.com	api.pushnami.com
2	api.pushnami.com	cf.mybenefitsclub.com api.pushnami.com
1	fpc.pushnami.com	api.pushnami.com
1	mybenefitsclub.com
1	imagedelivery.net	cf.mybenefitsclub.com
1	www.google.com	cf.mybenefitsclub.com
1	stats.g.doubleclick.net	cf.mybenefitsclub.com
1	static.cloudflareinsights.com	cf.mybenefitsclub.com
1	ajax.googleapis.com	cf.mybenefitsclub.com
1	fonts.googleapis.com	cf.mybenefitsclub.com
1	mb3.io	1 redirects
47	14

This site contains links to these domains. Also see Links.

Domain
freedomlender.co
www.solvent.com
mybenefitsclub.com

Subject Issuer	Validity	Valid
mybenefitsclub.com WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
imagedelivery.net E5	`2024-11-14` - `2025-02-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx
Frame ID: 43CBC0FA059D3CBD96C72A3B8549FC83
Requests: 41 HTTP requests in this frame

Frame: https://cf.mybenefitsclub.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: 76E475F2A52D604B4FE34F149B92A1EC
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 0B3609AB73A9B0C5A895347D0034314C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyBenefitsClub

Page URL History Show full URLs

https://mb3.io/y677qeoe HTTP 302
https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

14
Subdomains

13
IPs

2
Countries

852 kB
Transfer

1398 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://freedomlender.co/5-surprising-car-insurance-savings-opportunities/
Title: RESOURCES 5 Surprising Car Insurance Savings Opportunities

Search URL Search Domain Scan URL

URL: https://freedomlender.co/heres-how-personal-loan-lenders-calculate-your-monthly-payments/
Title: RESOURCES Here’s How Personal Loan Lenders Calculate Your Monthly Payments

Search URL Search Domain Scan URL

URL: https://www.solvent.com/credit-repair/
Title: RESOURCES Credit Score Repair

Search URL Search Domain Scan URL

URL: https://www.solvent.com/credit-cards/
Title: RESOURCES Credit Cards

Search URL Search Domain Scan URL

URL: https://mybenefitsclub.com/mobile-privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://mybenefitsclub.com/mobile-terms/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://mybenefitsclub.com/contact/
Title: Contact

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mb3.io/y677qeoe HTTP 302
https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://cf.mybenefitsclub.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://cf.mybenefitsclub.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cf.mybenefitsclub.com/n/
Redirect Chain

https://mb3.io/y677qeoe
https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

113 KB
34 KB

330ms
151ms

Document
text/html

172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbb7c51e1c72d4d59989ed12388c93c7bd9ac9ff79b79806550024bbcb3d52e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ec76bd20979180f-ATL
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 03 Dec 2024 23:43:50 GMT
link: <https://fonts.googleapis.com/>; rel="preconnect"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=adrh9m%2BdqEQwAGflV45x4F4S3zZBwut2nnzs6tAnh1ZQ35rpsigJjH2UpQ2Dd%2B0%2Fapm8uL0iQCa2tVwTSOhGue9QQF7U15HNeIGc%2FL7FKZBN%2FHzSFeEdZsc44glq71cphdnVaucDeRE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=22556&min_rtt=22533&rtt_var=6374&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4015&recv_bytes=2465&delivery_rate=191323&cwnd=251&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=161&x=0"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8ec76bcfab11eac5-DFW
content-length: 0
date: Tue, 03 Dec 2024 23:43:49 GMT
location: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx#y677qeoe
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ck5%2BZE3d9M3TFbSnb4GdWacgCn1X5kGPq17tqA%2BOTx0xPj3CAc1b4JFVzrDw%2FbdgPcS4xVV9RMJ4Xfxw%2FBOq6AVib5YtyltJu6pjWK7KlGNwbIAsDzwFlMk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=13889&min_rtt=13857&rtt_var=3916&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3977&recv_bytes=2310&delivery_rate=313487&cwnd=254&unsent_bytes=0&cid=db597f2c35eeca76&ts=209&x=0"

GET
H2 200 wp-emoji-release.min.js Show response
cf.mybenefitsclub.com/_files/ 18 KB
5 KB 93ms
91ms Script
application/javascript 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/wp-emoji-release.min.js

Requested by

Host: cf.mybenefitsclub.com
URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"e26f66245f30917d5f4bea2a779d931c"
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWJbmhJ%2FWl%2FDoZZvt%2FnOK2CS0zbGuSg7Hcf%2BXKOaZn4qTZl4nr44nMOzekvaHHlYTKHZVqOU80x2a%2BQ7wvyiGGbp6ung3Wl%2Bop1UqG%2Fa%2FWmn9NFz60dkTwd%2BeoMFRTY0m49uacIIUX4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=22567&min_rtt=22521&rtt_var=125&sent=63&recv=30&lost=0&retrans=0&sent_bytes=64787&recv_bytes=3134&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=259&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd31a94180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 style-blocks.build.css
cf.mybenefitsclub.com/_files/ 44 KB
7 KB 76ms
74ms Stylesheet
text/css 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/style-blocks.build.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c13d111f83f3dcfbdf19aa05f44ca2a6f69e1f9c5e802251d5b0d6e9b32aaea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2c64e0aa335c92471d91d83473f72181"
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UrE1SlYFV%2B1I1K1r4jJNN31kGrCP6ic%2BhN8eOZ5M1CCqFGGoULttYJXJy9Oo0hQ%2BqjynqXU5Mwxbwb3IMgEs7AMmr1MhRwpGQPaam%2FCusg6swfDbEoBGTsSP6QFJLEaoOzXhl8X9w2RCktTkrwW38rg59xE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=22567&min_rtt=22521&rtt_var=125&sent=36&recv=30&lost=0&retrans=0&sent_bytes=39942&recv_bytes=3134&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=251&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd31a81180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 theme.css
cf.mybenefitsclub.com/_files/ 5 KB
2 KB 83ms
81ms Stylesheet
text/css 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/theme.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c252aae896f9e58d873a43f1e05ad778dc31a79b8b8b971704aa75b520711cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"541f7d55e20c6d4cc41ea8bb86367212"
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8afZx4YncufOT7O9pGOh4ZgGi5KZtRCswOkI684kGDMWBvHLhjhHnIA2HaVek%2B%2F%2BZE5zmamrV5y6%2FcP20IWKnfrIi%2BbGXFzxSMuytIEIft3m3XFuMa3u9O3Th6hcZiWeeUjwNJeGlWcjft2e0flbGIL7zMc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=22567&min_rtt=22521&rtt_var=125&sent=48&recv=30&lost=0&retrans=0&sent_bytes=49716&recv_bytes=3134&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=257&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd31a89180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 mediaelementplayer-legacy.min.css
cf.mybenefitsclub.com/_files/ 11 KB
3 KB 95ms
93ms Stylesheet
text/css 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/mediaelementplayer-legacy.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3a2932023496f2eee1897bdf64cdc1f9"
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBePAn70Eb6dl%2FQLCFep4lK21thKMbk6YdhH9KSQJGkyiFD1V1%2FMxgQZqKOjkLaakHoAa1GiekMY16UkdZk95SkLAxiK0ZicD3sj%2BrtLVRYEKdr%2BD76XGmnCjudyhyTTKwzbVelop9Jc53JyCUwxKrPBD08%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=22567&min_rtt=22521&rtt_var=125&sent=68&recv=30&lost=0&retrans=0&sent_bytes=70402&recv_bytes=3134&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=264&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd31a8b180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 wp-mediaelement.min.css
cf.mybenefitsclub.com/_files/ 4 KB
2 KB 81ms
79ms Stylesheet
text/css 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/wp-mediaelement.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"726b4522f0b92f444a26f02f1fe29393"
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FTOt%2FUlAv0jPhmnEUhiVL%2BIDYCjM5K7NL%2FRoSQDbnkT7IY94HXB74v9k%2Bn7HfDy2oQYMa4d%2FVL3vFrUeMwhjqIuOxUgiw%2BCIC2xELjNzYg%2FcRLBx9qdGyH%2FNYHycx99N9leiWIJAiwVXow8YN2%2BIT7A4QSY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=22567&min_rtt=22521&rtt_var=125&sent=42&recv=30&lost=0&retrans=0&sent_bytes=47284&recv_bytes=3134&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=253&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd31a8d180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 classic-themes.min.css
cf.mybenefitsclub.com/_files/ 217 B
665 B 81ms
80ms Stylesheet
text/css 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/classic-themes.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2740568d53b1a7d89c8f8fd50e97a291"
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1pGQHaLqdtroirFxSIy607S6EZ0nUtte2JfbBCMHihvP54eAILfnAJT1W%2FcKZgOTLVnK%2BwBY4%2F7%2FzAiiI5c9P%2B5Sas2QQA8Yr41epiV2AS0UDww3kE0PMqrisELf5nTiJn4sZaEsZ9ong7u%2Bgbm9o5z4iY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=22567&min_rtt=22521&rtt_var=125&sent=45&recv=30&lost=0&retrans=0&sent_bytes=48985&recv_bytes=3134&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=253&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd31a8e180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 style.css
cf.mybenefitsclub.com/_files/ 72 KB
13 KB 83ms
82ms Stylesheet
text/css 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63289f190d8a869339d61382d617efb5e1265f1a891284f37b98124b65765416

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3f46633c268f693f6fc2f4e2aef17267"
age: 6770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfTftQTdCQFybIkYGIyp67hiX1si%2FmC2g9XQcAhSdTeJJfJJ3GGkT4vqs7AGPYgtKgaxSJFRWY4OFU3%2FiGTpxyJsBydmP499K%2BkGe%2FSdr8u5SLVVRtvsa8MbxXMhX2VG3NXAaha4vVVHJwfiFa50AodAZFA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=22567&min_rtt=22521&rtt_var=125&sent=52&recv=30&lost=0&retrans=0&sent_bytes=51711&recv_bytes=3134&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=258&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd31a91180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
2 KB 285ms
103ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

194b0b6987d98574284a790e1e71b5b242bdf5bdd685969d7e0b0bae7f9cee4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 23:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 22:58:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 mbc-logo-dark.png
cf.mybenefitsclub.com/img/ 3 KB
4 KB 78ms
76ms Image
image/png 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/img/mbc-logo-dark.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9a99c3f023685deee9277b658ad754d0847485adaaa0e6c616f7ceb39eb825

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-cache-status: HIT
etag: "ddee639f837167aac426a39a9b6176fb"
age: 6770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHgNmOFb3GPIfRCH0V230lNiCwSpNNAqS%2F7I1pEYiZ25uedN%2FSeESPs6SouR1pJiTVuVSxArbs4ZAjtgpMU4MfJWek47otZaybDbRrqTszrxcKn6hmM16c2THcB1dmFk5Xa4ctEm67HbfoF3%2FpJzuHI9mi8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=22717&min_rtt=22460&rtt_var=294&sent=73&recv=51&lost=0&retrans=0&sent_bytes=73537&recv_bytes=3329&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=294&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd35b0f180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3122
server: cloudflare

GET
H2 200 creditscore.png
cf.mybenefitsclub.com/_files/ 2 KB
2 KB 79ms
78ms Image
image/webp 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/_files/creditscore.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bd238b942f7677cda9935e97d05bc57ccee180372c6191ec2d7e29d2cf1b86d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-bgj: imgq:100,h2pri
etag: "b7b53619c93e4b8cfd6b9aceee82edda"
age: 6770
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JYVtcIGDVxHyRL6v81j9DKPEIuQY1XxVqgxDiW%2F6IP1ufyVaxMlLEPgNZ2khNmMZxZlXRXUl5BsGi4lqeN53oB3VPTRs1zXu3t5C711%2BTKVMtFqhxf6RO%2BC5%2BnGMJFv6zh1%2BX3yKA1CMH80OcqEf%2Bk5HOA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=2177
server-timing: cfL4;desc="?proto=TCP&rtt=22717&min_rtt=22460&rtt_var=294&sent=78&recv=51&lost=0&retrans=0&sent_bytes=77210&recv_bytes=3329&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=296&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/webp
content-disposition: inline; filename="creditscore.webp"
vary: Accept
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd35b13180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1938
server: cloudflare

GET
H2 200 percent-coins.png
cf.mybenefitsclub.com/_files/ 33 KB
34 KB 76ms
75ms Image
image/webp 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/_files/percent-coins.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe1a7351b191b443716153eb7bac15141bc52cf47e349d0286da3e93b85c5d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-bgj: imgq:100,h2pri
etag: "5fae8d49654090f9d7587206d9eb7613"
age: 6509
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TlCHHMvEus4dIKxc9jJWxFe2Ks9cqbZ4mJjIques5iCPVvAkb%2Fri5Hb0BtigPF2pX9FEHhqs8nFT0x8O%2BZ08ewSUhiyieHyTfmM6aVV7K1V%2B1Ulqs7oFH%2FrFlpM4gHf1%2By4XOyhpXHM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=51319
server-timing: cfL4;desc="?proto=TCP&rtt=30080&min_rtt=22460&rtt_var=12882&sent=83&recv=57&lost=0&retrans=0&sent_bytes=79820&recv_bytes=3458&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=372&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/webp
content-disposition: inline; filename="percent-coins.webp"
vary: Accept
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd3dbbb180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33766
server: cloudflare

GET
H2 200 bg2.png
cf.mybenefitsclub.com/_files/ 16 KB
17 KB 87ms
87ms Image
image/webp 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/_files/bg2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

729b8f0394b3e371b2e0ecbbd960d40633c935248f6445674510b420a4de33c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-bgj: imgq:100,h2pri
etag: "18aa5c49ca69e2120489b1fc91ea3fff"
age: 6509
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPwVXEpd3hYX3W154qDYabs65ZRbLdAeJSkhJNRPOWGozDOLi9YwaA0tE%2Bog2Sd4%2F0vl8f6eTd4Jy8EdHvVLJXb6XYG5DTuJuZ3%2Fd9kyCNYtTIHwi1mkuywM2mThc7wkgtrV9lM1i6g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=27040
server-timing: cfL4;desc="?proto=TCP&rtt=30080&min_rtt=22460&rtt_var=12882&sent=109&recv=57&lost=0&retrans=0&sent_bytes=114498&recv_bytes=3458&delivery_rate=1738799&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=373&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/webp
content-disposition: inline; filename="bg2.webp"
vary: Accept
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd3dbc2180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16340
server: cloudflare

GET
H2 200 scam-1-300x169.jpg
cf.mybenefitsclub.com/_files/ 11 KB
12 KB 78ms
77ms Image
image/jpeg 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/_files/scam-1-300x169.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e7b6e37ea2f37a2f132d1ce64e2501d5b372ae2f1b33fc038143b27fc2fc7bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-bgj: imgq:100,h2pri
etag: "9e2286d7112a943bf1e651bf34fc9c18"
age: 251
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03YD17yvTQCFRtWpWCCSv4tBN0iJZOJfX1AcspLtvJkiJxyofOqNOGcFaKm75I96IfRlzLHpmaQfVe%2FVBp5tjjaSj7zUXLcQyZtfzXB3RXH4X8AX9wwH4ph1xEm%2Bdxj6WJWX6KcMerM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-polished: origSize=11578
server-timing: cfL4;desc="?proto=TCP&rtt=30283&min_rtt=22450&rtt_var=14293&sent=123&recv=69&lost=0&retrans=0&sent_bytes=131535&recv_bytes=3527&delivery_rate=2344306&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=462&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd46c50180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11462
server: cloudflare

GET
H2 200 creditscore-2-300x169.jpg
cf.mybenefitsclub.com/_files/ 11 KB
12 KB 158ms
155ms Image
image/jpeg 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/_files/creditscore-2-300x169.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4b5f32800565b3ddb18537f4b828e111db159d3f5690662351cc478a9aea7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-bgj: imgq:100,h2pri
etag: "af533fab91bff3c2941323fda7b9af5e"
age: 251
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIops8ZASYUPz4Cy9nzYlsR7y5%2BijKWi1357ruQvtH3Fr%2FrwdlrDQYbWRtGHhRrP8bsj4Lr2MHIwxzR1Jj%2FOhilNUdW%2BbeSuCoauB1lZPdv%2ByPAIYQdBas9wOf7OUD5C4AKwXOWM6Kk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-polished: origSize=11523
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=317&recv=84&lost=0&retrans=0&sent_bytes=381085&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=552&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4ed01180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11460
server: cloudflare

GET
H2 200 credit-repair-3-300x169.jpg
cf.mybenefitsclub.com/_files/ 14 KB
14 KB 78ms
76ms Image
image/jpeg 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/_files/credit-repair-3-300x169.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e9c87999acc240466cdfb153c8b70284a6d8b0e357aa92212e21032ac44b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-bgj: imgq:100,h2pri
etag: "369182e4106c46cf564600b31c0bfcd5"
age: 251
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qlxi8wq9y0%2B8wcGZ%2Benn9wLFVOEFCl0hXcG5G3D59WS6h49qYF0%2BVjWul9i9w6KhHFdOvtOLawkXGwCxb8%2BDoa4mdk8oWjLHrB%2BDnm5ao4EHR9JB4KOH%2Ftgsw4bKF2uosJpaOB4QBPY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-polished: origSize=14202
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=144&recv=84&lost=0&retrans=0&sent_bytes=151333&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=546&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4ed02180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14008
server: cloudflare

GET
H2 200 creditcards-2-300x169.jpg
cf.mybenefitsclub.com/_files/ 13 KB
14 KB 97ms
95ms Image
image/jpeg 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/_files/creditcards-2-300x169.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcca3ff1b07207a864c7d94b347e822932b14c188bba7b17d66230d811ebf4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-bgj: imgq:100,h2pri
etag: "dcbc1e85ecdd587854fb434c536db3c9"
age: 251
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rPobRED3P%2BgfKpqymUdRpRy2ot%2F57csRw3GxZefe5Q0hiiLrEl8EkQUGElMMVtfj772IUCmHBvHNcUDvuewnZtbMEXHxTut9MCWe2%2BtTds%2FhHMzpVyLG85abkxeSGjIQ5pq5NwlHooI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-polished: origSize=13674
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=188&recv=84&lost=0&retrans=0&sent_bytes=203300&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=31&cid=18e4880cc21dd6e0&ts=547&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4ed04180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13461
server: cloudflare

GET
H2 200 download-300x156.png
cf.mybenefitsclub.com/_files/ 8 KB
9 KB 160ms
157ms Image
image/webp 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/_files/download-300x156.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

771822c66ddc3a6e7a5f58220b5ae8e0a11e7601728948079207bbdb81b0dec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-bgj: imgq:100,h2pri
etag: "c1cdbdcbaa2d91d37e4469ab9d0acc8c"
age: 6509
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9IMGtQK%2BY7fvGrov8c9VHkLJ%2BDVd2rC7i%2BiVX4L1647srIOHgk3qrpbQcZbPuOV5CRgYVYD070u0PTM%2F47IZ5ibz%2B052cCUVrdUbRIO%2BE8YoXOMzrm7ZVPheMIgTsrPla0CbqVQq70%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=13098
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=327&recv=84&lost=0&retrans=0&sent_bytes=393257&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=31&cid=18e4880cc21dd6e0&ts=552&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/webp
content-disposition: inline; filename="download-300x156.webp"
vary: Accept
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4ed05180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8508
server: cloudflare

GET
H2 200 mbc-logo.png
cf.mybenefitsclub.com/img/ 3 KB
4 KB 161ms
159ms Image
image/png 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/img/mbc-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29f6fd07ab6ed61e0cf0d6f05bf87608e155f1b9d6830920609d8cc67cf0d995

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-cache-status: HIT
etag: "2d5eae087221878dff0bb9144bd50434"
age: 3259
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RAhbQoQ83XUarXUop%2BKN%2BtXSwFKQ2lrbFRWy0%2B4lTGvJIF9nRGNQHqsBxzRHtsMIUU%2FKmFET247z5A3Kt4V6mwgA5kXVTJiG%2BAJkz4oyaXhG2o74S3zelY2JVMyWPruU%2B2%2BuF2JR6KE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=335&recv=84&lost=0&retrans=0&sent_bytes=402433&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=554&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4ed06180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3281
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 271ms
88ms Script
text/javascript 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

content-encoding: gzip
age: 23342
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 17:14:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 17:14:48 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33434
x-xss-protection: 0
server: sffe

GET
H2 200 animate.min.css
cf.mybenefitsclub.com/_files/ 70 KB
6 KB 85ms
81ms Stylesheet
text/css 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/animate.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6da080aef015b0bdf6d5e3fd63ec38921bfca1a0d82d25e8898b7b24e2599645

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"91d79e9d56f561217659ac0def43b487"
age: 6770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APSSwLd1CLclbkpjHgnkAZF3uuimbC6iKjtSy9WYaTwR7z81D7nBC8OvPWCiM0zMb%2BmJgvMcg6Urr4%2FlrPCt83%2BIJXAY9IQZkKtVaLpU5pkPtMPBhjI3QrBDsjM%2BPpDIxGGAQ2smAuDC0tNSi29exiYcYyM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=158&recv=84&lost=0&retrans=0&sent_bytes=166035&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=547&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4ecfb180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 jquery.min.js Show response
cf.mybenefitsclub.com/_files/ 87 KB
31 KB 86ms
83ms Script
application/javascript 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"29c4e63801623c5ad6a13313b0cd8d2c"
age: 6770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BOz122Ut%2F5APzfpwVsfS%2FomNhsqCSKCY%2B5GcZha21KfL%2FFdjmPfPl9CEOSgUn%2FAAmYVWPeg%2BoDnLIgn4ZHeS0kvLsbNiKiNpxHfK43kN1eB0dhRsTF%2BR2yFQEoCWx079ILdCXhNOTZ2GQVmXS7JvwPxfGVQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=164&recv=84&lost=0&retrans=0&sent_bytes=171802&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=547&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4ecfe180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 jquery.cycle2.min.js Show response
cf.mybenefitsclub.com/_files/ 22 KB
7 KB 77ms
74ms Script
application/javascript 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/jquery.cycle2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2f7bbd26b52714c4f0c75fc0c6a13472"
age: 6770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIMX8vheszGt2YgThw%2FamF6nCqTacACcPdFDbn0fS6s54vG1jcgeGEj3wj71oZee%2F94OAwqswgKB4%2FmquHYpl76UNKqZqlHCEFj8XxPAWMs0gnmhlKgl04R84M%2FxjhpHzLw9A63ghnwGAlNVyGQ65azcf9Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=137&recv=84&lost=0&retrans=0&sent_bytes=143664&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=544&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4ecff180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 cleave.min.js Show response
cf.mybenefitsclub.com/_files/ 21 KB
7 KB 99ms
96ms Script
application/javascript 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/_files/cleave.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"79faacb53f4d6d3f1d2122c703afc86f"
age: 6770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7fcLdAlrGS74y9%2Blnpt8CJRclPV5p9rJuLbKHuNXHrAz9cd0C4OQ7SBSSG%2Bt6T5%2B7TM1Y877FFET%2FHyiJG3RqAgId1XoBDZS0E8rATOYkDuIF%2FhnmuxwX4Mu7%2BUUKQNk33XDfLBvzJn0ZluBtU8Sw7JXIg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=190&recv=84&lost=0&retrans=0&sent_bytes=203846&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=309&cid=18e4880cc21dd6e0&ts=547&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4ed00180f-ATL
access-control-allow-origin: *
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 187ms
75ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: cf.mybenefitsclub.com
URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://cf.mybenefitsclub.com
Referer: https://cf.mybenefitsclub.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8ec76bd59c236c0a-DFW
access-control-allow-origin: *
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 hero.png
cf.mybenefitsclub.com/img/ 152 KB
153 KB 99ms
99ms Image
image/webp 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.mybenefitsclub.com/img/hero.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a2ef0bb6d68c7084bf1852dc45106e82c730f4453d328938c17179f9f248953

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

cf-bgj: imgq:100,h2pri
etag: "76f7a11bb330f94f5a5192b018a8d078"
age: 3260
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xw982Ba6TYQrHsytftvn2vvV5ttaPlj2tSd%2BWDiNudYfT6nJFRhMO%2FMtcwNPjeVqtWVe4QJipSKGav9CDNfmS8pPOWQ%2FYe%2FHe2rqD6HshtG41%2B2c9JL993nA4Lrt8oiTq3%2Bc%2FT1rLNtz5r%2FLG0UPMsmUyc4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=252164
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=22450&rtt_var=6685&sent=206&recv=84&lost=0&retrans=0&sent_bytes=224380&recv_bytes=4218&delivery_rate=2344306&cwnd=255&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=549&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: image/webp
content-disposition: inline; filename="hero.webp"
vary: Accept
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec76bd4fd08180f-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 155600
server: cloudflare

GET
H2 200 13978 Show response
cf.mybenefitsclub.com/offers/ 298 B
762 B 136ms
136ms XHR
application/json 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.mybenefitsclub.com/offers/13978
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d82e0e431ac808d288ab3a58ae34c883470455fac1efbbac1294715555064a31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bPY1s3QwFw3uxcd%2FHTq83OXtPU%2F95vf%2BrfMQd5CEcWOKbE4NoWAEaFDVyYdf4E9wCeTJ6PN%2BWEyLlpJyqprBi3zT%2BuyEFxih455QDIS68fRBsPltLz6AMCpXgsAnKyiv%2BIve5DQ4UKY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec76bd68f33180f-ATL
server-timing: cfL4;desc="?proto=TCP&rtt=22646&min_rtt=22448&rtt_var=70&sent=349&recv=139&lost=0&retrans=0&sent_bytes=411780&recv_bytes=5121&delivery_rate=9255980&cwnd=396&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=868&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

GET
H2 200 633316cd4df9f00013c5f38d Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 101 KB
21 KB 266ms
101ms Script
application/javascript 3.167.69.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/633316cd4df9f00013c5f38d
Requested by: Host: cf.mybenefitsclub.com
URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-75.iad61.r.cloudfront.net
Software: /
Resource Hash: 1f96ac231be6443fc1fd882f8b8361ff51566f80f87ad4a13f7b06bc05971ae6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

cache-control: no-cache
content-encoding: gzip
age: 246
via: 1.1 24b33ee53a56b70bc032238ceb07576a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 9DHRgkfbR2V93-EwGJeFRZscXk0KWOs0vwaUWTYzRaVhlK3R53TrQg==
date: Tue, 03 Dec 2024 23:39:45 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
x-amz-cf-pop: IAD61-P6

GET
H2

200

main.js Show response
cf.mybenefitsclub.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame 76E4
Redirect Chain

https://cf.mybenefitsclub.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://cf.mybenefitsclub.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

9 KB
4 KB

71ms
71ms

Script
application/javascript

172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

Requested by

Protocol

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78466fda30e6af64cbc2a6736856fbfaff224e0578fca2e91921d1df4c2ed42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1lPbS1WDttbbJFVxGyWG8nGlVyzbMeMhRfoZIizlJyUC1Fvt7TIaeXAP2A3NSQxd3vcBR6V4yVznDqL%2BMqPNJzUV%2BD%2F%2BsFbQtrrDF2Xg0h1feOlK%2FVA8eubSbuGqAmML9dy4%2BtLXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec76bd74814180f-ATL
server-timing: cfL4;desc="?proto=TCP&rtt=22570&min_rtt=22448&rtt_var=65&sent=351&recv=147&lost=0&retrans=0&sent_bytes=412608&recv_bytes=5216&delivery_rate=9255980&cwnd=405&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=916&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mr91xAStiQmzC2Ot83zC18w3mgc%2Bh8GEidQXP3LpxwTnm8l9tn4D08PWbFENqOyXrL%2F3yRUNaR6y8LnchXigMWuOdoMqORt2q%2FxdLPN2RbP16n8gJjkOs6zNA7QkKIgiohdKXmdQ6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec76bd6cf91180f-ATL
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=22646&min_rtt=22448&rtt_var=70&sent=342&recv=139&lost=0&retrans=0&sent_bytes=406275&recv_bytes=5121&delivery_rate=9255980&cwnd=396&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=846&x=0"
content-length: 0
date: Tue, 03 Dec 2024 23:43:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 s.js Show response
cf.mybenefitsclub.com/cdn-cgi/zaraz/ 6 KB
5 KB 88ms
88ms Script
text/javascript 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.mybenefitsclub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTXlCZW5lZml0c0NsdWIlMjIlMkMlMjJ4JTIyJTNBMC43NzgyODUyNjM3OTQ0NDg4JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjZi5teWJlbmVmaXRzY2x1Yi5jb20lMkZuJTJGJTNGc2lkJTNEMTM5NzglMjZwdWIlM0Q0NjE1MDAlMjZwb3N0aWQlM0Q4a1lLakNoeCUyNmVtYWlsJTNEJTI2Zm5hbWUlM0RQZWRybyUyNnBob25lJTNEJTI1MkIxNzczODQ0Mjk0NCUyNmMxJTNEU1NfU0NfTUJDXzgwODM3XzQ2MTUwMF9BUjBfMTM5NzhfOTgzOTg1XzNEZWMyNF84a1lLakNoeCUyM3k2NzdxZW9lJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0E2MDAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by: Host: cf.mybenefitsclub.com
URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b92364eeadc9387d0532a4c0394d1562e4c436875c3d72c7ea4f5ea0b6fe2e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

x-robots-tag: none
access-control-max-age: 600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9eBFpyfTzEIojZa2vAdaoWt4CBQ10Cf5JRREG32nrGKEHu1UkIVefYcOq%2BNm3s1h%2BY6xl9PJyUdlj72s8Iu9uGh56K8aSiijVkR%2FI9XG8%2FnIRShyrur4JqdreAQ1zkEFE596O13JA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec76bd6df94180f-ATL
access-control-allow-origin: https://cf.mybenefitsclub.com
server-timing: cfL4;desc="?proto=TCP&rtt=22646&min_rtt=22448&rtt_var=70&sent=343&recv=139&lost=0&retrans=0&sent_bytes=406811&recv_bytes=5121&delivery_rate=9255980&cwnd=396&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=862&x=0"
date: Tue, 03 Dec 2024 23:43:50 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

POST
H2 204 collect Show response
stats.g.doubleclick.net/g/ 0
558 B 277ms
95ms XHR
text/plain 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-HV4Z813W68&cid=8c0d58e4-3bb0-47f7-920e-a4e5c9bb37e3&_u=KGDAAEADQAAAAC%7E&z=919647450
Requested by: Host: cf.mybenefitsclub.com
URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://cf.mybenefitsclub.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 23:43:51 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
0 329ms
148ms Fetch
image/gif 142.251.167.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-HV4Z813W68&cid=8c0d58e4-3bb0-47f7-920e-a4e5c9bb37e3&_u=KGDAAEADQAAAAC%7E&z=919647450&slf_rd=1

Requested by

Host: cf.mybenefitsclub.com
URL: https://cf.mybenefitsclub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTXlCZW5lZml0c0NsdWIlMjIlMkMlMjJ4JTIyJTNBMC43NzgyODUyNjM3OTQ0NDg4JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjZi5teWJlbmVmaXRzY2x1Yi5jb20lMkZuJTJGJTNGc2lkJTNEMTM5NzglMjZwdWIlM0Q0NjE1MDAlMjZwb3N0aWQlM0Q4a1lLakNoeCUyNmVtYWlsJTNEJTI2Zm5hbWUlM0RQZWRybyUyNnBob25lJTNEJTI1MkIxNzczODQ0Mjk0NCUyNmMxJTNEU1NfU0NfTUJDXzgwODM3XzQ2MTUwMF9BUjBfMTM5NzhfOTgzOTg1XzNEZWMyNF84a1lLakNoeCUyM3k2NzdxZW9lJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0E2MDAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f105.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://cf.mybenefitsclub.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 03 Dec 2024 23:43:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 public
imagedelivery.net/RscCbZX7TBhWlKxaNzCAKA/74489ab1-c759-4653-8754-da5553f2c200/ 31 KB
32 KB 206ms
91ms Image
image/avif 104.18.2.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/RscCbZX7TBhWlKxaNzCAKA/74489ab1-c759-4653-8754-da5553f2c200/public

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f61048eaf776aa029b523a8d8bc81d5507f9a2d818dcbbeadeb7ac879044aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

cf-cache-status: HIT
etag: "cft3FdCVJioTtE8-R9l59wZCQHfb7C9F9CBQfA5-d8DQ"
cf-bgj: imgq:85,h2pri
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 23:43:51 GMT
content-type: image/avif
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-images: internal=ok/- q=0 n=282+257 c=0+0 v=2024.10.6 l=32169 f=false
cf-ray: 8ec76bd83bbff0b1-DFW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32169
server: cloudflare

POST
H2 200 8ec76bd20979180f Show response
cf.mybenefitsclub.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 76E4 0
1 KB 85ms
80ms XHR
text/plain 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.mybenefitsclub.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ec76bd20979180f
Requested by: Host: cf.mybenefitsclub.com
URL: https://cf.mybenefitsclub.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHdtY%2Bup0YeGJeCFvglBOuRsYdqshRvsYxR%2F0EcKOrlMIVMQmplB%2B7J%2F1AveiCV0iExuzOPmfPZ0hBQKUQxR4L6PVCcuF%2B8SH%2BdiNj2pJiQMT0hCbX8tUdQ%2BaDAn32iRoy7yiHLqJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec76bd8694b180f-ATL
server-timing: cfL4;desc="?proto=TCP&rtt=28135&min_rtt=22448&rtt_var=11193&sent=362&recv=162&lost=0&retrans=0&sent_bytes=417263&recv_bytes=22515&delivery_rate=9255980&cwnd=410&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=1110&x=0"
content-length: 0
date: Tue, 03 Dec 2024 23:43:51 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 fcm-v1-module.019781ec7a1c97363e85.bundle.js Show response
cdn.pushnami.com/js/modules/ 46 KB
15 KB 274ms
94ms Script
application/javascript 3.167.69.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/633316cd4df9f00013c5f38d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-77.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

vary: accept-encoding
content-encoding: gzip
etag: W/"09467cbbdfbe0b4f7131476215348a19"
x-amz-version-id: DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
age: 3451
via: 1.1 b7cdad11a8da074c3364a379749f7320.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: wJiMlC6YkSmk_5zwneeTjpsaKH_VPheyIX9zOJH_xaVm1wwKRM3-8A==
date: Tue, 03 Dec 2024 22:46:21 GMT
content-type: application/javascript
last-modified: Fri, 10 May 2024 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame 0B36 0
0 235ms
79ms Document
text/html 3.167.69.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/633316cd4df9f00013c5f38d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.69.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-69-53.iad61.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://cf.mybenefitsclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 443
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Tue, 03 Dec 2024 23:36:28 GMT
vary: accept-encoding
via: 1.1 a04e8c97f1e289e082ffa9503a1e95d0.cloudfront.net (CloudFront)
x-amz-cf-id: wVDhnDBJ5CLBt1N7IjrFJQF4nNYA2PFyzm4YzcnCXuTaM0yAMIPu8w==
x-amz-cf-pop: IAD61-P6
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

POST
H2 204 rum Show response
cf.mybenefitsclub.com/cdn-cgi/ 0
171 B 71ms
69ms XHR
text/plain 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.mybenefitsclub.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8ec76bda4b79180f-ATL
access-control-allow-origin: https://cf.mybenefitsclub.com
date: Tue, 03 Dec 2024 23:43:51 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 mbc-icon.png
mybenefitsclub.com/wp-content/uploads/2022/05/ 6 KB
6 KB 88ms
76ms Other
image/webp 172.67.69.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mybenefitsclub.com/wp-content/uploads/2022/05/mbc-icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95c854b131074e1eccfea61c2512e3e2fc0be8726e0ee100dc8f484aaa49f264

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "627ebb14-2e98"
age: 222505
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFVSmBaq49IW921qgS4XOpGjCy3KSYN%2FVa7xKFX15dHY7cJ6YpiesuFYPptUmboKqnk38CiAQZ47WeHGeZ%2FIs8g%2FCS4BVzHkIypXidrOEx8z6Iql5YRO9cK%2BgglqkWOwWjx6GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 01 Dec 2025 09:55:26 GMT
cf-polished: origFmt=png, origSize=11928
server-timing: cfL4;desc="?proto=TCP&rtt=26833&min_rtt=22448&rtt_var=8553&sent=365&recv=168&lost=0&retrans=0&sent_bytes=418511&recv_bytes=24983&delivery_rate=9255980&cwnd=412&unsent_bytes=0&cid=18e4880cc21dd6e0&ts=1667&x=0"
date: Tue, 03 Dec 2024 23:43:51 GMT
content-type: image/webp
content-disposition: inline; filename="mbc-icon.webp"
vary: Accept
last-modified: Fri, 13 May 2022 20:09:56 GMT
x-proxy-cache-info: DT:1
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec76bdbeda6180f-ATL
accept-ranges: bytes
content-length: 5694
host-header: 8441280b0c35cbc1147f8ba998a563a7
server: cloudflare

GET
H2 200 psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js Show response
cdn.pushnami.com/js/exp/ 333 KB
334 KB 96ms
95ms Script
application/javascript 3.167.69.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/633316cd4df9f00013c5f38d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-77.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

content-encoding: utf-8
x-amz-version-id: iJVtw0MDnvg5Vkf9zg8GHQyDY6vN4ZdU
etag: "4b9f77845d59f14274d2b8d4b1112ca4"
age: 3521
via: 1.1 b7cdad11a8da074c3364a379749f7320.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 340965
x-amz-cf-id: tF9Ska_qDBlfZq3hB8o0mwNAWoVN76cliZ1u2eaCfeZf_bOJvhqaoQ==
date: Tue, 03 Dec 2024 22:45:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 12 Aug 2024 17:22:56 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 283ms
79ms Preflight 54.80.56.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.80.56.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-56-168.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cf.mybenefitsclub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 03 Dec 2024 23:43:52 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 201 data Show response
psp.pushnami.com/psfp/ 61 B
220 B 84ms
83ms Fetch
application/json 54.80.56.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.80.56.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-56-168.compute-1.amazonaws.com
Software: / Express
Resource Hash: bdcb3d5b7d9642ebf3cd75c4cd744bc5c257ad6ff546fa5a0fb5bc6f207c82ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/octet-stream
Referer: https://cf.mybenefitsclub.com/

Response headers

access-control-allow-origin: *
content-length: 61
date: Tue, 03 Dec 2024 23:43:52 GMT
etag: W/"3d-nj15bVsS7t952t6USAYZrCfs4LQ"
content-type: application/json; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 80ms
80ms Preflight 54.80.56.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.80.56.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-56-168.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://cf.mybenefitsclub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 03 Dec 2024 23:43:52 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 1618ms
1616ms Fetch
text/html 54.80.56.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/633316cd4df9f00013c5f38d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.80.56.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-56-168.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 633316cd4df9f00013c5f38d
Referer: https://cf.mybenefitsclub.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
content-length: 2
date: Tue, 03 Dec 2024 23:43:54 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8
x-powered-by: Express

GET
H2 200 check
fpc.pushnami.com/psfp/cc6770d7-150b-4ead-ab6e-2115f09b62a4/ 0
0 318ms
86ms Fetch 3.213.230.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fpc.pushnami.com/psfp/cc6770d7-150b-4ead-ab6e-2115f09b62a4/check?websiteId=633316cd4df9f00013c5f38c&psfpv4=a00fdf2c-5add-5f84-9bc8-56a3d440d702
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/633316cd4df9f00013c5f38d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.230.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-230-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cf.mybenefitsclub.com/

Response headers

x-request-id: ITV3QkChZw6I3XQzqymgYXoExqPIk3tq
access-control-allow-origin: *
content-length: 0
date: Tue, 03 Dec 2024 23:43:53 GMT
vary: Origin

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 99ms
98ms Fetch
text/html 50.17.127.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/633316cd4df9f00013c5f38d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.127.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-127-255.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 633316cd4df9f00013c5f38d
Referer: https://cf.mybenefitsclub.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Tue, 03 Dec 2024 23:43:53 GMT
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 251ms
80ms Preflight 50.17.127.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.127.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-127-255.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://cf.mybenefitsclub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Tue, 03 Dec 2024 23:43:53 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 83ms
82ms Fetch
text/html 50.17.127.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/633316cd4df9f00013c5f38d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.127.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-127-255.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 633316cd4df9f00013c5f38d
Referer: https://cf.mybenefitsclub.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Tue, 03 Dec 2024 23:43:55 GMT
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mybenefitsclub.com/	1969-12-31 23:59:59	Name: cfzs_google-analytics_v4 Value: %7B%22tZzy_pageviewCounter%22%3A%7B%22v%22%3A%221%22%7D%7D
.mybenefitsclub.com/	1970-01-21 10:13:25	Name: cfz_google-analytics_v4 Value: %7B%22tZzy_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1764805430863%7D%2C%22tZzy_engagementStart%22%3A%7B%22v%22%3A%221733269430863%22%2C%22e%22%3A1764805430863%7D%2C%22tZzy_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1764805430863%7D%2C%22tZzy_ga4sid%22%3A%7B%22v%22%3A%22287055472%22%2C%22e%22%3A1733271230863%7D%2C%22tZzy_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1764805430863%7D%2C%22tZzy_ga4%22%3A%7B%22v%22%3A%228c0d58e4-3bb0-47f7-920e-a4e5c9bb37e3%22%2C%22e%22%3A1764805430863%7D%2C%22tZzy__z_ga_audiences%22%3A%7B%22v%22%3A%228c0d58e4-3bb0-47f7-920e-a4e5c9bb37e3%22%2C%22e%22%3A1764805430863%7D%2C%22tZzy_let%22%3A%7B%22v%22%3A%221733269430863%22%2C%22e%22%3A1764805430863%7D%7D
.mybenefitsclub.com/	1970-01-21 10:13:25	Name: cf_clearance Value: 154JDARVSCxHTUOdAAKaGEFTHMbdzW4ZI9XSSnT95gY-1733269431-1.2.1.1-SZHsx45fRQ1FTFWHcq7.C893unTKmFhGMW5WZq.0aaX5Z3kdwpK7upidcPhP8XQoU0mq8hSkELeQlgjgrjYN4ZOhTKfoW1WOUaOH0jbBUv9PJwxBmqCx.gYXrqgpAYXSWw9l92Yv7GxBtq.WPMMQXsBo9elXRV68y1m5A9x8dUp23nth3jLGaM1wy8DjjqogjdbsrxItij_EA4dNxyaYftet5BffsmkJJ7gSXLOlvuhQtT1OLAtWCFyrHYFQNBWogKKD8ytHTev6ZZ72Az5G4.GOjIKw3wNET2ymvWhDzgOFz_QtPjSRYwbtVSBd..qK7LySu1.jdx6Gya4HFOA_F4GpfuPy2RkNYwAU8ZG70Kk714gpNmEy1AIlcybjQoNA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx#y677qeoe Message: [GroupMarkerNotSet(crbug.com/242999)!:A060560BE4220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx#y677qeoe Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E0E300E4220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx#y677qeoe Message: [GroupMarkerNotSet(crbug.com/242999)!:A0007D08E4220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx#y677qeoe Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E0E20CE4220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx#y677qeoe Message: [GroupMarkerNotSet(crbug.com/242999)!:A080E20CE4220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
other	error	URL: https://cf.mybenefitsclub.com/n/?sid=13978&pub=461500&postid=8kYKjChx&email=&fname=Pedro&phone=%2B17738442944&c1=SS_SC_MBC_80837_461500_AR0_13978_983985_3Dec24_8kYKjChx#y677qeoe Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.pushnami.com
cdn.pushnami.com
cf.mybenefitsclub.com
fonts.googleapis.com
fpc.pushnami.com
imagedelivery.net
mb3.io
mybenefitsclub.com
psp.pushnami.com
static.cloudflareinsights.com
stats.g.doubleclick.net
trc.pushnami.com
www.google.com
104.16.80.73
104.18.2.36
142.250.31.95
142.251.167.105
142.251.167.156
142.251.167.95
172.67.205.27
172.67.69.68
3.167.69.53
3.167.69.75
3.167.69.77
3.213.230.233
50.17.127.255
54.80.56.168
0e7b6e37ea2f37a2f132d1ce64e2501d5b372ae2f1b33fc038143b27fc2fc7bf
0e9a99c3f023685deee9277b658ad754d0847485adaaa0e6c616f7ceb39eb825
194b0b6987d98574284a790e1e71b5b242bdf5bdd685969d7e0b0bae7f9cee4e
1f96ac231be6443fc1fd882f8b8361ff51566f80f87ad4a13f7b06bc05971ae6
20f61048eaf776aa029b523a8d8bc81d5507f9a2d818dcbbeadeb7ac879044aa
29f6fd07ab6ed61e0cf0d6f05bf87608e155f1b9d6830920609d8cc67cf0d995
2a2ef0bb6d68c7084bf1852dc45106e82c730f4453d328938c17179f9f248953
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
4bd238b942f7677cda9935e97d05bc57ccee180372c6191ec2d7e29d2cf1b86d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
63289f190d8a869339d61382d617efb5e1265f1a891284f37b98124b65765416
6da080aef015b0bdf6d5e3fd63ec38921bfca1a0d82d25e8898b7b24e2599645
729b8f0394b3e371b2e0ecbbd960d40633c935248f6445674510b420a4de33c2
771822c66ddc3a6e7a5f58220b5ae8e0a11e7601728948079207bbdb81b0dec5
78466fda30e6af64cbc2a6736856fbfaff224e0578fca2e91921d1df4c2ed42a
7b92364eeadc9387d0532a4c0394d1562e4c436875c3d72c7ea4f5ea0b6fe2e5
7e9c87999acc240466cdfb153c8b70284a6d8b0e357aa92212e21032ac44b4c8
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
95c854b131074e1eccfea61c2512e3e2fc0be8726e0ee100dc8f484aaa49f264
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bdcb3d5b7d9642ebf3cd75c4cd744bc5c257ad6ff546fa5a0fb5bc6f207c82ca
c13d111f83f3dcfbdf19aa05f44ca2a6f69e1f9c5e802251d5b0d6e9b32aaea7
c252aae896f9e58d873a43f1e05ad778dc31a79b8b8b971704aa75b520711cdb
d4b5f32800565b3ddb18537f4b828e111db159d3f5690662351cc478a9aea7da
d82e0e431ac808d288ab3a58ae34c883470455fac1efbbac1294715555064a31
dbb7c51e1c72d4d59989ed12388c93c7bd9ac9ff79b79806550024bbcb3d52e9
dcca3ff1b07207a864c7d94b347e822932b14c188bba7b17d66230d811ebf4a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9
fe1a7351b191b443716153eb7bac15141bc52cf47e349d0286da3e93b85c5d5e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

cf.mybenefitsclub.com Open in urlscan Pro 172.67.69.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

0 %IPv6

8 Domains

14 Subdomains

13 IPs

2 Countries

852 kBTransfer

1398 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cf.mybenefitsclub.com Open in urlscan Pro
172.67.69.68 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

14
Subdomains

13
IPs

2
Countries

852 kB
Transfer

1398 kB
Size

3
Cookies

47 HTTP transactions
0 data transactions